Lucene search
K
WpvulndbRecent

14603 matches found

WPVulnDB
WPVulnDB
•added 2023/04/28 12:0 a.m.•12 views

Maintenance Switch <= 1.5.2 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6AI score0.00382EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/28 12:0 a.m.•18 views

WP Search Analytics < 1.4.6 - Admin+ Stored XSS

The plugin does not sanitise and escape some parameters, which could allow users with a role of Administrator to perform Cross-Site Scripting attacks...

5.9CVSS6.1AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/28 12:0 a.m.•17 views

Mass Email To users < 1.1.5 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6AI score0.00382EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/28 12:0 a.m.•14 views

User IP and Location < 2.2.1 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.8AI score0.00361EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/28 12:0 a.m.•24 views

WP-CORS <= 0.2.1 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/28 12:0 a.m.•14 views

Photo Gallery Slideshow & Masonry Tiled Gallery < 1.0.14 - Reflected Cross-Site Scripting

The plugin does not properly sanitize and escape the searchterm parameter, leading to Reflected Cross-Site Scripting vulnerability...

6.1CVSS6.1AI score0.00433EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/26 12:0 a.m.•30 views

Booking Manager < 2.0.29 - Subscriber+ SSRF

The plugin does not validate URLs input in it's admin panel or in shortcodes for showing events from a remote .ics file, allowing an attacker with privileges as low as Subscriber to perform SSRF attacks on the sites internal network. PoC As an admin: Type in an internal URL for example...

6.3AI score0.00823EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/26 12:0 a.m.•19 views

ClickFunnels <= 3.1.1 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. PoC clickfunnelsembed url="javascript:alert1"...

5.4AI score0.00444EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/26 12:0 a.m.•24 views

Image Optimizer by 10web < 1.0.27 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape the iowdtabsactive parameter before rendering it in the plugin admin panel, leading to a reflected Cross-Site Scripting vulnerability, allowing an attacker to trick a logged in admin to execute arbitrary javascript by clicking a link. PoC Make a logged in...

6.1AI score0.0085EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/26 12:0 a.m.•17 views

SEO ALert <= 1.59 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. PoC 1. Go to Vanilla Beans » SEO Alert. 2. In...

4.8AI score0.00472EPSS
Exploits3Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/26 12:0 a.m.•16 views

WP Inventory Manager < 2.1.0.13 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting. PoC 1. Go to WP Inventory Inventory Items and create a new Inventory Item. 2. Create a page and add the wpinventory shortcode. 3. View the new page on the...

6.1AI score0.01161EPSS
Exploits3References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/26 12:0 a.m.•19 views

WooCommerce Multivendor Marketplace – REST API < 1.6.0 - Subscriber+ Arbitrary Orders Item And Notes Update

The plugin does not properly implement capability checks on the 'getitem', 'getordernotes', and 'addordernote' functions, leading to potential unauthorized access and addition of those items by authenticated users with subscriber privileges or above...

6.7AI score
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/25 12:0 a.m.•12 views

Tiempo.com <= 0.1.2 - Stored XSS via CSRF

The plugin does not have CSRF check when creating and editing its shortcode, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack PoC Make a logged in admin open a page with the code below...

6.4AI score0.00237EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/25 12:0 a.m.•15 views

Ko-fi Button < 1.3.3 - Admin+ Stored XSS

The plugin does not properly some of its settings, which could allow high-privilege users to perform Stored Cross-Site Scripting XSS attacks even when the unfilteredhtml capability is disallowed for example in multisite setup, and we consider it a low risk. PoC 1. In the Kofi plugin settings,...

5.1AI score0.00442EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/25 12:0 a.m.•20 views

Shield Security < 17.0.18 - Subscriber+ Arbitrary Log Entry Creation

The plugin does not have authorisation in the theme-plugin-file AJAX action, allowing any authenticated users, such as subscriber to call it and add arbitrary audit log entries, which could also lead to Stored XSS due to the lack of escaping of some entry metadata...

