Lucene search
+L
WpvulndbRecent

14603 matches found

wpvulndb
wpvulndb
added 2022/12/29 12:0 a.m.64 views

Multiple themes - Unauthenticated Arbitrary File Upload

Multiple themes from ChimpStudio and PixFill does not have any authorisation and upload validation in the langupload.php file, allowing any unauthenticated attacker to upload arbitrary files to the web server. PoC Create a malicious file "backdoor.php", then curl...

9.8CVSS1.5AI score0.02084EPSS
Exploits12Affected Software10
wpvulndb
wpvulndb
added 2022/12/29 12:0 a.m.17 views

Passster < 3.5.5.9 - Protection Bypass & Arbitrary Post Access

The plugin does not properly check for password, as well as that the post to be viewed is public, allowing unauthenticated users to bypass the protection offered by the plugin, and access arbitrary posts such as private content, by sending a specifically crafted request. PoC The nonce can be...

7.5CVSS1.9AI score0.00818EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/29 12:0 a.m.15 views

WP Google My Business Auto Publish < 3.4 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. PoC Note: First, you need to connect a Google My Business, select Account, and select Location. Exploit shortcode:...

5.4CVSS2.9AI score0.00471EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/29 12:0 a.m.18 views

GeoDirectory < 2.2.22 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Note:...

5.4CVSS2.7AI score0.00471EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/29 12:0 a.m.21 views

Passster < 3.5.5.8 - Contributor+ Stored Cross-Site Scripting

The plugin does not escape the area parameter of its shortcode, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks. PoC passster password="1" area='" style="animation-name:twentytwentyone-close-button-transition" onanimationend="alert/XSS///'...

5.4CVSS3.3AI score0.00393EPSS
Exploits1Affected Software1
wpvulndb
wpvulndb
added 2022/12/29 12:0 a.m.15 views

GS Logo Slider < 3.3.8 - Contributor+ Stored XSS in Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Exploit...

5.4CVSS1.6AI score0.00471EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/29 12:0 a.m.15 views

Genesis Columns Advanced < 2.0.4 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks which could be used against high-privilege users such as admins. PoC 1...

5.4CVSS2.3AI score0.00471EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/29 12:0 a.m.14 views

Top 10 < 3.2.3 - Contributor+ Stored XSS

The plugin does not validate and escape some of its Block attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC 1. Insert a...

5.4CVSS1.3AI score0.00471EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/29 12:0 a.m.20 views

Video Conferencing with Zoom < 4.0.10 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC 1. Insert...

5.4CVSS2.3AI score0.00471EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/29 12:0 a.m.13 views

Content Control < 1.1.10 - Contributor+ Stored XSS

The plugin does not validate and escapes some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks, which could be used against high privilege users such as admins. PoC Explo...

5.4CVSS1.7AI score0.00471EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/28 12:0 a.m.15 views

ShiftNav – Responsive Mobile Menu < 1.7.2 - Contributor+ Stored XSS in Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Exploit...

5.4CVSS2.1AI score0.00471EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/28 12:0 a.m.17 views

Print-O-Matic < 2.1.8 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Exploit...

5.4CVSS3.3AI score0.00471EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/28 12:0 a.m.18 views

Collapse-O-Matic < 1.8.3 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin. PoC Exploit...

5.4CVSS1.7AI score0.00534EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/28 12:0 a.m.18 views

Meteor Slides < 1.5.7 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC...

5.4CVSS2.1AI score0.00534EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/28 12:0 a.m.24 views

OneClick Chat to Order < 1.0.4.2 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC 1. Instal...

5.4CVSS3.2AI score0.00471EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/28 12:0 a.m.24 views

User Verification < 1.0.94 - Authentication Bypass

The plugin was affected by an Auth Bypass security vulnerability. To bypass authentication, we only need to know the user’s username. Depending on whose username we know, which can be easily queried because it is usually public data, we may even be given an administrative role on the website. PoC...

9.8CVSS2.4AI score0.01598EPSS
Exploits2References1Affected Software1
wpvulndb
wpvulndb
added 2022/12/28 12:0 a.m.21 views

WP Popups < 2.1.4.8 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Exploit:...

