Lucene search
+L
WpvulndbRecent

14604 matches found

WPVulnDB
WPVulnDB
added 2022/06/15 12:0 a.m.50 views

eaSYNC < 1.1.16 - Unauthenticated Arbitrary File Upload

The plugin suffers from insufficient input validation which leads to arbitrary file upload and subsequently to remote code execution. An AJAX action accessible to unauthenticated users is affected by this issue. An allowlist of valid file extensions is defined but is not used during the validatio...

9.8CVSS1.8AI score0.23487EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/15 12:0 a.m.21 views

Sharebar <= 1.4.1 - Arbitrary Settings Update to Stored XSS via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and also lead to Stored Cross-Site Scripting issue due to the lack of sanitisation and escaping in some of them PoC...

5.4CVSS4.2AI score0.00292EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/15 12:0 a.m.25 views

Photo Gallery by Supsystic < 1.15.6 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack PoC...

5.4CVSS5AI score0.00366EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/15 12:0 a.m.22 views

Core Plugin for Kitestudio Themes < 2.3.1 - Reflected Cross-Site-Scripting

The plugin does not sanitise and escape some parameters before outputting them back in a response of an AJAX action, available to both unauthenticated and authenticated users when a premium theme from the vendor is active, leading to a Reflected Cross-Site Scripting. PoC Install and active the...

6.1CVSS0.7AI score0.00734EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/15 12:0 a.m.20 views

Pagebar < 2.70 - Arbitrary Settings Update via CSRF to Stored XSS

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack. Furthermore, due to the lack of sanitisation in some of them, it could also lead to Stored XSS issues PoC...

5.4CVSS4.6AI score0.00331EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/15 12:0 a.m.27 views

Ninja Forms < 3.6.11 - Unauthenticated PHP Object Injection

The plugin does not validate merge tags provided in the request, which could allow unauthenticated attackers to call any static method present in the blog. One from the plugin in particular could allow for PHP Object Injection when a suitable gadget is also present on the blog. Attackers have bee...

1.3AI score
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/14 12:0 a.m.8 views

Easy Testimonials < 3.9 - Reflected Cross-Site Scripting

The plugin, when used along the Pro version, does not escape an URL before outputting it back in an attribute, leading to Reflected Cross-Site Scripting PoC With the pro version installed and when consent hasn't been given yet:...

1.6AI score
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/14 12:0 a.m.15 views

404 to 301 < 3.1.2 - Reflected Cross-Site Scripting

Description The plugin does not escape some URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting PoC https://example.com/wp-admin/admin.php?page=jj4t3-logs"...

6.4AI score
Exploits0
WPVulnDB
WPVulnDB
added 2022/06/14 12:0 a.m.6 views

Flexible Shipping < 4.11.9 - Reflected Cross-Site Scripting

The plugin does not escape shipping method URLs before outputting them back in an attribute, leading to Reflected Cross-Site Scripting...

1AI score
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/14 12:0 a.m.10 views

WooCommerce Menu Cart < 2.12.0 - Reflected Cross-Site Scripting

The plugin does not escape some URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting PoC When there is no shop active yet: https://example.com/wp-admin/index.php?a"...

Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/14 12:0 a.m.14 views

Gravity PDF < 6.3.1 - Reflected Cross-Site Scripting

The plugin does not escape some URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting PoC https://example.com/wp-admin/admin.php?page=gfeditforms=settings=pdf=1'...

0.8AI score
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/14 12:0 a.m.10 views

Clearfy Cache < 2.0.5 - Reflected Cross-Site Scripting

The plugin does not escape some generated URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting PoC When Disable assets manager on back-end" is off: https://example.com/wp-admin/admin.php?page=gonzales-wbcrclearfy=indexassetsmanager=1"...

0.2AI score
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/14 12:0 a.m.18 views

WordPress Team Manager <= 1.6.9 - Contributor+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some parameters, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks...

5.4CVSS3.1AI score0.00599EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/14 12:0 a.m.11 views

ShortPixel Image Optimizer < 4.22.10 - Reflected Cross-Site Scripting

The plugin does not escape a generated URLs before outputting them back in an attribute, leading to Reflected Cross-Site Scripting PoC https://example.com/wp-admin/options-general.php?page=wp-shortpixel-settings&"...

Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/14 12:0 a.m.14 views

WooCommerce PDF Invoices & Packing Slips < 2.15.0 - Reflected Cross-Site Scripting

The plugin does not escape some URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting PoC https://example.com/wp-admin/admin.php?page=wpowcpdfoptionspage=documents=invoice&"...

0.1AI score
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/14 12:0 a.m.11 views

Woody Code Snippets < 2.4.6 - Reflected Cross-Site Scripting

The plugin does not escape a generated URLs before outputting them back in an attribute, leading to Reflected Cross-Site Scripting PoC https://example.com/wp-admin/edit.php?posttype=wbcr-snippets=import-wbcrinsertphp"...

Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/14 12:0 a.m.7 views

Checkout Fields Manager for WooCommerce < 5.5.7 - Reflected Cross-Site Scripting

The plugin does not escape some URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting PoC https://example.com/wp-admin/admin.php?page=wc-settings=wooccm=advanced&"--...

Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/14 12:0 a.m.14 views

Travel Management <= 2.0 - Contributor+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some parameters, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks...

5.4CVSS2.8AI score0.00633EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/14 12:0 a.m.10 views

WordPress Real Cookie Banner < 2.18.2 - Reflected Cross-Site Scripting

The plugin does not escape some URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting PoC When there is the notice about the updated template: https://example.com/wp-admin/index.php?a"...

0.1AI score
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/14 12:0 a.m.12 views

Modula Image Gallery < 2.6.7 - Reflected Cross-Site Scripting

The plugin does not escape some URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting PoC https://example.com/wp-admin/edit.php?posttype=modula-gallery=modula-addons" Other URLs are affected...

0.6AI score
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/14 12:0 a.m.25 views

Custom Popup Builder <= 1.3.1 - Contributor+ Stored Cross-Site Scripting

The plugin does have proper authorisation in place, and does not sanitise as well as escape some parameters, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks...

5.4CVSS3AI score0.0046EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/14 12:0 a.m.21 views

XO Slider < 3.3.3 - Contributor+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its Slider fields, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks...

5.4CVSS3AI score0.00494EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/14 12:0 a.m.11 views

WP All Export < 1.3.6 - Reflected Cross-Site Scripting

The plugin does not escape some URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting PoC https;?/example.com/wp-admin/admin.php?page=pmxe-admin-manage"...

6.9AI score
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/13 12:0 a.m.52 views

Elementor < 3.5.6 - DOM Reflected Cross-Site Scripting

The plugin does not sanitise and escape user input appended to the DOM via malicious Lightbox settings, resulting in a DOM Cross-Site Scripting issue PoC...

6.1CVSS0.2AI score0.2318EPSS
Exploits7References1Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/13 12:0 a.m.23 views

Gallery < 2.0.0 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape a parameter before outputting it back in the response of an AJAX action available to both unauthenticated and authenticated users, leading to a Reflected Cross-Site Scripting issue PoC...

6.1CVSS0.5AI score0.01626EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/13 12:0 a.m.18 views

WP Contact Slider < 2.4.7 - Editor+ Stored Cross-Site Scripting

The plugin does not sanitize and escape the Text to Display settings of sliders, which could allow high privileged users such as editor and above to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed PoC Create/edit a Slider, select the "text or HTML" for the " What...

4.8CVSS0.8AI score0.00552EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/13 12:0 a.m.29 views

Ninja Forms < 3.6.10 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape field labels, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. PoC As admin, put the following payload in a field label: The XSS will be triggered when editing the form, as well as ...

4.8CVSS2.2AI score0.00552EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/10 12:0 a.m.20 views

Ninja Forms < 3.6.10 - Admin+ Stored Cross-Site Scripting via Import

The plugin does not sanitize and escape some imported data, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. PoC - Make a test form and then export it to your system. - Edit the file and enter an XSS payload like "...

4.8CVSS3.5AI score0.00552EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/10 12:0 a.m.26 views

Age Gate < 2.17.1 - Unauthenticated Stored Cross-Site Scripting

The plugin does not sanitise and escape some parameters, which could allow unauthenticated attackers to perform Stored Cross-Site Scripting attacks...

6.1CVSS4.2AI score0.00763EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/09 12:0 a.m.26 views

Social Share Buttons < 2.2.4 - Subscriber+ SQLi

The plugin does not properly sanitise and escape some parameters before using them in SQL statements available to any authenticated users, leading to SQL injections...

8.8CVSS3AI score0.00765EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/09 12:0 a.m.16 views

Toolbar To Share <= 2.0 - Stored Cross-Site Scripting via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site scripting issue due to a lack of sanitisation and escaping...

8.8CVSS4.3AI score0.00815EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/09 12:0 a.m.16 views

Social Share Buttons by Supsystic < 2.2.4 - Subscriber+ Unauthorised Actions

The plugin does not have proper access controls in some features, which could allow low privilege users to perform unauthorised actions...

8.8CVSS5.4AI score0.00706EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/08 12:0 a.m.8 views

Gallery Bank <= 4.0.50 - Author+ Stored XSS via Gallery Description

The plugin does not sanitise and escape the Gallery Description field, which could allow users with a role as low as Author to perform Stored Cross-Site Scripting attacks...

3.8AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/08 12:0 a.m.9 views

Gallery Bank <= 4.0.50 - Author+ Stored XSS via Media Upload Module

The plugin does not sanitise and escape the Image Title field via the Media Upload module, which could allow users with a role as low as Author to perform Stored Cross-Site Scripting attacks...

3.6AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/08 12:0 a.m.11 views

Copify <= 1.3.0 - Stored Cross-Site Scripting via CSRF

The plugin does not have CSRF when updating its settings, and it also missing sanitisation as well as escaping in some of them. This could allow attackers to make a logged in admin update them and put Stored Cross-Site Scripting payloads in them...

