Lucene search
K
WpvulndbRecent

14603 matches found

WPVulnDB
WPVulnDB
•added 2023/02/02 12:0 a.m.•20 views

Jobs for WordPress < 2.6.0 - Author+ Stored XSS

The plugin does not sanitise and escape some parameters, which could allow users with a role as low as Author to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.9AI score0.00386EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/02/02 12:0 a.m.•19 views

Multi-column Tag Map < 17.0.25 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.1AI score0.00386EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/02/02 12:0 a.m.•17 views

List Pages Shortcode < 1.7.6 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC list-page...

5.4CVSS5AI score0.0049EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/02/02 12:0 a.m.•15 views

Image Hover Effects for Elementor with Lightbox and Flipbox < 3.0 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS5.7AI score0.00408EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/02/02 12:0 a.m.•10 views

WP Booking System < 2.0.18.1 - Admin+ Stored XSS

The plugin does not sanitise and escape some parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00394EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/02/02 12:0 a.m.•12 views

WP htpasswd <= 1.7 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00394EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/02/02 12:0 a.m.•21 views

IP Vault - WP Firewall <= 1.1 - Admin+ Stored XSS

The plugin does not sanitise and escape some parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00394EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/02/02 12:0 a.m.•16 views

Show-Hide / Collapse-Expand <= 1.2.5 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Exploit...

5.4CVSS5AI score0.0049EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/02/02 12:0 a.m.•22 views

Multi Rating < 5.0.6 - Ratings Deletion via CSRF

The plugin does not have CSRF check when deleting ratings, which could allow attackers to make logged in admins to perform such action via a CSRF attack...

8.8CVSS8.2AI score0.00326EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/02/02 12:0 a.m.•17 views

EZP Coming Soon Page < 1.0.7.4 - Admin+ Stored XSS

The plugin does not sanitise and escape some parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00394EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/02/02 12:0 a.m.•16 views

PHP Execution <= 1.0.0 - Settings Update via CSRF

The plugin does not have CSRF check when enabling low privilege users such as subscriber the ability to execute PHP code, which could allow attackers to make logged in admins enable such option via a SCRF attack...

8.8CVSS8.5AI score0.003EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/02/02 12:0 a.m.•16 views

Olevmedia Shortcodes <= 1.1.9 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC button style='"...

5.4CVSS5AI score0.0049EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/02/02 12:0 a.m.•19 views

Galleries by Angie Makes <= 1.67 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC gallery ids='1' captions="'...

5.4CVSS5.4AI score0.00466EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/02/02 12:0 a.m.•15 views

Usersnap < 4.17 - Admin+ Stored XSS

The plugin does not sanitise and escape its API Key settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00407EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/02/02 12:0 a.m.•22 views

Ocean Extra < 2.1.2 - Contributor+ Stored XSS

The plugin does not escape the class attribute of its oceanwpbreadcrumb shortcode before outputting it back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC oceanwpbreadcrumb class='"...

5.5CVSS5.4AI score0.00343EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/02/02 12:0 a.m.•23 views

Print Invoice & Delivery Notes for WooCommerce < 4.7.2 - Reflected XSS

The plugin is vulnerable to reflected XSS by echoing a GET value in an admin note within the WooCommerce orders page. This means that this vulnerability can be exploited for users with the editothersshoporders capability. WooCommerce must be installed and active. This vulnerability is caused by a...

1.4AI score0.00516EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/02/02 12:0 a.m.•10 views

Magazine Edge <= 1.13 - Subscriber+ Arbitrary Plugin Activation

The theme does not have authorisation and CSRF when activating plugins via an AJAX action, allowing any authenticated users, such as subscriber to activate arbitrary plugins PoC Run the below command in the developer console of the web browser while being on the blog as a subscriber user...

3.7AI score
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/02/02 12:0 a.m.•16 views

Marketing Performance <= 2.0.0 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS5.7AI score0.00408EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/02/01 12:0 a.m.•10 views

Donation Block For PayPal < 2.1.0 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC paypaldonationblock size='"...

5.4CVSS5.4AI score0.00466EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/31 12:0 a.m.•30 views

ShortPixel Adaptive Images < 3.6.3 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against any high privilege users such as admin PoC https://example.com/?SPAIVJS=%3C/script%3E%3Cimg%20src%3D1%20onerror%3Dalert/XSS/;%3E...

6.1CVSS6AI score0.00881EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/31 12:0 a.m.•19 views

Namaste! LMS < 2.5.9.4 - Admin+ Stored XSS

The plugin does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. PoC 1. Go to Namaste Settings, and at Payment...

4.8CVSS5.2AI score0.00527EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/31 12:0 a.m.•15 views

Arigato Autoresponder and Newsletter < 2.1.7.2 - Admin+ Stored XSS

The plugin does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. PoC 1. Go to the Mailing list option and register a new user with the value...

4.8CVSS5AI score0.00465EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/31 12:0 a.m.•18 views

Correos Oficial <= 1.3.0.0 - Unauthenticated Arbitrary File Download

The plugin does not have an authorization check user input validation when generating a file path, allowing unauthenticated attackers to download arbitrary files from the server. PoC Dependency: WooCommerce plugin Use the following curl command to download the contents of the wp-config.php file:...

7.5CVSS7.8AI score0.00849EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/31 12:0 a.m.•26 views

WP Statistics < 13.2.11 - Subscriber+ SQLi

The plugin does not properly sanitise and escape some parameters before using them in SQL statements, leading to a SQL injection exploitable by users with a role as low as subscriber...

