Lucene search
K
WpvulndbRecent

14603 matches found

WPVulnDB
WPVulnDB
added 2023/02/12 12:0 a.m.30 views

Quiz And Survey Master < 8.0.8 - Text Message Setting Update via CSRF

The plugin does not have CSRF check when updating the Quiz Text Message Setting, which could allow attackers to make logged admin perform such actions via a CSRF attack...

8.8CVSS8.2AI score0.00384EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/10 12:0 a.m.22 views

Shortcodes Ultimate < 5.12.7 - Subscriber+ Arbitrary File Access

The plugin does not validate the url attribute of its sutable shortcode before displaying its content, which could allow any authenticated users, such as subscriber to read arbitrary files from the server when the "Unsafe Features" settings is enabled...

6.1AI score0.00591EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/10 12:0 a.m.16 views

Link Juice Keeper < 2.0.3 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00392EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/10 12:0 a.m.13 views

Shortcodes Ultimate < 5.12.7 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.1AI score0.00414EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/10 12:0 a.m.19 views

Quick Paypal Payments < 5.7.26 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00392EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/10 12:0 a.m.16 views

Shortcodes Ultimate < 5.12.7 - Subscriber+ SSRF

The plugin does not validate the url attribute of its sucsvtable shortcode before making a request to it, which could allow any authenticated users, such as subscriber to perform SSRF attacks...

6AI score0.00491EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/09 12:0 a.m.22 views

WPCode < 2.0.7 - Contributor+ WPCode Library Auth Key Update/Deletion

The plugin does not have adequate privilege checks in place for several AJAX actions, only checking the nonce. This may lead to allowing any authenticated user who can edit posts to call the endpoints related to WPCode Library authentication such as update and delete the auth key. PoC As a...

4.3CVSS5.7AI score0.00801EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/09 12:0 a.m.21 views

ImageMagick Engine < 1.7.6 - PHAR Deserialization via CSRF

The plugin does not validate the clipath parameter and does not have CSRF check, which could allow attackers to make a logged in admin call a file with a PHAR wrapper via a CSRF attack. This could lead to PHAR deserialization when a suitable gadget chain is present on the blog and the attacker...

8.8CVSS8.3AI score0.00626EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/09 12:0 a.m.17 views

Scriptless Social Sharing < 3.2.2 - Contributor+ Stored XSS

The plugin does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC Add a "Scriptless Social Sharing" Gutenberg block ...

5.4CVSS5.2AI score0.00811EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/08 12:0 a.m.19 views

Replyable < 2.2.10 - Subscriber+ PHP Object Injection

The plugin does not validate the class name submitted by the request when instantiating an object in the promptdismissnotice action and also lacks CSRF check in the related action. This could allow any authenticated users, such as subscriber to perform Object Injection attacks. The attack could...

8.8CVSS8.6AI score0.00511EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/08 12:0 a.m.13 views

Weixin Robot Advanced <= 6.0.1 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS5.7AI score0.00408EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/08 12:0 a.m.17 views

ColorWay <= 4.2.3 - Cross-Site Request Forgery

The plugin does not have CSRF checks in some places, which could allow attackers to make logged-in users perform unwanted actions via CSRF attacks. The original researcher didn't provide enough information on which actions could be performed...

8.8CVSS6.6AI score0.00273EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/07 12:0 a.m.27 views

Wicked Folders < 2.18.17 - Folder Structure Update via CSRF

The plugin does not have CSRF checks when managing its folder structure such as moving, deleting, creating etc folders, which could allow attackers to make logged admins perform such actions via CSRF attacks...

5.4CVSS5.4AI score0.00322EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/07 12:0 a.m.20 views

Slider by Supsystic <= 1.8.6 - CSRF

The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS8.3AI score0.00276EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/07 12:0 a.m.16 views

OWM Weather < 5.6.12 - Post Duplication via CSRF

The plugin does not have CSRF check when duplicating posts which will be duplicated as drafts, which could allow attackers to make logged in admin perform such action via a CSRF attack and fill up the post table...

