Lucene search
K
WpvulndbRecent

14603 matches found

WPVulnDB
WPVulnDB
•added 2023/04/03 12:0 a.m.•22 views

Product page shipping calculator for WooCommerce < 1.3.21 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/03 12:0 a.m.•13 views

WP FEvents Book <= 0.46 - Subscriber+ Arbitrary Booking Manipulation via IDOR

The plugin does not ensures that bookings to be updated belong to the user making the request, allowing any authenticated user to book, add notes, or cancel booking on behalf of other users. PoC 1. Book or cancel booking an event using an authenticated user. 2. Intercept the request using an HTTP...

6.5CVSS6.7AI score0.00555EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/03 12:0 a.m.•18 views

Steveas WP Live Chat Shoutbox <= 1.4.2 - Unauthenticated SQLi

The plugin does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection. PoC Submit a message in the chatbox, intercept the request using Burp Suite for example. Edit the request to reflect this...

9.8CVSS9.4AI score0.0499EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/03 12:0 a.m.•11 views

CopySafe Web Protection < 3.14 - Unauthenticated Reflected XSS

The plugin does not properly sanitize and escape the file name in it's file uploads functionality before reflecting it back on the page, allowing an unauthenticated attacker to inject arbitrary web scripts via the filename of uploaded files...

7.1CVSS6.9AI score0.00382EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/03 12:0 a.m.•36 views

WPCode Lite < 2.0.9 - Arbitrary Log File Deletion via CSRF

The plugin has a flawed CSRF when deleting log, and does not ensure that the file to be deleted is inside the expected folder. This could allow attackers to make users with the wpcodeactivatesnippets capability delete arbitrary log files on the server, including outside of the blog folders PoC Ma...

6.5CVSS6.7AI score0.00307EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/03 12:0 a.m.•20 views

Steveas WP Live Chat Shoutbox <= 1.4.2 - Unauthenticated Stored XSS

The plugin does not sanitise and escape a parameter before outputting it back in the Shoutbox, leading to Stored Cross-Site Scripting which could be used against high privilege users such as admins. PoC On a clean Wordpress on localhost: 1. Modify the Shoutboxalias cookie with a value such as 2...

6.1CVSS5.9AI score0.00458EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/03 12:0 a.m.•18 views

Magic Post Thumbnail < 4.1.11 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6.4AI score0.00382EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/03 12:0 a.m.•23 views

Ajax Search Lite Pro < 4.26.2 - Multiple Reflected Cross-Site Scripting

The plugin does not sanitise and escape various parameters before outputting them back in pages, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC Make a logged in admin open a page with the code below...

6.1CVSS6.3AI score0.00458EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/03 12:0 a.m.•14 views

Random Text <= 0.3.0 - Subscriber+ SQLi

The plugin does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by any authenticated users, such as subscribers. PoC fetch'/wp-admin/admin-ajax.php', method: 'POST', headers: new Headers 'Content-Type':...

8.8CVSS9AI score0.0089EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/01 12:0 a.m.•20 views

Weaver Show Posts < 1.7 - Contributor+ Stored Cross-Site Scripting

The plugin does not properly escape the profile display name, leading to stored Cross-Site Scripting vulnerabilities...

6.4CVSS6AI score0.00508EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/31 12:0 a.m.•14 views

Health Check & Troubleshooting < 1.6.0 - CSRF

The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS6.7AI score0.00271EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/31 12:0 a.m.•29 views

Enhanced WP Contact Form <= 2.3 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/31 12:0 a.m.•21 views

Really Simple Google Tag Manager < 1.0.7 - Arbitrary Plugin Activation via CSRF

The plugin does not have CSRF checks when activating plugins, which could allow attackers to make logged in users perform such action via a CSRF attack...

8.8CVSS8.5AI score0.00256EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/30 12:0 a.m.•15 views

Premmerce Redirect Manager <= 1.0.10 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/30 12:0 a.m.•14 views

PixFields <= 0.7.0 - Contributor+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some parameters, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks...

6.5CVSS6.1AI score0.00361EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/30 12:0 a.m.•12 views

Configurable Tag Cloud < 5.3 - Cross-Site Request Forgery

Cross-Site Request Forgery CSRF vulnerability in Keith Solomon Configurable Tag Cloud CTC plugin = 5.2 versions...

