Lucene search
K
WpvulndbRecent

14603 matches found

WPVulnDB
WPVulnDB
added 2023/02/27 12:0 a.m.21 views

Read More Excerpt Link <= 1.6 - Settings Update via CSRF

The plugin does not have CSRF check when updating its settings, which could allow attackers to make logged in admins perform such action via a CSRF attack...

8.8CVSS6.7AI score0.00256EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/27 12:0 a.m.31 views

Slimstat Analytics < 4.9.3.3 - Subscriber+ SQL Injection

The plugin does not prevent subscribers from rendering shortcodes that concatenates attributes directly into an SQL query. PoC While logged in as a subscriber, send the following request: await fetch'/wp-admin/admin-ajax.php',method:'POST', headers: 'Content-Type':...

8.8CVSS8.7AI score0.05141EPSS
Exploits3Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/27 12:0 a.m.13 views

Darcie < 1.1.6 - Reflected XSS

The theme does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS5.8AI score0.00382EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/27 12:0 a.m.22 views

Read More Excerpt Link < 1.6.1 - Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

4.3CVSS5.7AI score0.00296EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/27 12:0 a.m.16 views

Wholesale Suite < 2.1.5.1 - Subscriber+ Missing Authorization for Plugin Settings Change

The plugin does not adequately authorize settings changes, allowing users with a role as low as Subscriber to update plugin settings...

6.7AI score0.0046EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/27 12:0 a.m.14 views

WP Google Tag Manager <= 1.1 - Cross-Site Request Forgery (CSRF)

The plugin does not protect some of its actions against CSRF attacks, allowing an unauthenticated attacker to perform actions on their behalf by tricking a logged in administrator to submit a crafted request...

8.8CVSS6.8AI score0.00256EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/27 12:0 a.m.16 views

WooCommerce Multiple Customer Addresses & Shipping < 21.7 - Arbitrary Address Creation/Deletion/Access/Update via IDOR

The plugin does not ensure that the address to add/update/retrieve/delete and duplicate belong to the user making the request, or is from a high privilege users, allowing any authenticated users, such as subscriber to add/update/duplicate/delete as well as retrieve addresses of other users. PoC R...

8.8CVSS8.4AI score0.01196EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/27 12:0 a.m.17 views

Paid Memberships Pro < 2.9.12 - Subscriber+ SQL Injection

The plugin does not prevent subscribers from rendering shortcodes that concatenate attributes directly into an SQL query. PoC While logged in as a subscriber, send the following request: await fetch'/wp-admin/admin-ajax.php',method:'POST', headers: 'Content-Type':...

8.8CVSS8.7AI score0.60452EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/27 12:0 a.m.12 views

Dashboard Widgets Suite < 3.2.2 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/27 12:0 a.m.32 views

GN Publisher < 1.5.6 - Reflected XSS

The plugin does not sanitise and escape the tab parameter before outputting it back in a page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC...

6.1CVSS6AI score0.0126EPSS
Exploits3Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/27 12:0 a.m.20 views

Maspik – Spam blacklist < 0.7.9 - Cross-Site Request Forgery (CSRF)

The plugin does not protect some of its actions in the file /admin/partials/contact-forms-anti-spam-log.php against CSRF attacks, allowing an unauthenticated attacker to clear plugin logs and stat counter by tricking a logged in user to submit a crafted request...

8.8CVSS6.8AI score0.00256EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/27 12:0 a.m.16 views

WP Meta SEO < 4.5.3 - Subscriber+ SQLi

The plugin does not properly sanitize and escape inputs into SQL queries, leading to a blind SQL Injection vulnerability that can be exploited by subscriber+ users. PoC Run the following js code in your web console on the dashboard as a subscriber: fetch 'admin-ajax.php', method: 'POST', headers:...

8.8CVSS9AI score0.00907EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/24 12:0 a.m.15 views

WP Meta SEO < 4.5.4 - Subscriber+ SiteMap Settings Update

The plugin does not have authorisation check when updating its SiteMaps settings, which could allow any authenticated users, such as subscriber to update them...