4.3CVSS5.1AI score0.00231EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/07 12:0 a.m.36 views

Wicked Folders < 2.18.17 - Subscriber+ Folder Structure Update

The plugin does not have authorisation check when managing its folder structure such as moving, deleting, creating etc folders, which could allow any authenticated users, such as subscriber to perform such actions...

5.4CVSS5.3AI score0.00601EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/07 12:0 a.m.14 views

Yellow Yard < 2.8.12 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC yyfilter field='"...

5.5AI score0.00467EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/07 12:0 a.m.21 views

Responsive Pricing Table < 5.1.7 - Contributor+ Stored XSS

The plugin does not sanitise and escape the fields.title parameter, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.1AI score0.00492EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/07 12:0 a.m.15 views

Interactive Geo Maps < 1.5.11 - Editor+ Stored XSS

The plugin does not sanitise and escape some parameters before outputting them back in attributes, which could allow high privilege users such as editor to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

6.4CVSS5.6AI score0.00521EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/06 12:0 a.m.20 views

Quick Contact Form < 8.0.4 - Contributor+ Stored XSS

The plugin does not validate and escape some parameters, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.2AI score0.00386EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/06 12:0 a.m.10 views

Chained Quiz < 1.3.2.6 - Admin+ Stored XSS

The plugin does not sanitise and escape some parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00394EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/06 12:0 a.m.14 views

Icegram Collect < 1.3.9 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.9CVSS4.9AI score0.00394EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/06 12:0 a.m.19 views

Visualizer < 3.9.2 - Contributor+ Stored XSS

The plugin does not sanitise and escape some parameters in the renderChartPages function, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.1AI score0.00508EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/06 12:0 a.m.25 views

Conversios.io < 5.2.4 - Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

5.4CVSS5.1AI score0.00233EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/06 12:0 a.m.27 views

A2 Optimized WP < 3.0.5 - Data Collection Toggle via CSRF

The plugin does not have CSRF check in place when toggling its data Collection settings, which could allow attackers to make a logged in admin enabled/disable it via a CSRF attack...

4.3CVSS5.1AI score0.00233EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/06 12:0 a.m.24 views

GigPress <= 2.3.28 - Subscriber+ SQLi

The plugin does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscriber to perform SQL Injection attacks PoC Run the below commands in the developer console of the web browser while being on the...

8.8CVSS9AI score0.01301EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/06 12:0 a.m.22 views

Mercado Pago payments for WooCommerce < 6.4.0 - CSRF

The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS8.3AI score0.00285EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/06 12:0 a.m.16 views

Responsive Image Gallery, Gallery Album < 2.0.2 - Reflected XSS

The plugin does not sanitise and escape the id parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS5.7AI score0.00422EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/06 12:0 a.m.14 views

Arigato Autoresponder and Newsletter < 2.7.1.1 - Unauthenticated Stored XSS

The plugin does not sanitise and escape some parameters, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks...

7.1CVSS5.8AI score0.00406EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/06 12:0 a.m.11 views

CC Custom Taxonomy <= 1.0.1 - Admin+ Stored XSS

The plugin does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.8AI score0.00394EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/06 12:0 a.m.17 views

Pie Register < 3.8.2.3 - Open Redirect

The plugin does not properly validate the redirection URL when logging in and login out, leading to an Open Redirect vulnerability PoC Log In: 1. Visit /login?redirectto=//example.com 2. Log in as a user with lower privileges than Administrator. 3. See that the browser is redirected to...

