Lucene search
+L
WpvulndbRecent

14603 matches found

wpvulndb
wpvulndb
added 2023/01/10 12:0 a.m.21 views

Page View Count < 2.6.1 - Contributor+ Stored XSS

The plugin does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC Exploit Additional CSS classes for "Page Views"...

5.4CVSS1.7AI score0.00573EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2023/01/09 12:0 a.m.12 views

ChatBot < 4.2.9 - Unauthenticated Settings Reset

The plugin does not have authorisation and CSRF checks when reseting its settings via an AJAX action available to unauthenticated users, which could allow unauthenticated attackers to reset the plugin's settings PoC https://example.com/wp-admin/admin-ajax.php?action=qcldwbchatbootdeletealloptions...

3.6AI score
Exploits0Affected Software1
wpvulndb
wpvulndb
added 2023/01/06 12:0 a.m.15 views

ContentStudio < 1.2.6 - Unauthorised Function Calls

The plugin does not have authorisation checks in various functions, which could allow unauthenticated users to retrieve arbitrary metadata, including the plugin's token used in other actions like when creating a post...

9.8CVSS4.9AI score0.00952EPSS
Exploits1Affected Software1
wpvulndb
wpvulndb
added 2023/01/06 12:0 a.m.13 views

Blog Designer – Post and Widget < 2.4.1 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. PoC Exploit shortcode: wpspwrecentpostslider design='" onmouseover="alert1" style="background:red;"'...

6.8CVSS3.3AI score0.00627EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2023/01/06 12:0 a.m.14 views

Custom User Profile Fields for User Registration & Member Frontend Profiles with Paid Memberships Pro < 1.8.1 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Exploit...

5.4CVSS1AI score0.00548EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2023/01/06 12:0 a.m.18 views

WP Tabs < 2.1.17 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC trtabs id='"; alert1; "' trtabs id='"...

5.4CVSS2.5AI score0.00534EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2023/01/06 12:0 a.m.17 views

Posts List Designer by Category < 3.2 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Exploit...

5.4CVSS2.8AI score0.00471EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2023/01/06 12:0 a.m.26 views

miniOrange WordPress SAML SSO Standard < 16.0.8 - Open Redirect in SSO login

The plugin does not validate that the redirect parameter to its SSO login endpoint points to an internal site URL, making it vulnerable to an Open Redirect issue when the user is already logged in...

6.1CVSS2AI score0.0061EPSS
Exploits0Affected Software1
wpvulndb
wpvulndb
added 2023/01/06 12:0 a.m.15 views

miniOrange WordPress SAML SSO Premium Multisite < 20.0.7 - Open Redirect in SSO login

The plugin does not validate that the redirect parameter to its SSO login endpoint points to an internal site URL, making it vulnerable to an Open Redirect issue when the user is already logged in...

6.1CVSS2AI score0.0061EPSS
Exploits0Affected Software1
wpvulndb
wpvulndb
added 2023/01/06 12:0 a.m.19 views

News & Blog Designer Pack < 3.3 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. PoC Exploit shortcode: bdpmasonry grid='1" onmouseover="alert1" style="background:red;"'...

5.4CVSS3.7AI score0.00438EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2023/01/06 12:0 a.m.33 views

miniOrange WordPress SAML SSO Premium < 12.1.0 - Open Redirect in SSO login

The plugin does not validate that the redirect parameter to its SSO login endpoint points to an internal site URL, making it vulnerable to an Open Redirect issue when the user is already logged in...

6.1CVSS2AI score0.0061EPSS
Exploits0Affected Software1
wpvulndb
wpvulndb
added 2023/01/06 12:0 a.m.15 views

CPO Companion < 1.1.0 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Exploit...

5.4CVSS2.7AI score0.00534EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2023/01/06 12:0 a.m.16 views

Post Grid, Post Carousel, & List Category Posts < 2.4.19 - Contributor+ Stored XSS

The plugin does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC Exploit Additional CSS classes for "Smart Post Sho...

5.4CVSS1.2AI score0.00471EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2023/01/06 12:0 a.m.24 views

WP Social Widget < 2.2.4 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC wpsw facebook='" onmouseover="alert1"'...

5.4CVSS2.5AI score0.00534EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2023/01/06 12:0 a.m.12 views

WP Extended Search < 2.1.2 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. PoC Exploit shortcode: wpessearchform searchformcssclass='" onmouseover="alert1"'...

5.4CVSS3.8AI score0.00484EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2023/01/06 12:0 a.m.18 views

WP Tabs < 2.1.15 - Multiple CSRF

The plugin does not have proper CSRF checks in some places, for example when importing shortcodes, which could allow attackers to make logged in admins perform unwanted actions via CSRF attacks...