5.4CVSS5.1AI score0.00538EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/24 12:0 a.m.17 views

Sp*tify Play Button for WordPress < 2.06 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.1AI score0.0037EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/24 12:0 a.m.23 views

Feed Them Social <= 3.0.2 - Settings Update via CSRF

The plugin does not have CSRF check when updating its settings, which could allow attackers to make logged in admins perform such action via a CSRF attack...

8.8CVSS6.7AI score0.00256EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/24 12:0 a.m.40 views

All in One SEO Pack < 4.3.0 - Admin+ Stored XSS

The plugin does not sanitise and escape multiple parameters, which could allow high privilege users such as admin to perform Stored XSS attacks even when unfilteredhtml is disallowed...

4.8CVSS5.1AI score0.00776EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/24 12:0 a.m.19 views

Chat Bee <= 1.1.0 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/24 12:0 a.m.33 views

All in One SEO Pack < 4.3.0 - Contributor+ Stored XSS

The plugin does not sanitise and escape multiple parameters, which could allow users with a role as low as contributor to perform Stored XSS attacks...

6.4CVSS5.1AI score0.02526EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/24 12:0 a.m.18 views

WP Meta SEO < 4.5.4 - Subscriber+ Google Analytics Settings Update

The plugin does not have authorisation check when updating its Google Analytics settings, which could allow any authenticated users, such as subscriber to update them...

5.4CVSS5.1AI score0.00559EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/23 12:0 a.m.9 views

The Post Grid <= 5.0.4 - Settings Update via CSRF

The plugin does not have CSRF check when updating its settings, which could allow attackers to make logged-in admins perform such action via a CSRF attack...

8.8CVSS6.7AI score0.00256EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/23 12:0 a.m.17 views

CPT - Speakers <= 1.1 - Admin+ Stored XSS

The plugin does not sanitise and escape some parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/23 12:0 a.m.20 views

ReviewX < 1.6.4 - Subscriber+ SQLi

The plugin does not properly sanitise and escape the filterValue and selectedColumns parameters before using them in SQL statements via the rxexportreview AJAX action available to any authenticated users, leading to a SQL injection exploitable by users with a role as low as subscriber PoC Run the...

8.8CVSS9.1AI score0.00872EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/23 12:0 a.m.20 views

Simple Portfolio Gallery <= 0.1 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/23 12:0 a.m.15 views

Admin Block Country <= 7.1.4 - Cross-Site Request Forgery (CSRF)

The plugin does not protect some of its actions in the adminblockcountryinitialpage function against CSRF attacks, allowing an attacker to modify country blocks or methods on their behalf by tricking a logged in administrator to submit a crafted request...

8.8CVSS6.7AI score0.00256EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/23 12:0 a.m.18 views

VK All in One Expansion Unit < 9.87.1.0 - Reflected XSS

The plugin does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers PoC Make a logged in admin open the below URL using web browser which does not encode characters...

6.1CVSS6.1AI score0.00519EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/23 12:0 a.m.22 views

Organization chart < 1.4.5 - Multiple CSRF

The plugin does not have CSRF checks in some places, for example when updating/deleting/duplicating popups, tree and themes from the plugin, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS8.3AI score0.00271EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/23 12:0 a.m.12 views

TypeSquare Webfonts for ConoHa < 2.0.4 - Admin+ Stored XSS

The plugin does not sanitise and escape some parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/23 12:0 a.m.14 views

Simple YouTube Responsive < 3.0 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.1AI score0.00361EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/23 12:0 a.m.83 views

BuddyForms < 2.7.8 - Unauthenticated PHAR Deserialization

The plugin does not validate the url parameter of its uploadimagefromurl AJAX action, which could allow unauthenticated attackers to perform PHAR deserialisation granted they an upload a file to the server and a suitable gadget chain is present as well PoC 1. Create a malicious phar file. 2...

9.8CVSS9AI score0.03824EPSS
Exploits5Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/23 12:0 a.m.9 views

CM Answers < 3.2.0 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/23 12:0 a.m.22 views

ChatBot < 4.3.0 - Settings Reset via CSRF

The plugin does not have CSRF check when resetting its settings, which could allow attackers to make logged in admin perform such action via a CSRF attack...

8.8CVSS8.2AI score0.00264EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/23 12:0 a.m.24 views

For the visually impaired <= 0.58 - Cross-Site Request Forgery (CSRF)

The plugin does not protect its vipluginsetupmenu function against CSRF attacks, allowing an unauthenticated attacker to update plugin settings by tricking a logged in user to submit a crafted request...