9.9CVSS2.9AI score0.00731EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/31 12:0 a.m.•12 views

GeoDirectory < 2.2.24 - Admin+ SQLi

The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin. PoC POST /wp-admin/admin-ajax.php HTTP/1.1...

7.2CVSS7.8AI score0.00764EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/30 12:0 a.m.•21 views

WP Private Message < 1.0.6 - Private Message Disclosure via IDOR

The plugin bundled with the Superio theme as a required plugin does not ensure that private messages to be accessed belong to the user making the requests. This allowing any authenticated users to access private messages belonging to other users by tampering the ID. PoC - Install the Superio them...

4.3CVSS5.3AI score0.00551EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/30 12:0 a.m.•13 views

Easy Digital Downloads < 3.1.0.5 - Contributor+ Stored XSS

The plugin does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC Add the "EDD Buy Button" Gutenberg block to a post...

5.4CVSS5.4AI score0.00457EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/30 12:0 a.m.•12 views

GS Portfolio for Envato < 1.4.0 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embedded, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC Insert the following shortcode in a...

5.4CVSS5.1AI score0.00457EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/30 12:0 a.m.•11 views

Real Media Library < 4.18.29 - Author+ Stored XSS

The plugin does not sanitise and escape the created folder names, which could allow users with the role of author and above to perform Stored Cross-Site Scripting attacks. PoC As a user with the author role, go to Media Library and create a new folder with the following payload: " Then Add a new...

5.4CVSS5.3AI score0.00457EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/30 12:0 a.m.•14 views

PrivateContent < 8.4.4 - Brute Force Protection Bypass

The plugin checks whether an IP is blocked or not via client-side validation, allowing attackers to bypass such protection via crafted requests...

5.3CVSS5.7AI score0.00734EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/30 12:0 a.m.•14 views

Robo Gallery <= 3.2.11 - Cross-Site Request Forgery

The plugin does not have CSRF checks in some places, which could allow attackers to make logged-in users perform unwanted actions via CSRF attacks. The original researcher didn't provide enough information on which actions could be performed...

8.8CVSS6.6AI score0.00273EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/30 12:0 a.m.•13 views

GS Books Showcase < 1.3.1 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC gsbookshowcase theme='"...

6.8CVSS5.1AI score0.00608EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/30 12:0 a.m.•12 views

WP Dark Mode < 4.0.0 - Contributor+ Stored XSS in Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack PoC Exploit shortcode: wpdarkmode class='" onmouseover="alert1"'...

5.4CVSS5.4AI score0.00457EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/30 12:0 a.m.•14 views

GS Products Slider for WooCommerce < 1.5.9 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC gswps theme='" onmouseover="alert1"...

5.4CVSS5.1AI score0.00457EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/30 12:0 a.m.•11 views

EmbedSocial < 1.1.28 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC embedsocialstories id="'...

5.4CVSS5.4AI score0.00457EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/30 12:0 a.m.•17 views

EmbedStories < 0.7.5 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC embedsocialstories id="'...

5.4CVSS5.4AI score0.00457EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/30 12:0 a.m.•12 views

Interactive Geo Maps < 1.5.9 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.1AI score0.00393EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/30 12:0 a.m.•37 views

BackupBuddy < 8.8.3 - Multiple Reflected Cross-Site Scripting

The plugin does not sanitise and escape some parameters before outputting them back in various places, leading to Reflected Cross-Site Scripting PoC Make a logged in admin/SA open one of the URL below: v -...

6.1CVSS6.3AI score0.00858EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/30 12:0 a.m.•13 views

GS Filterable Portfolio < 1.6.1 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC Note: First, you need to add a Portfoli...

5.4CVSS5.1AI score0.00457EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/30 12:0 a.m.•13 views

WP Email Capture < 3.10 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00392EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/28 12:0 a.m.•15 views

ShopLentor < 2.5.4 - Contributor+ Stored XSS

The plugin does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC As a contributor, add a "WL : FAQ" Gutenberg block...

5.4CVSS5AI score0.00534EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/28 12:0 a.m.•27 views

ShopLentor < 2.5.4 - PHP Object Injection

The plugin unserializes user input from cookies in order to track viewed products and user data, which could lead to PHP Object Injection...

9.8CVSS8.9AI score0.03317EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/27 12:0 a.m.•20 views

JS Help Desk < 2.7.2 - CSRF

The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS8.3AI score0.00264EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/27 12:0 a.m.•12 views

Glossary < 2.1.28 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.1AI score0.00383EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/27 12:0 a.m.•21 views

Advanced Form Integration < 1.63.0 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00392EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/27 12:0 a.m.•11 views

bbPress Voting < 2.1.11.1 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00392EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/27 12:0 a.m.•13 views

Namaste! LMS < 2.5.9.2 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00392EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/27 12:0 a.m.•17 views

ContentStudio < 1.2.6 - Nonce Disclosure

The plugin discloses sensitive information to unauthenticated users, such as a nonce used to create a posts...

7.5CVSS5.5AI score0.00906EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/27 12:0 a.m.•16 views

WP Table Manager < 3.5.3 - Contributor+ Stored XSS

The plugin does not sanitise and escape some parameters, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks...

6.5CVSS5.2AI score0.00417EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/27 12:0 a.m.•20 views

VikBooking Hotel Booking Engine & PMS < 1.5.12 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00392EPSS
Exploits0Affected Software1
Total number of security vulnerabilities14603