5.4CVSS1.4AI score0.00471EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/28 12:0 a.m.16 views

BruteBank - WP Security & Firewall < 1.9 - Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged-in admin change them via a CSRF attack. PoC POST /wp-admin/admin.php?page=brutebank-settings HTTP/1.1 publickey=site.a%22%2522aaaa%3Daaakey=aaa=Update...

6.5CVSS4.4AI score0.00332EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/28 12:0 a.m.12 views

Optimize images ALT Text (alt tag) & names for SEO using AI < 2.0.8 - Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged-in admin change them via a CSRF attack. PoC Use the following form to abuse the CSRF vulnerability on the settings page: action| ---|--- layout| textColor| contentBackgroundColor|...

6.5CVSS4.4AI score0.00332EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/28 12:0 a.m.20 views

Product Slider for WooCommerce < 2.6.4 - Contributor+ Stored XSS in Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Install t...

5.4CVSS0.9AI score0.00471EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/28 12:0 a.m.12 views

Word Balloon < 4.19.3 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Exploit...

5.4CVSS3.2AI score0.00471EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/28 12:0 a.m.22 views

Structured Content < 1.5.1 - Contributor+ Stored XSS in Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Exploit...

5.4CVSS1.7AI score0.00471EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/27 12:0 a.m.15 views

Page-list < 5.3 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Exploit...

5.4CVSS1.7AI score0.00471EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/27 12:0 a.m.16 views

Login Logout Menu < 1.4.0 - Contributor+ Stored XSS in Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Exploit...

5.4CVSS1.8AI score0.00534EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/27 12:0 a.m.18 views

Landing Page Builder < 1.4.9.9 - Contributor+ Cross-Site Scripting via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC 1. Insert...

5.4CVSS3.3AI score0.00471EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/27 12:0 a.m.24 views

Sassy Social Share < 3.3.45 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Insert th...

5.4CVSS3AI score0.00471EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/27 12:0 a.m.16 views

Easy Social Feed – Social Photos Gallery – Post Feed – Like Box < 6.4.0 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin. PoC Exploit...

5.4CVSS2.7AI score0.00471EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/27 12:0 a.m.22 views

WP Limit Login Attempts <= 2.6.4 - IP Spoofing

The plugin prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTEADDR, which makes it possible to bypass IP-based restrictions on login forms. PoC Set HTTPCLIENTIP or HTTPXFORWARDEDFOR as used in wplimitgetip to spoof the IP address and bypass the block...

7.5CVSS0.8AI score0.00703EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/27 12:0 a.m.47 views

WP Statistics < 13.2.9 - Authenticated SQLi

The plugin does not escape a parameter, which could allow authenticated users to perform SQL Injection attacks. By default, the affected feature is available to users with the manageoptions capability admin+, however the plugin has a settings to allow low privilege users to access it as well. PoC...

8.8CVSS1AI score0.35679EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/27 12:0 a.m.17 views

CBX Petition for WordPress <= 1.0.3 - Unauthenticated SQLi

The plugin does not properly sanitize and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection. PoC 1. Create and publish a new petition. 2. Invoke the following curl command, with the nonce in place, to induce a...

9.8CVSS1.5AI score0.01037EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/27 12:0 a.m.31 views

Mongoose Page Plugin < 1.9.0 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. PoC Exploit shortcode: facebook-page-plugin href='test.js' method='sdk' language='" onerror="alert1"'...

5.4CVSS4.1AI score0.00471EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/27 12:0 a.m.13 views

Compact WP Audio Player < 1.9.8 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Exploit:...

5.4CVSS1.6AI score0.00471EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/27 12:0 a.m.24 views

Search & Filter < 1.2.16 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin. PoC Insert the...

5.4CVSS2AI score0.00471EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/27 12:0 a.m.29 views

WordPress Simple Shopping Cart < 4.6.2 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Exploit...

5.4CVSS2.8AI score0.00534EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/27 12:0 a.m.11 views

Easy Appointments < 3.11.2 - Contributor+ Stored XSS in Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Exploit...

5.4CVSS2.2AI score0.00471EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/27 12:0 a.m.520 views

Sitemap < 4.4 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC pagelist...