8.8CVSS6.8AI score0.00256EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/23 12:0 a.m.18 views

Custom Login Page <= 2.0 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/22 12:0 a.m.16 views

GoToWP <= 5.1.1 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC registermeeting type='"...

5.4CVSS5.4AI score0.00444EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/22 12:0 a.m.22 views

Auto Affiliate Links < 6.3.0.3 - Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

8.8CVSS8.2AI score0.00248EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/22 12:0 a.m.24 views

Integration for Contact Form 7 and Zoho CRM, Bigin < 1.2.3 - Cross-Site Request Forgery (CSRF)

The plugin does not protect its settingspage action against CSRF attacks, allowing an attacker to update the plugin settings on their behalf by tricking a logged in admin to submit a crafted request...

8.8CVSS6.6AI score0.00256EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/22 12:0 a.m.11 views

Hero Banner Ultimate <= 1.3.4 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.1AI score0.00361EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/22 12:0 a.m.22 views

Top 10 < 3.2.5 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/22 12:0 a.m.15 views

Accordions < 2.3.1 - Admin+ Stored XSS

The plugin does not sanitise and escape some parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/21 12:0 a.m.15 views

Saan World Clock <= 1.8 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC wclock tz='" onmouseover="alert1"...

5.4CVSS5AI score0.00471EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/21 12:0 a.m.13 views

React Webcam <= 1.2.0 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC reactwebcam dir='" onmouseover="alert1"...

5.4CVSS5AI score0.00471EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/21 12:0 a.m.14 views

Educare – Students & Result Management System <= 1.4.2 - Cross-Site Request Forgery (CSRF)

The plugin does not protect some of its actions against CSRF attacks, allowing an attacker to perform actions on their behalf by tricking a logged in high privileged user to submit a crafted request...

8.8CVSS8AI score0.00256EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/21 12:0 a.m.18 views

WP OAuth Server < 4.3.0 - Subscriber+ Arbitrary Client Deletion

The plugin has a flawed CSRF and authorisation check when deleting a client, which could allow any authenticated users, such as subscriber to delete arbitrary client. PoC Run the below command in the developer console of the web browser while being on the blog as any authenticated users, such as...

4.3CVSS5.2AI score0.00262EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/21 12:0 a.m.19 views

GetResponse for WordPress <= 5.5.31 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC grwebform center='on'...

5.4CVSS5AI score0.00534EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/21 12:0 a.m.15 views

Advanced Database Cleaner <= 3.1.1 - Settings Update via CSRF

The plugin does not have CSRF check when updating its settings, which could allow attackers to make logged-in admins perform such action via a CSRF attack...

8.8CVSS6.7AI score0.00256EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/21 12:0 a.m.22 views

WP OAuth Server < 4.2.5 - Arbitrary Post Deletion via CSRF

The plugin does not have CSRF check when deleting a client, and does not ensure that the object to be deleted is actually a client, which could allow attackers to make a logged in admin delete arbitrary client and post via a CSRF attack. PoC fetch'/wp-admin/admin-ajax.php', method: 'POST', header...

4.3CVSS5.4AI score0.00252EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/21 12:0 a.m.27 views

ProfilePress < 4.5.5 - Reflected XSS

The plugin does not sanitise and escape various parameters before outputting them back in pages, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS5.7AI score0.00411EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/21 12:0 a.m.21 views

Minify HTML <= 2.1.7 - Settings Update via CSRF

The plugin does not have CSRF check when updating its settings, which could allow attackers to make logged in admins perform such action via a CSRF attack...

8.8CVSS6.7AI score0.00256EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/21 12:0 a.m.24 views

Japanized For WooCommerce < 2.5.5 - Reflected XSS

The plugin does not sanitise and escape the tab parameter before outputting it back in a page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC https://example.com/wp-admin/admin.php?page=wc4jp-options=a...

6.1CVSS6AI score0.01213EPSS
Exploits3Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/21 12:0 a.m.13 views

real.Kit < 5.1.1 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC modal open='1' class='"...

5.4CVSS5AI score0.00471EPSS
Exploits2Affected Software1
Total number of security vulnerabilities14603