8.8CVSS4.3AI score0.00573EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/08 12:0 a.m.21 views

API KEY for Google Maps < 1.2.2 - Arbitrary API Key Update via CSRF

The plugin does not have CSRF in place when updating the API key, allowing attackers to make a logged in admin perform such action via a CSRF attack...

5.4CVSS5.5AI score0.00415EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/06 12:0 a.m.17 views

XCloner < 4.3.6 - Plugin Settings Reset

The plugin does not have authorisation and CSRF checks when resetting its settings, allowing unauthenticated attackers to reset them, including generating a new backup encryption key. v4.3.5 added capability check, but CSRF one still missing. PoC v 4.3.5 - wget...

4.3CVSS2.7AI score0.00283EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/06 12:0 a.m.21 views

Limit Login Attempts < 4.0.72 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, leading to malicious users with administrator privileges to store malicious Javascript code leading to Cross-Site Scripting attacks when unfilteredhtml is disallowed for example in multisite setup PoC Put the following payload in the...

4.8CVSS4.9AI score0.00848EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/06 12:0 a.m.12 views

Qubely < 1.8.1 - Authenticated Arbitrary Settings Update

The plugin does not have proper authorisation when saving its settings, allowing users with a role as low as subscriber in versions 1.7.9 or contributor in v 1.8.1 to update them PoC As a subscriber Nonce can be taken from the qubelylocalscript-js-extra script on the homepage...

2AI score
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/06 12:0 a.m.22 views

WordPress Security < 4.2.1 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, leading to malicious users with administrator privileges to store malicious Javascript code leading to Cross-Site Scripting attacks when unfilteredhtml is disallowed for example in multisite setup PoC Put the following payload in the...

4.8CVSS0.1AI score0.00561EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/06 12:0 a.m.15 views

miniOrange Google Authenticator < 1.0.5 - CSRF to Stored Cross-Site Scripting

The plugin does not have CSRF check when saving its settings, and does not sanitise as well as escape them, allowing attackers to make a logged in admin change them and perform Cross-Site Scripting attacks PoC v 1.0.4 v 1.0.5...

4.3CVSS3.5AI score0.00412EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/06 12:0 a.m.21 views

miniOrange's Google Authenticator < 5.5.6 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, leading to malicious users with administrator privileges to store malicious Javascript code leading to Cross-Site Scripting attacks when unfilteredhtml is disallowed for example in multisite setup PoC Enable 2FA + Website Security and...

4.8CVSS4.9AI score0.00566EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/06 12:0 a.m.16 views

NextCellent Gallery <= 1.9.35 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its image settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup PoC Create/edit a gallery with at least one image...

4.8CVSS0.7AI score0.00565EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/06 12:0 a.m.16 views

miniOrange's Malware Scanner < 4.5.2 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, leading to malicious users with administrator privileges to store malicious Javascript code leading to Cross-Site Scripting attacks when unfilteredhtml is disallowed for example in multisite setup PoC Put the following payload in the...

4.8CVSS0.3AI score0.00561EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/06 12:0 a.m.18 views

Site Offline or Coming Soon <= 1.6.6 - Stored Cross-Site Scripting via CSRF

The plugin does not have CSRF check in place when updating its settings, and it also lacking sanitisation as well as escaping in some of them. As a result, attackers could make a logged in admin change them and put Cross-Site Scripting payloads in them via a CSRF attack PoC...

6.1CVSS3AI score0.00757EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/06 12:0 a.m.19 views

Nested Pages < 3.1.21 - Admin+ Stored Cross Site Scripting

The plugin does not escape and sanitize the some of its settings, which could allow high privilege users to perform Stored Cross-Site Scripting attacks when the unfilteredhtml is disallowed PoC Put the following payload on the "Menu Name" settings of the plugin: "onmouseover=alert"XSS"//...

4.8CVSS1.9AI score0.0064EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/06 12:0 a.m.18 views

Google Authenticator < 1.0.8 - Admin+ Stored Cross-Site Scripting

The plugin does not escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed PoC Put the following payload in the Account Name settings and click on the 'Change App name' button: " autofocus...

4.8CVSS2.4AI score0.00565EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/06 12:0 a.m.24 views

Login using WordPress Users < 1.13.4 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup PoC Put the following payload in the "IDP Metadata" "Id...

4.8CVSS1.9AI score0.0064EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/03 12:0 a.m.19 views

Image Gallery - Grid Gallery < 1.1.6 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitize and escape some of its Image fields, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed PoC Create a gallery with the "Gallery Theme" set to "Gallery Image 2", add an image and put the...

4.8CVSS1.5AI score0.00565EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/03 12:0 a.m.27 views

Form - Contact Form <= 1.2.4 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitize and escape Custom text fields, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed PoC Create/edit a form, add a Custom Text field, put the following payload in it: , save the field and...

4.8CVSS2AI score0.00565EPSS
Exploits2Affected Software1
Total number of security vulnerabilities14604