5.4CVSS1.8AI score0.00471EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/27 12:0 a.m.49 views

All In One WP Security & Firewall < 5.1.3 - Configuration Leak

The plugin leaked settings of the plugin publicly, including the used email address. PoC Config leak in previous versions: "aiowpsremovewpgeneratormetainfo" filetype:txt https://www.google.com/search?q=%22aiowpsremovewpgeneratormetainfo%22+filetype%3Atxt Search for aiowpsemailaddress...

5.3CVSS0.3AI score0.00658EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/27 12:0 a.m.13 views

Rate my Post – WP Rating System < 3.3.9 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. PoC Exploit shortcode: ratemypost-result id='" onmouseover="alert1"'...

5.4CVSS3.7AI score0.00471EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/27 12:0 a.m.8 views

Pardakht Delkhah < 2.9.3 - Unauthenticated Stored XSS

The plugin does not sanitise and escape some parameters, allowing unauthenticated attackers to send a request with XSS payloads, which will be triggered when a high privilege users such as admin visits a page from the plugin. PoC 1. Install and activate WoocCommerce dependency, no configuration...

6.1CVSS0.9AI score0.00526EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/27 12:0 a.m.24 views

EU Cookie Law <= 3.1.6 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. PoC 1. Enter the setting page of this plugin. 2...

4.8CVSS0.3AI score0.0047EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/27 12:0 a.m.26 views

Login as User or Customer < 3.3 - Unauthenticated Privilege Escalation to Admin

The plugin lacks authorization checks to ensure that users are allowed to log in as another one, which could allow unauthenticated attackers to obtain a valid admin session. PoC Run the below command in the developer console of the web browser while being on the blog as an unauthenticated user,...

9.8CVSS4.1AI score0.38625EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/27 12:0 a.m.19 views

Google Analyticator < 6.5.6 - Admin+ PHP Object Injection

The plugin unserializes user input provided via the settings, which could allow high-privilege users such as admin to perform PHP Object Injection when a suitable gadget is present. PoC To simulate a gadget chain, put the following code in the plugin: class Evil public function wakeup : void...

7.2CVSS2AI score0.01046EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/27 12:0 a.m.30 views

FluentAuth < 1.0.2 - Bypass blocks by IP Spoofing

The plugin prioritizes getting a visitor's IP address from certain HTTP headers over PHP's REMOTEADDR, which makes it possible to bypass the IP-based blocks set by the plugin. PoC Set HTTPXREALIP, HTTPXFORWARDEDFOR, HTTPCFCONNECTINGIP or HTTPCLIENTIP to spoof the IP address...

7.5CVSS1.8AI score0.00727EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/27 12:0 a.m.29 views

HashBar – WordPress Notification Bar < 1.3.6 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. PoC Exploit shortcode: hashbarbtn btntarget='" onmouseover="alert1"'...

5.4CVSS3.5AI score0.00534EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/24 12:0 a.m.11 views

Easy Bootstrap Shortcode <= 4.5.4 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC 1. Insert...

5.4CVSS1.9AI score0.00471EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/24 12:0 a.m.27 views

Conditional Payment Methods for WooCommerce <= 1.0 - Admin+ SQLi

The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin|users with a role as low as admin. PoC...

7.2CVSS1.8AI score0.00945EPSS
Exploits2References1Affected Software1
wpvulndb
wpvulndb
added 2022/12/24 12:0 a.m.34 views

Store Locator WordPress < 1.4.9 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Exploit...

5.4CVSS3.3AI score0.00471EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/23 12:0 a.m.17 views

Events Made Easy < 2.3.17 - Subscriber+ Unauthorised AJAX Calls

The plugin does not have authorisation in some AJAX actions, allowing any authenticated users, such as subscriber, to call them...

5.4CVSS3.9AI score0.00518EPSS
Exploits0Affected Software1
wpvulndb
wpvulndb
added 2022/12/23 12:0 a.m.26 views

Easy Accordion < 2.2.0 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Exploit...

5.4CVSS2.1AI score0.00534EPSS
Exploits2Affected Software1
wpvulndb
wpvulndb
added 2022/12/23 12:0 a.m.19 views

Tickera < 3.5.1.0- Plugin Data Deletion via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged-in admin change them via a CSRF attack. PoC 1. Navigate to Tickera Settings » Delete info 2. Delete info request intercept like that POST...

4.3CVSS4.4AI score0.00292EPSS
Exploits2Affected Software1
Total number of security vulnerabilities14603