5.4CVSS5.9AI score0.24263EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/06 12:0 a.m.14 views

Monolit < 2.0.7 - Reflected XSS

The theme does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS5.8AI score0.00408EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/06 12:0 a.m.30 views

0mk Shortener <= 0.2 - Stored XSS via CSRF

Description The plugin does not have CSRF check in its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

8.8CVSS8.3AI score0.00512EPSS
Exploits1
WPVulnDB
WPVulnDB
added 2023/02/06 12:0 a.m.18 views

eCommerce Product Catalog < 3.3.5 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00394EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/06 12:0 a.m.23 views

Ajax Search Lite < 4.11.1 - Subscriber+ Sensitive Data Disclosure

The plugin does not have authorisation and CSRF checks in the wdsearchcf AJAX action, which could allow any authenticated users to call it and retrieve arbitrary post metadata Note: v4.11 added only a CSRF check, authorisation was added in 4.11.1...

7.5CVSS7.4AI score0.00552EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/06 12:0 a.m.19 views

ShopLentor < 2.5.2 - Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

5.4CVSS5.5AI score0.00229EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/06 12:0 a.m.10 views

Arigato Autoresponder and Newsletter < 2.7.1.1 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00394EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/03 12:0 a.m.17 views

User Activity <= 1.0.1 - IP Spoofing

The plugin checks headers such as the X-Forwarded-For to retrieve the IP address of the request, which could lead to IP spoofing PoC 1. Send login request with x-forwarded-for: REDACTEDIP 2. Show spoofed IP address in the dashboard OWASP A09:2021 – Security Logging and Monitoring Failures...

7.5CVSS7.4AI score0.00658EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/03 12:0 a.m.15 views

WebinarIgnition < 2.14.3 - Admin+ Stored XSS

The plugin does not sanitise and escape the appname and webinardesc parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00394EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/03 12:0 a.m.18 views

Similar Posts <= 3.1.6 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.8AI score0.00394EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/03 12:0 a.m.22 views

VK All in One Expansion Unit < 9.86.0.0 - Contributor+ Stored XSS

The plugin does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC Setup: The CTA Expansion...

5.4CVSS5.1AI score0.0056EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/03 12:0 a.m.30 views

Metform Elementor Contact Form Builder < 3.2.0 - Unauthenticated Stored XSS

The plugin does not sanitize and escape some of its submitted entry data when outputting them back in the admin dashboard, which could allow unauthenticated attackers to perform Stored XSS attacks against an admin viewing the malicious entry PoC Setup as admin: Create a new form using MetForm...

7.2CVSS6.2AI score0.28565EPSS
Exploits5References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/03 12:0 a.m.13 views

GS Insever Portfolio < 1.4.5 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC gsinstagram id='" onmouseover="alert1"...

5.4CVSS5.1AI score0.00528EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/03 12:0 a.m.18 views

Podlove Podcast Publisher < 3.8.3 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00394EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/03 12:0 a.m.13 views

Watu Quiz < 3.3.8.1 - Admin+ Stored XSS

The plugin does not sanitise and escape the gtitle parameter, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00394EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/02 12:0 a.m.17 views

Formidable Forms < 5.5.7 - Arbitrary Entry Deletion via CSRF

The plugin does not have CSRF check when deleting entries, which could allow attackers to make logged in admins perform such action via a CSRF attack...

8.8CVSS8.2AI score0.00264EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/02 12:0 a.m.22 views

Robo Gallery < 3.2.11 - Plugin Activation/Deactivation via CSRF

The plugin does not have CSRF checks when activating and deactivating plugins, which could allow attackers to make logged in users perform such actions via CSRF attacks...

5.4CVSS5.6AI score0.00231EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/02 12:0 a.m.23 views

Pinpoint Booking System < 2.9.9.2.9 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00509EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/02 12:0 a.m.15 views

Arigato Autoresponder and Newsletter < 2.7.1.2 - Contributor+ Stored XSS

The plugin does not validate and escape some parameters, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.1AI score0.00383EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/02 12:0 a.m.19 views

Embed PDF <= 1.0.6 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC gdoc class='"...

5.4CVSS5AI score0.0049EPSS
Exploits2Affected Software1
Total number of security vulnerabilities14603