4.3CVSS6.2AI score0.0055EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/25 12:0 a.m.•14 views

URL Params < 2.5 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC urlparam htmltag='h1' attr='a'...

6.1AI score0.00503EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/25 12:0 a.m.•24 views

YARPP - Yet Another Related Posts Plugin < 5.30.3 - Subscriber+ SQLi

The plugin does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscribers to perform SQL Injection attacks. PoC Run the below command in the developer console of the web browser while being on the...

7.4AI score0.0094EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/25 12:0 a.m.•18 views

Stream < 3.9.3 - Missing Authorization via load_alerts_settings

...

6.5AI score0.00652EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/25 12:0 a.m.•17 views

Viable blog <= 1.1.4 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6AI score0.00382EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/25 12:0 a.m.•17 views

WordPress Vertical Image Slider < 1.2.17 - Reflected Cross-Site Scripting

The plugin does not properly sanitize the 'searchterm' parameter, leading to Reflected Cross-Site Scripting vulnerability due to insufficient input sanitization and output escaping...

6.1CVSS10AI score0.00433EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/25 12:0 a.m.•27 views

Shield Security < 17.0.18 - Unauthenticated Stored XSS

The plugin does not escape the User Agent header retrieved via audit log records, which could allow unauthenticated attackers to perform Stored XSS attacks...

7.2CVSS6.2AI score0.93046EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/25 12:0 a.m.•11 views

Tiempo.com <= 0.1.2 - Reflected XSS

The plugin does not sanitise and escape the page parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC Make a logged in admin open a page with the code below...

6.3AI score0.0085EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/25 12:0 a.m.•14 views

REST API TO MiniProgram <= 4.6.1 - Subscriber+ Attachment Deletion

The plugin does not have authorisation and CSRF checks in an AJAX action, allowing ay authenticated users, such as subscriber to call and delete arbitrary attachments PoC fetch'https://example.com/wp-admin/admin-ajax.php', method: 'POST', headers: new Headers 'Content-Type':...

6.8AI score0.0028EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/25 12:0 a.m.•17 views

Arya Multipurpose <= 1.0.5 - Unauthenticated Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6AI score0.00382EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/25 12:0 a.m.•11 views

Tiempo.com <= 0.1.2 - Shortcode Deletion via CSRF

The plugin does not have CSRF check when deleting its shortcode, which could allow attackers to make logged in admins delete arbitrary shortcode via a CSRF attack PoC Make a logged in admin open the URL below, this will make them delete the shortcode with ID 1...

6.7AI score0.00252EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/24 12:0 a.m.•13 views

Rating Widget <= 3.2.0 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.1AI score0.00361EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/24 12:0 a.m.•23 views

0mk Shortener <= 0.2 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.9AI score0.00394EPSS
Exploits0
WPVulnDB
WPVulnDB
•added 2023/04/24 12:0 a.m.•15 views

tagDiv Composer < 4.0 - Reflected Cross-site Scripting

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC Make a logged in admin open a page containing the HTML code below...

6.1CVSS5.6AI score0.00506EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/24 12:0 a.m.•21 views

CRM Memberships <= 1.6 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/24 12:0 a.m.•22 views

Product Addons & Fields for WooCommerce < 32.0.6 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitize and escape some of its setting fields, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example, in multisite setup. PoC - Install the plugin and WooCommerce,...

4.8CVSS5.4AI score0.00461EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/24 12:0 a.m.•18 views

Ninja Forms < 3.6.22 - Reflected XSS

The plugin does not properly escape user input before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC Make a logged in admin open...

6.1CVSS5.6AI score0.00925EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/24 12:0 a.m.•14 views

Arconix Shortcodes <= 2.1.7 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.8AI score0.00361EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/24 12:0 a.m.•12 views

Forms Ada <= 1.0 - Unauthenticated Reflected XSS

The plugin does not sanitize and escape some of it's parameters before reflecting them back in the page, leading to a Reflected Cross-Site Scripting which could be used against high-privilege users such as admin...