8.8CVSS6.9AI score0.00312EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/30 12:0 a.m.•8 views

HT Menu < 1.2.2 - Cross-Site Request Forgery

The plugin does not adequately validate certain requests use nonces, which can lead to a Cross-Site Request Forgery CSRF vulnerability...

8.8CVSS6.8AI score0.00256EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/30 12:0 a.m.•19 views

Premmerce Redirect Manager <= 1.0.10 - Cross-Site Request Forgery

The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS8.3AI score0.00321EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/30 12:0 a.m.•25 views

affiliate-toolkit – WordPress Affiliate < 3.3.4 - Editor+ Stored XSS

The plugin does not sanitise and escape some parameters, which could allow users with a role as low as Editor to perform Cross-Site Scripting attacks...

5.9CVSS6.1AI score0.00358EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/30 12:0 a.m.•22 views

JustTables – WooCommerce Product Table < 1.5.0 - Cross-Site Request Forgery

The plugin does not adequately protect against CSRF attacks, leading to potential unauthorized actions...

8.8CVSS6.8AI score0.00256EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/29 12:0 a.m.•15 views

Wp Ultimate Review < 2.1.0 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/29 12:0 a.m.•12 views

Mega Main Menu <= 2.2.2 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.5CVSS5.5AI score0.00373EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/29 12:0 a.m.•25 views

Easy Forms for MailChimp < 6.8.8 - Reflected XSS

The plugin does not sanitise and escape some parameters before outputting them back in the response, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC Make a logged in admin open a page with the following code this requires the attacker...

6.1CVSS6.2AI score0.00559EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/29 12:0 a.m.•17 views

Happy Addons for Elementor < 3.8.3 - Cross-Site Request Forgery

Cross-Site Request Forgery CSRF vulnerability in weDevs Happy Addons for Elementor plugin = 3.8.2 versions...

8.8CVSS6.9AI score0.00321EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/29 12:0 a.m.•17 views

Affiliates Manager < 2.9.21 - Cross-Site Request Forgery

Cross-Site Request Forgery CSRF vulnerability in wp.Insider, wpaffiliatemgr Affiliates Manager plugin = 2.9.20 versions...

8.8CVSS6.9AI score0.00312EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/29 12:0 a.m.•17 views

GMAce <= 1.5.2 - Arbitrary File Creation/Deletion/Update via CSRF

The plugin does not have CSRF checks in the gmacemanagerserver function, which could allow attackers to make logged in admins create, delete and update arbitrary files via a CSRF attack...

8.8CVSS8.3AI score0.00594EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/29 12:0 a.m.•13 views

Simple Image Popup < 2.0.0 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00421EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/29 12:0 a.m.•18 views

Weaver Xtreme Theme Support < 6.2.7 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC Required theme:...

5.4CVSS5AI score0.00471EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/28 12:0 a.m.•17 views

Product Specifications for Woocommerce < 0.7.0 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape URL parameters before outputting them back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6AI score0.00382EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/28 12:0 a.m.•23 views

Easy Media Replace < 0.2.0 - Author+ File Deletion

The plugin does not validate path of files to be deleted, which could allow users with a role of Author and above to delete files with an allowed extension...

6.7AI score0.00596EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/28 12:0 a.m.•14 views

Woocommerce Custom Checkout Fields Editor With Drag & Drop <= 0.1 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape the "tab" parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6AI score0.00382EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/28 12:0 a.m.•49 views

Elementor Pro < 3.11.7 - Subscriber+ Arbitrary Options Update

The plugin does not have authorisation in an AJAX action relying only on a nonce, which is available to any authenticated users, and does not validate the options to be updated. This allows any authenticated users, such as subscriber to update arbitrary blog options, such as the defaultrole, when...

8.8CVSS6.5AI score0.2272EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/28 12:0 a.m.•17 views

Video Central for WordPress <= 1.3.0 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC video-central-subtitle src="'...

5.4CVSS5.4AI score0.00444EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/28 12:0 a.m.•15 views

MS-Reviews <= 1.5 - Subscriber+ Stored XSS

The plugin does not sanitise and escape reviews, which could allow users any authenticated users, such as Subscribers to perform Stored Cross-Site Scripting attacks PoC As a subscriber, submit a review a page/post with msreviews embed with the following payload: The XSS will be triggered when...