8.8CVSS4.7AI score0.00255EPSS
Exploits0Affected Software1
wpvulndb
wpvulndb
added 2023/01/05 12:0 a.m.17 views

Widgets for Google Reviews < 9.8 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Exploit...

6.4CVSS2.2AI score0.00507EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2023/01/05 12:0 a.m.12 views

CC Child Pages < 1.43 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Exploit:...

5.4CVSS1.6AI score0.00534EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2023/01/05 12:0 a.m.24 views

Social Warfare < 4.4.0 - Post Meta Deletion via CSRF

The plugin does not have CSRF checks in some AJAX actions, allowing attackers, to make a logged in admin call them and delete arbitrary post meta as well as reset access tokens related to network via CSRF attacks PoC...

5.4CVSS5.5AI score0.00374EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2023/01/05 12:0 a.m.21 views

Social Warfare < 4.3.1 - Subscriber+ Post Meta Deletion

The plugin does not have authorisation in some AJAX actions, allowing any authenticated users, such as subscriber, to call them and delete arbitrary post meta as well as reset access tokens related to network...

5.4CVSS4.8AI score0.00765EPSS
Exploits1Affected Software1
wpvulndb
wpvulndb
added 2023/01/05 12:0 a.m.26 views

CPO Companion < 1.1.0 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.5CVSS2.2AI score0.00537EPSS
Exploits0Affected Software1
wpvulndb
wpvulndb
added 2023/01/04 12:0 a.m.28 views

AAWP < 3.12.3 - Unsafe URL Handling

The plugin can be used to abuse trusted domains to load malware or other files through it Reflected File Download to bypass firewall rules in companies. PoC wp-content/aawp/public/image.php?url=base64-url will load and download the file from the base64-decoded URL...

7.5CVSS0.9AI score0.00797EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2023/01/04 12:0 a.m.17 views

Revive Old Posts – Social Media Auto Post and Scheduling Plugin < 9.0.11 - PHP Object Injection

The plugin unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present. PoC To simulate a gadget chain, put the following code in a plugin: class Evil public function wakeup : void...

7.2CVSS1.9AI score0.01046EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2023/01/04 12:0 a.m.19 views

JetWidgets for Elementor < 1.0.13 - Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

6.5CVSS4.7AI score0.00333EPSS
Exploits0Affected Software1
wpvulndb
wpvulndb
added 2023/01/04 12:0 a.m.21 views

Pricing Tables WordPress Plugin – Easy Pricing Tables < 3.2.3 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. PoC Note: Enable compatibility mode by going to the settings of the plugins. Exploit shortcode: easy-pricing-toggle...

5.4CVSS3.2AI score0.00471EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2023/01/04 12:0 a.m.54 views

Membership For WooCommerce < 2.1.7 - Unauthenticated Arbitrary File Upload

The plugin does not validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as malicious PHP code, and achieve RCE. PoC 1. Install and activate WooCommerce dependency, no setup required 2. Create a local file containing the payload on /tmp/payload.php 3...

9.8CVSS4.2AI score0.17569EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2023/01/04 12:0 a.m.18 views

WooCommerce Chained Products < 2.12.0 - Unauthenticated Arbitrary Options Update to 'no'

The plugin does not have authorisation and CSRF checks, as well as does not ensure that the option to be updated belong to the plugin, allowing unauthenticated attackers to set arbitrary options to 'no' PoC As unauthenticated, open the following URL to set the Blog Name to 'no':...

4.3CVSS2.8AI score0.00281EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2023/01/04 12:0 a.m.14 views

FL3R FeelBox <= 8.1 - Settings Update via CSRF to Stored XSS

The plugin does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack PoC Make a logged in admin open a page containing the HTML code below...

6.1CVSS2.1AI score0.00285EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2023/01/04 12:0 a.m.11 views

My Calendar < 3.3.25 - Event/Location Deletion via CSRF

The plugin does not have CSRF checks when deleting events and locations, which could allow attackers to make logged in admins perform such actions via CSRF attacks...

8.8CVSS8.5AI score0.00269EPSS
Exploits0Affected Software1
wpvulndb
wpvulndb
added 2023/01/04 12:0 a.m.22 views

RSS Aggregator by Feedzy < 4.1.1 - Contributor+ Stored XSS

The plugin does not validate and escape some of its block options before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC 1. Add the Feedz...

