Lucene search
K
WpvulndbRecent

14603 matches found

WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.12 views

Update Image Tag Alt Attribute <= 2.4.5 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6AI score0.00382EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.22 views

WCP Contact Form <= 3.1.0 - Reflected XSS

The plugin does not sanitise and escape the tab parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6AI score0.00382EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.17 views

RapidExpCart <= 1.0 - Stored XSS via CSRF

The plugin does not sanitize and escape the url parameter in the rapidexpcart endpoint before storing it and outputting it back in the page, leading to a Stored Cross-Site Scripting vulnerability which could be used against high-privilege users such as admin, furthermore lack of csrf protection...

5.4CVSS8.1AI score0.00239EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.17 views

Charitable < 1.7.0.11 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6AI score0.00382EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.18 views

WooCommerce Order Status Change Notifier <= 1.1.0 - Subscriber+ Arbitrary Order Status Update

The plugin does not have authorisation and CSRF when updating status orders via an AJAX action available to any authenticated users, which could allow low privilege users such as subscriber to update arbitrary order status, making them paid without actually paying for them for example PoC Run the...

6.5CVSS9AI score0.00337EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.11 views

Help Desk WP <= 1.2.0 - Editor+ Stored XSS

The plugin does not sanitise and escape some parameters, which could allow users with a role as low as Editor to perform Cross-Site Scripting attacks. PoC 1. Using a user with Editor Role privileges, go to the support page assigned for the Help Desk WP Plugin. 2. Click on "Add New Ticket", and...

5.4CVSS8.3AI score0.00462EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.10 views

Login Page Styler <= 6.2 - Admin+ Stored XSS

The plugin does not sanitise and escape some parameters, which could allow users with a role of Admin to perform Cross-Site Scripting attacks...

5.9CVSS6.1AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.13 views

Ebook Store < 5.78 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.18 views

GDPR Compliance & Cookie Consent <= 1.2 - CSRF

The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS6.7AI score0.00271EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.19 views

EZP Maintenance Mode <= 1.0.1 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00461EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.24 views

SparkPost <= 3.2.5 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00392EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.13 views

BizLibrary <= 1.1 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. Login as Admin. 2. Go to...

4.8CVSS7.4AI score0.00489EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.13 views

Pearl <= 1.3.4 - CSRF

The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS6.7AI score0.00264EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.12 views

File Gallery < 1.8.5.4 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.8AI score0.00361EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.16 views

White Label Branding for Elementor Page Builder <= 1.0.2 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00392EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.23 views

KIWIZ Invoices Certification & PDF System <= 2.1.3 - Unauthenticated Arbitrary File Download

The plugin does not validate the path of files to be downloaded, which could allow unauthenticated attacker to read/downlaod arbitrary files, as well as perform PHAR unserialization assuming they can upload a file on the server PoC To download ../../../../wp-config.php:...

7.5CVSS9.1AI score0.00866EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.18 views

Ebook Store < 5.78 - Unauthenticated Sensitive Data Disclose

The plugin does not have authorisation check in its ebookstoreexportorders function, allowing unauthenticated users to call it and retrieve order information...

6.9AI score0.01009EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.24 views

ShopEngine < 4.1.2 - CSRF

The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS6.7AI score0.00248EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.21 views

Easy Ad Manager <= 1.0.0 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00392EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.20 views

WP Original Media Path < 2.4.1 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00392EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.16 views

Category Specific RSS feed Subscription < 2.3 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS8.2AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.19 views

Continuous announcement scroller <= 13.0 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00392EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.16 views

Flyzoo Chat <= 2.3.3 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.11 views

Woocommerce Product Designer <= 4.3.3 - CSRF

The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS6.7AI score0.00264EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.15 views

WP Links Page < 4.9.4 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.8AI score0.0037EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.13 views

Liquid Speech Balloon < 1.2 - Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

8.8CVSS8.7AI score0.00457EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.15 views

Social Share Boost <= 4.4 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.8AI score0.00383EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.21 views

Uji Popup <= 1.4.3 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.8AI score0.00361EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.26 views

Bit Form < 1.9 - RCE via Unauthenticated Arbitrary File Upload

The plugin does not validate the file types uploaded via it's file upload form field, allowing unauthenticated users to upload arbitrary files types such as PHP or HTML files to the server, leading to Remote Code Execution. PoC As an unauthenticated user access a form containing a File Upload for...

9.8CVSS6.9AI score0.01785EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.15 views

Active Directory Integration / LDAP Integration < 4.1.1 - Unauthenticated Data Disclosure

The plugin does not have proper authorization or nonce values for some POST requests, leading to unauthenticated data disclosure. In version 4.1.0 a nonce check was added to the request, but it still lacked authorization. PoC The admininit hook calls MoLdapLocalLogin class loginwidgetsaveoptions...