7.1CVSS6.1AI score0.00382EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/24 12:0 a.m.•18 views

Tablesome < 1.0.9 - Reflected XSS

The plugin does not escape various generated URLs, before outputting them in attributes when some notices are displayed, leading to Reflected Cross-Site Scripting PoC Make a logged in admin open one of the URL below when the feature/tracking notice has not been dismissed yet...

6.1CVSS6.1AI score0.01067EPSS
Exploits3Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/24 12:0 a.m.•17 views

HTTP Headers < 1.18.8 - Admin+ SQL Injection

This plugin has an import functionality which executes arbitrary SQL on the server, leading to an SQL Injection vulnerability. PoC 1. Create an SQL file with the following contents: UPDATE wpoptions SET optionvalue = "Hacked" WHERE optionname = "blogname" 2. As an admin user within WP Admin,...

7.2CVSS8AI score0.00885EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/24 12:0 a.m.•22 views

WP Visitor Statistics (Real Time Traffic) < 6.9 - Unauthenticated SQLi

The plugin does not escape user input which is concatenated to an SQL query, allowing unauthenticated visitors to conduct SQL Injection attacks. PoC Note: The visitorId parameter's numerical prefix before the %27 must be different on each try...

9.8CVSS7.7AI score0.04234EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/24 12:0 a.m.•12 views

1app Business Forms <= 1.0.0 - Author+ Stored XSS

Description The plugin does not sanitise and escape some parameters, which could allow users such as author and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS6AI score0.0038EPSS
Exploits0
WPVulnDB
WPVulnDB
•added 2023/04/24 12:0 a.m.•24 views

Side Cart Woocommerce < 2.2 - Settings Reset via CSRF

The plugin does not have CSRF check when reseting its Settings, which could allow attackers to make logged in admins perform such action via a CSRF attack PoC Make a logged in admin open https://example.com/wp-admin/admin.php?page=side-cart-woocommerce-settings=yes...

8.8CVSS6.2AI score0.00273EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/23 12:0 a.m.•43 views

AI Contact Us Form <= 1.0 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00392EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/21 12:0 a.m.•16 views

Redirect After Login <= 0.1.9 - Admin+ Stored XSS

The plugin does not sanitise and escape some parameters, which could allow users with a role of Admin to perform Cross-Site Scripting attacks...

5.9CVSS6AI score0.00619EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/21 12:0 a.m.•14 views

Live Chat by Formilla < 1.3.1 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/21 12:0 a.m.•18 views

eRocket < 1.2.5 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00392EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/20 12:0 a.m.•26 views

Form Block < 1.0.2 - Form Submission via CSRF

The plugin does not have CSRF checks when submitting forms, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

6.5CVSS6.3AI score0.00295EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/20 12:0 a.m.•28 views

CMS Tree Page View < 1.6.8 - Reflected XSS

The plugin does not sanitise and escape some parameters before outputting them back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6AI score0.03995EPSS
Exploits3Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/20 12:0 a.m.•22 views

Verified Reviews < 2.3.15 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.5AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/20 12:0 a.m.•24 views

ActiveCampaign < 8.1.12 - Contributor+ Stored XSS

The plugin does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC As a contributor, add a "AC Forms" Gutenberg block ...

5.4CVSS7.5AI score0.00462EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/20 12:0 a.m.•16 views

Mail Subscribe List <= 2.1.9 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.8AI score0.0037EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/19 12:0 a.m.•20 views

WP-dTree <= 4.4.5 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00392EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/19 12:0 a.m.•35 views

Simple Tooltips <= 2.1.4 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00392EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/19 12:0 a.m.•13 views

Simple Share Buttons Adder <= 8.4.8 - CSRF

The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS8.3AI score0.00271EPSS
Exploits0Affected Software1
Total number of security vulnerabilities14603