Lucene search
+L
WpvulndbRecent

14603 matches found

WPVulnDB
WPVulnDB
added 2023/01/27 12:0 a.m.18 views

Ecwid Shopping Cart < 6.11.4 - Import via CSRF

The plugin does not have CSRF check when importing Woo data, which could allow attackers to make logged in admins perform such action via a CSRF attack...

8.8CVSS8.2AI score0.00264EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/27 12:0 a.m.18 views

BNE Testimonials < 2.0.8 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.1AI score0.00429EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/27 12:0 a.m.14 views

Booking calendar, Appointment Booking System < 3.2.4 - Editor+ Stored XSS

The plugin does not escape some parameters, which could allow users with a role as low as Editor to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.2AI score0.0038EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/27 12:0 a.m.23 views

Quick Restaurant Menu < 2.1.0 - Subscriber+ Arbitrary Post Deletion/Updating

The plugin does not ensure that the menu to be deleted/updated is actually a menu, and does not have authorisation in the related AJAX actions, which could allow any authenticated users, such as subscriber, to delete and update arbitrary posts...

7.6CVSS5.2AI score0.0065EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/27 12:0 a.m.9 views

DH - Anti AdBlocker < 37 - Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

8.8CVSS8.2AI score0.00276EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/27 12:0 a.m.18 views

Quick Restaurant Menu < 2.1.0 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.5CVSS4.8AI score0.0054EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/27 12:0 a.m.25 views

Booking calendar, Appointment Booking System < 3.2.4 - Form Creation/Update/Deletion/Duplication via CSRF

The plugin does not have CSRF checks on some of its form actions such as creation/update/deletion and duplication, which could allow attackers to make logged in admin perform such actions via CSRF attacks...

5.4CVSS5.6AI score0.00231EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/27 12:0 a.m.16 views

Material Design Icons for Page Builders < 1.4.3 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.1AI score0.00383EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/27 12:0 a.m.16 views

Paid Memberships Pro < 2.9.9 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC 1. Insert...

6.1CVSS4.9AI score0.65006EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/27 12:0 a.m.18 views

Organization Chart < 1.4.5 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00392EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/27 12:0 a.m.18 views

AI ChatBot < 4.3.1 - Admin+ Stored XSS

The plugin does not sanitise and escape its qlcdwpchatbotemailsub settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00421EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/27 12:0 a.m.11 views

Conditional Shipping for WooCommerce < 2.3.2 - Ruleset Toggle via CSRF

The plugin does not have CSRF check when toggling ruleset, which could allow attackers to make logged in users with the managewoocommerce capability perform such action via a CSRF attack...

8.8CVSS8.2AI score0.00264EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/27 12:0 a.m.13 views

TinyMCE Custom Styles < 1.1.3 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00392EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/27 12:0 a.m.13 views

Greenshift < 5.0 - Contributor+ Stored XSS

The plugin does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC Exploit Additional CSS classes for "Advanced...

6.8CVSS5AI score0.00627EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/27 12:0 a.m.21 views

Quick Restaurant Menu < 2.1.0 - Menu Items Update via CSRF

The plugin does not have CSRF checks when updating its menu items, which could allow attackers to make logged in admins update menu items via a CSRF attack...

7.6CVSS5.1AI score0.00368EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/27 12:0 a.m.21 views

Blocksy Companion < 1.8.68 - Contributor+ Stored XSS

The plugin does not validate and escape the class attribute of its blocksyposts shortcode before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.5CVSS5.1AI score0.00341EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/27 12:0 a.m.15 views

ContentStudio < 1.2.6 - Authorisation Bypass

The plugin does not properly check for API keys, allowing unauthenticated users bypass of the authorisation in place via type juggling...

9.8CVSS9.1AI score0.00877EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/27 12:0 a.m.22 views

Unlimited Elements For Elementor < 1.5.49 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00392EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/27 12:0 a.m.17 views

Welcart e-Commerce < 2.8.11 - Reflected XSS

The plugin does not sanitise and escape some parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS5.7AI score0.00431EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/26 12:0 a.m.37 views

Bootstrap Shortcodes <= 3.4.0 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC As a Contributor+ create a new post and...

5.4CVSS5AI score0.00471EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/26 12:0 a.m.24 views

Hueman Addons <= 2.3.3 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC column size='" onmouseover="alert1"...

5.4CVSS5AI score0.00471EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/26 12:0 a.m.28 views

Video.js - HTML5 Video Player for WordPress <= 4.5.0 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC videojs mp4='" onerror="alert/XSS/"'...

5.4CVSS5AI score0.00471EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/26 12:0 a.m.14 views

Download Video Sidebar Widgets <= 6.1 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC vsw source="youtube" id="3PdILZ1P74"...

5.4CVSS5AI score0.00471EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/25 12:0 a.m.10 views

Easy Social Box < 4.1.3 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC easy-fb-like-box locale='"; alert1; var...

5.4CVSS5AI score0.00471EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/25 12:0 a.m.13 views

Simple File Downloader <= 1.0.4 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC As a Contributor+ create a new post and...

6.8CVSS5AI score0.00627EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/25 12:0 a.m.17 views

Login Logout Menu <= 1.3.3 - Contributor+ Stored XSS in Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC login edittag=' onmouseover="alert1"'...

5.4CVSS5AI score0.00471EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/25 12:0 a.m.11 views

Loan Comparison < 1.5.3 - Contributor+ Stored XSS via shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC loancomparison slider='"...

5.4CVSS5AI score0.00534EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/25 12:0 a.m.18 views

Post Views Count <= 3.0.2 - Contributor+ Stored XSS in Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC As a Contributor+ create a new post and...