7.5CVSS8.3AI score0.00819EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.18 views

Ad Inserter < 2.7.27 - Admin+ PHP Object Injection

The plugin unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present PoC To simulate a gadget chain, put the following code in a plugin: class Evil public function wakeup : void...

7.2CVSS9.3AI score0.16903EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.13 views

Yatra < 2.1.15 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.5AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.12 views

Ninja Tables < 4.3.5 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.0042EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.14 views

ARMember < 4.0.2 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS10AI score0.00382EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.16 views

Gallery Metabox <= 1.5 - Gallery Removal via CSRF

The plugin does not have CSRF check when removing galleries, which could allow attackers to make logged-in admins perform such action via a CSRF attack...

8.8CVSS6.7AI score0.00271EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.16 views

Kodex Posts likes <= 2.4.3 - CSRF

The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS6.7AI score0.00271EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.19 views

WP Responsive Tabs horizontal vertical and accordion Tabs < 1.1.16 - Reflected Cross-Site Scripting

The plugin does not properly sanitize and escape the 'searchterm' parameter, leading to a Reflected Cross-Site Scripting vulnerability...

6.1CVSS6.1AI score0.00433EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.18 views

Motors – Car Dealer & Classified Ads < 1.4.5 - CSRF

The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS8.3AI score0.00248EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.13 views

FormCraft <= 1.2.6 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.8AI score0.00361EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.15 views

Reservation.Studio widget < 1.0.12 - Cross-Site Request Forgery

The plugin does not properly validate requests use nonces, leading to a Cross-Site Request Forgery CSRF vulnerability...

8.8CVSS8.3AI score0.00271EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.17 views

Layer Slider <= 1.1.9.7 - Cross-Site Request Forgery

The plugin does not adequately protect against Cross-Site Request Forgery CSRF attacks...

7.1CVSS6.9AI score0.00257EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/18 12:0 a.m.13 views

Jetpack CRM < 5.4.0 - PHAR Deserialisation via CSRF

The plugin does not have CSRF proper check in step 2 and 3 of the zeroBSCRMCSVImporterLitehtmlapp function, which then call fileexists on user input, which could allow unauthenticated users to perform PHAR Deserialisation attacks if they can upload a malicious file using a gadget chain, and then...

6.9AI score0.00977EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/18 12:0 a.m.25 views

TaxoPress < 3.6.5 - Editor+ Stored XSS

The plugin does not sanitise and escape some parameters, which could allow high privilege users such as Editor to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.5CVSS5.1AI score0.00521EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/18 12:0 a.m.38 views

YARPP - Yet Another Related Posts Plugin < 5.30.5 - Subscriber+ LFI

The plugin does not validate a parameter before using it in an include statement, allowing any authenticated users, such as subscriber to perform LFI attacks...

8.8AI score0.00843EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/18 12:0 a.m.21 views

Pretty Url <= 1.5.4 - Admin+ Stored XSS in plugin settings

Plugin does not sanitize and escape the URL field in the plugin settings, which could allow high-privilege users to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. PoC 1. In the "Enter the URL: field, add the XSS...

4.8CVSS7.4AI score0.00824EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/18 12:0 a.m.17 views

Clock In Portal <= 2.1 - Holidays Deletion via CSRF

The plugin does not have CSRF check when deleting Holidays, which could allow attackers to make logged in admins delete arbitrary holidays via a CSRF attack PoC Make a logged in admin open a page with the code below, this will make them delete the Holiday with ID 1...

4.3CVSS8.4AI score0.00278EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/18 12:0 a.m.14 views

Stream < 3.9.3 - CSRF

The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS6.7AI score0.00264EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/18 12:0 a.m.29 views

CMP – Coming Soon & Maintenance < 4.1.8 - Maintenance Mode Bypass

The plugin does not properly secure maintenance mode, allowing users to bypass it by using a correct cmpbypass GET parameter in the URL...

5.3CVSS6.7AI score0.00772EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/18 12:0 a.m.17 views

Clock In Portal <= 2.1 - Designation Deletion via CSRF

The plugin does not have CSRF check when deleting designations, which could allow attackers to make logged in admins delete arbitrary designations via a CSRF attack PoC Make a logged in admin open a page with the code below, this will make them delete the Designation with ID 2...

4.3CVSS8.4AI score0.00278EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/18 12:0 a.m.14 views

BBSpoiler <= 2.01 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.8AI score0.00361EPSS
Exploits0Affected Software1
Total number of security vulnerabilities14603