5.4CVSS1.4AI score0.00507EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2023/01/04 12:0 a.m.24 views

FL3R FeelBox <= 8.1 - Moods Reset via CSRF

The plugin does not have CSRF check when updating reseting moods which could allow attackers to make logged in admins perform such action via a CSRF attack and delete the lydlposts & lydlpoststimestamp DB tables PoC Make a logged in admin open a page containing the HTML code below...

4.3CVSS4.1AI score0.00267EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2023/01/04 12:0 a.m.55 views

Insert Pages < 3.7.5 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Exploit:...

5.4CVSS2AI score0.00534EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2023/01/04 12:0 a.m.19 views

Themify Shortcodes < 2.0.8 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. PoC Exploit shortcode: themifybutton color='red" onmouseover="alert1"'XSS/themifybutton...

5.4CVSS4.1AI score0.00471EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2023/01/03 12:0 a.m.17 views

Justified Gallery < 1.7.1 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. PoC Exploit shortcode: gallery ids="1" lightbox="' onmouseover='alert1'"...

5.4CVSS3.7AI score0.0049EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2023/01/03 12:0 a.m.14 views

Simple Sitemap < 3.5.8 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Exploit...

5.4CVSS1.8AI score0.00519EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2023/01/03 12:0 a.m.15 views

Portfolio for Elementor, Image Gallery & Post Grid | PowerFolio < 2.3.1 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Note:...

5.4CVSS1.7AI score0.00534EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2023/01/03 12:0 a.m.29 views

PDF Viewer < 1.0.0 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. PoC Exploit shortcode: pdfviewer height='" onmouseover="alert1"'http://localhost/file.pdf/pdfviewer...

5.4CVSS2.5AI score0.00471EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2023/01/03 12:0 a.m.19 views

CPT Bootstrap Carousel <= 1.12 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Note: Fir...

5.4CVSS2.6AI score0.00534EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2023/01/03 12:0 a.m.15 views

MediaElement.js – HTML5 Video & Audio Player <= 4.2.8 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high-privilege users such as admins. PoC 1. Insert...

5.4CVSS3.1AI score0.00534EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2023/01/03 12:0 a.m.16 views

Social Sharing Toolkit <= 2.6 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Note: Fir...

5.4CVSS2.4AI score0.00471EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2023/01/03 12:0 a.m.15 views

Icon Widget < 1.3.0 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Exploit:...

5.4CVSS3.2AI score0.00471EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2023/01/03 12:0 a.m.23 views

Members Import <= 1.4.2 - XSS via Imported CSV

The plugin does not sanitise and escape imported CSV, which could allow attackers to perform Cross-Site Scripting attacks if they can make an admin import a malicious CSV file...

6.1CVSS4.2AI score0.00653EPSS
Exploits1Affected Software1
wpvulndb
wpvulndb
added 2023/01/03 12:0 a.m.11 views

PixCodes < 2.3.7 - Contributor+ Stored XSS in Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Exploit...

5.4CVSS1.5AI score0.00471EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2023/01/03 12:0 a.m.13 views

Accordion Shortcodes <= 2.4.2 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. PoC Exploit shortcode: accordion class='" onmouseover="alert1" style="background:red;width:100px;height:100px;"'...

5.4CVSS3.9AI score0.00471EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2023/01/03 12:0 a.m.14 views

Blockonomics < 3.5.8 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape the filterby parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS5.9AI score0.0046EPSS
Exploits0Affected Software1
wpvulndb
wpvulndb
added 2023/01/03 12:0 a.m.21 views

Bold Timeline Lite < 1.1.5 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Exploit...

5.4CVSS2.6AI score0.01011EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2023/01/02 12:0 a.m.20 views

Google Analyticator < 6.5.6 - Admin+ PHP Object Injection

The plugin unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present PoC To simulate a gadget chain, put the following code in a plugin: class Evil public function wakeup : void...

7.2CVSS0.8AI score0.01046EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2023/01/02 12:0 a.m.20 views

Booster for WooCommerce - Multiple CSRF

The plugins have either flawed CSRF checks or are missing them completely in numerous places, allowing attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS5.2AI score0.00339EPSS
Exploits0Affected Software3
wpvulndb
wpvulndb
added 2023/01/02 12:0 a.m.15 views

Qubely < 1.8.5 - Contributor+ Stored XSS

The plugin does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC Add the following Additional CSS classes to the...

1.9AI score0.00745EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/29 12:0 a.m.22 views

10WebMapBuilder < 1.0.72 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Exploit:...

5.4CVSS3.2AI score0.00471EPSS
Exploits2Affected Software1
Total number of security vulnerabilities14603