6.8CVSS5AI score0.00627EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/25 12:0 a.m.10 views

WP Responsive Testimonials Slider And Widget <= 1.5 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC testimonialsslider autoplay="1; alert1;...

5.4CVSS5AI score0.00471EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/25 12:0 a.m.14 views

Opening Hours <= 2.3.0 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC Note: A Set needs to be present op-is-op...

5.4CVSS5AI score0.00471EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/25 12:0 a.m.12 views

Loan Comparison < 1.5.2 - Reflected XSS via shortcode

The plugin does not validate and escape some of its query parameters before outputting them back in a page/post via an embedded shortcode, which could allow an attacker to inject javascript into into the site via a crafted URL. PoC Create a page "Test" containing the shortcode "loancomparison",...

6.1CVSS5.9AI score0.00486EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/24 12:0 a.m.24 views

Page Builder: Live Composer < 1.5.23 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC dslcnotification color='red"...

5.4CVSS5AI score0.00393EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/24 12:0 a.m.25 views

Timed Content < 2.73 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC timed-content-client hide="10:00:'...

5.4CVSS5AI score0.00471EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/24 12:0 a.m.17 views

Watu Quiz < 3.3.8.3 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. PoC Put the following payload in one of the 'Word...

4.8CVSS4.5AI score0.0047EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/24 12:0 a.m.19 views

LearnPress Plugin < 4.2.0 - Subscriber+ SQLi

The plugin does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscriber to perform SQL Injection attacks Note: The original advisory mentioned that the issue is only exploitable by contributors, b...

9.1CVSS8.9AI score0.01005EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/24 12:0 a.m.75 views

LearnPress Plugin < 4.2.0 - Unauthenticated LFI

The plugin does not validate various parameters in the lp/v1/courses/archive-course REST endpoints before using them in include statement, which could lead to LFI issues...

9.8CVSS8.8AI score0.05063EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/24 12:0 a.m.20 views

Spectra < 1.15.0 - Contributor+ Stored Cross-Side Scripting

The plugin does not sanitize user input as it reaches its style HTML attribute, allowing contributors to conduct stored XSS attacks via the plugin's Gutenberg blocks. PoC Note: The exploit requires the Contact Form 7 plugin. Exploit Additional CSS classes for “Contact Form 7 Styler” Gutenberg...

5.4CVSS5.1AI score0.00507EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/24 12:0 a.m.18 views

Watu Quiz < 3.3.8.2 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. PoC Make a logged in admin open the following URL:...

7.5CVSS5.6AI score0.00632EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/24 12:0 a.m.23 views

Product Slider and Carousel with Category for WooCommerce < 2.8 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. PoC wcpscwcpdtslider design='" onmouseover="alert1"'...

5.4CVSS5AI score0.00471EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/24 12:0 a.m.34 views

Intuitive Custom Post Order < 3.1.4 - Arbitrary Menu Order Update via CSRF

The plugin lacks CSRF protection in its update-menu-order ajax action, allowing an attacker to trick any user to change the menu order via a CSRF attack PoC...

4.3CVSS4.9AI score0.00267EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/24 12:0 a.m.25 views

Intuitive Custom Post Order < 3.1.4 - Subscriber+ Arbitrary Menu Order Update

The plugin does not check for authorization in the update-menu-order ajax action, allowing any logged in user with roles as low as Subscriber to update the menu order PoC Open the below HTML while being logged in as a subscriber...

4.3CVSS4.9AI score0.00486EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/24 12:0 a.m.18 views

Shortcode for Font Awesome < 1.4.1 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embedded, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC fa set='" onmouseover="alert1"...

5.4CVSS5AI score0.00534EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/24 12:0 a.m.19 views

WP Font Awesome < 1.7.9 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embedded, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC wpfa color='red" onmouseover="alert1...

5.4CVSS5AI score0.00471EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/24 12:0 a.m.35 views

LearnPress Plugin < 4.2.0 - Unauthenticated SQLi

The plugin does not properly sanitise and escape the order by parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users...

9.9CVSS9.8AI score0.04269EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/24 12:0 a.m.10 views

Material Design Icons for Page Builders < 1.4.3 - Settings Update via CSRF

The plugin does not have CSRF check when updating its settings, which could allow attackers to make logged in admins perform such actions via a CSRF attack...

8.8CVSS8.2AI score0.00264EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/24 12:0 a.m.20 views

Markup <= 4.8.1 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC wp-structuring-markup-breadcrumb class=...

5.4CVSS5AI score0.00471EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/24 12:0 a.m.23 views

Easy Affiliate Links < 3.7.1 - Contributor+ Stored XSS

The plugin does not validate and escape some of its block options before outputting them back in a page/post where the block is embedded, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC Exploit Additional CSS classes for "Easy...

6.8CVSS5AI score0.00699EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/23 12:0 a.m.21 views

Pinpoint Booking System < 2.9.9.2.9 - Subscriber+ SQLi

The plugin does not validate and escape one of its shortcode attributes before using it in a SQL statement, which could allow any authenticated users, such as subscriber to perform SQL Injection attacks. PoC Note: A Calendar is needed if there is not one already. Run the below command in the...

8.8CVSS9AI score0.00937EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/23 12:0 a.m.15 views

WP Airbnb Review Slider < 3.3 - Subscriber+ SQLi

The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber. PoC Run the following code in the browser console on any WP Admin page. fetch'/wp-admin/admin-ajax.php', method: 'POST...

8.8CVSS9.1AI score0.00925EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/23 12:0 a.m.22 views

Social Like Box and Page by WpDevArt < 0.8.41 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC wpdevartlikebox height='"...

5.4CVSS5AI score0.00477EPSS
Exploits2Affected Software1
Total number of security vulnerabilities14603