5.4CVSS5.1AI score0.00441EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/28 12:0 a.m.•16 views

IP Blocker Lite <= 11.1.1 - Cross-Site Request Forgery

Cross-Site Request Forgery CSRF vulnerability in LionScripts.Com LionScripts: IP Blocker Lite plugin = 11.1.1 versions...

8.8CVSS6.9AI score0.00312EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/28 12:0 a.m.•17 views

Advanced Shipment Tracking for WooCommerce <= 3.5.2 - CSRF

The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS6.7AI score0.00256EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/27 12:0 a.m.•28 views

Easy Forms for MailChimp < 6.8.7 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC As a contributor, put the below shortcod...

5.4CVSS5.2AI score0.00529EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/27 12:0 a.m.•17 views

Newsletter < 7.6.9 - Reflected XSS

The plugin does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as administrators PoC Make a logged in admin open https://example.com/wp-admin/admin.php?page=newslettersystemstatus"...

6.1CVSS5.6AI score0.01198EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/27 12:0 a.m.•20 views

Photo Gallery by 10Web < 1.8.15 - Admin+ Path Traversal

- The plugin did not ensure that uploaded files are kept inside its uploads folder, allowing high privilege users to put images anywhere in the filesystem via a path traversal vector. - Path Traversal Vulnerabillity also allows listing the entire folder & image file in the system. PoC - The...

4.9CVSS5.3AI score0.00783EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/27 12:0 a.m.•15 views

Gallery by BestWebSoft < 4.7.0 - Author+ Stored Cross-Site Scripting

The plugin does not perform proper sanitization of gallery information, leading to a Stored Cross-Site Scription vulnerability. The attacker must have at least the privileges of the Author role. PoC 1. Go to Galleries Add New. 2. Click "Add Media" and choose or upload an image. 3. When...

5.4CVSS5.5AI score0.00444EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/27 12:0 a.m.•21 views

Gallery by BestWebSoft < 4.7.0 - Author+ SQL Injection

The plugin does not properly escape values used in SQL queries, leading to an Blind SQL Injection vulnerability. The attacker must have at least the privileges of an Author, and the vendor's Slider plugin https://wordpress.org/plugins/slider-bws/ must also be installed for this vulnerability to b...

8.8CVSS9.1AI score0.00873EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/27 12:0 a.m.•15 views

WC Fields Factory < 4.1.7 - ShopManager+ SQLi

The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin PoC...

7.2CVSS7.8AI score0.00909EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/27 12:0 a.m.•26 views

Continuous Image Carousel With Lightbox < 1.0.16 - Reflected XSS

The plugin does not sanitise and escape some parameters before outputting them back, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6.5AI score0.00382EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/27 12:0 a.m.•14 views

Responsive WordPress Slideshows 3.29.0 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC Make a logged in admin open a page with the code below...

6.1CVSS6.2AI score0.00458EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/27 12:0 a.m.•14 views

Greenshift < 5.0.0 - Author+ Stored XSS

The plugin does not sanitise uploaded SVG files, which could allow users with a role as low as Author to perform Stored Cross-Site Scripting attacks...

5.9CVSS5.1AI score0.00404EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/27 12:0 a.m.•18 views

Review Stream <= 1.6.5 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/27 12:0 a.m.•11 views

Contest Gallery < 21.1.2.1 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6AI score0.00382EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/27 12:0 a.m.•15 views

Albo Pretorio Online < 4.6.1 - Reflected XSS

The plugin does not sanitise and escape the Errore parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS8.7AI score0.00382EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/27 12:0 a.m.•13 views

TF Random Numbers < 2.0.1 - Subscriber+ Arbitrary Option Update

The plugin does not have authorisation and CSRF check in an AJAX action, and does not ensure that the options to be updated belong to the plugin. As a result, it could allow any authenticated users, such as subscriber, to update arbitrary blog options, such as enabling registration and set the...

6.5CVSS6.8AI score0.00301EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/27 12:0 a.m.•24 views

Contact Forms by Cimatti < 1.5.5 - Reflected XSS

The plugin does not sanitise and escape various parameters before outputting them back in pages, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6.4AI score0.00382EPSS
Exploits0Affected Software1
Total number of security vulnerabilities14603