Lucene search
+L
WpvulndbRecent

14604 matches found

WPVulnDB
WPVulnDB
added 2022/05/30 12:0 a.m.20 views

Google XML Sitemaps < 4.1.3 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape a settings before outputting it in the Debug page, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC Put the following payload in the "Try ...

4.8CVSS0.00565EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/30 12:0 a.m.18 views

WP-Email < 2.69.0 - Log Deletion via CSRF

The plugin does not protect its log deletion functionality with nonce checks, allowing attacker to make a logged in admin delete logs via a CSRF attack PoC...

6.5CVSS4AI score0.00513EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/27 12:0 a.m.23 views

Easy Pricing Tables < 3.1.3 - Author+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some parameters, which could allow users with a role as low as author to perform Stored Cross-Site Scripting attacks...

4.8CVSS3.3AI score0.00528EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/27 12:0 a.m.19 views

Plausible Analytics < 1.2.4 - Subscriber+ Arbitrary Settings Update

The plugin has a flawed logic when checking for authorisation and CSRF before updating its settings, allowing any authenticated users, such as subscriber, to update the plugin's settings. The attack is also possible via CSRF against any authenticated user. PoC POST /wp-admin/admin-ajax.php HTTP/1...

1AI score
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/27 12:0 a.m.18 views

Admin Management Xtended < 2.4.5 - Multiple CSRF

The plugin does not have CSRF in various places and actions, allowing attackers to make a logged in users perform unauthorised actions on their behalf via CSRF attacks...

8.8CVSS5.4AI score0.0039EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/26 12:0 a.m.18 views

Image Slider by NextCode <= 1.1.2 - Multiple CSRF

The plugin does not have CSRF in various places and actions, allowing attackers to make a logged in users perform unauthorised actions on their behalf via CSRF attacks...

8.8CVSS5.2AI score0.00414EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/26 12:0 a.m.22 views

Post Grid, Slider & Carousel Ultimate < 1.5.0 - Admin+ Stored XSS

The plugin does not sanitise and escape the Header Title, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. PoC Create a new Grid/Caroussel, in the General Settings, enable "Display Header Title" and put the...

4.8CVSS0.8AI score0.00565EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/26 12:0 a.m.15 views

Seamless Donations < 5.1.9 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack PoC Some link: https://google.com...

6.5CVSS3.4AI score0.00513EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/26 12:0 a.m.19 views

underConstruction < 1.20 - Construction Mode Deactivation via CSRF

The plugin does not have CSRF check in place when deactivating the construction mode, which could allow attackers to make a logged in admin perform such action via a CSRF attack PoC...

4.3CVSS5.6AI score0.00412EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/26 12:0 a.m.21 views

Hotel Booking <= 3.0 - Contributor+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some parameters, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks...

5.4CVSS2.6AI score0.00494EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/26 12:0 a.m.23 views

Image Slider by NextCode <= 1.1.2 - Arbitrary Slide Deletion via CSRF

The plugin does not have CSRF in place when deleting slides, allowing attackers to make a logged in admin perform such action via a CSRF attack...

5.4CVSS6AI score0.00389EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/26 12:0 a.m.15 views

underConstruction < 1.21 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise or escape the "Display a custom page using your own HTML" setting before outputting it, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiletredhtml capability is disallowed. PoC In the plugin's settings, active Under Contraction...

4.8CVSS4.7AI score0.00565EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/26 12:0 a.m.15 views

Mail Subscribe List < 2.1.4 - Arbitrary Subscribed User Deletion via CSRF

The plugin does not have CSRF check in place when deleting subscribed users, which could allow attackers to make a logged in admin perform such action and delete arbitrary users from the subscribed list PoC...

4.3CVSS4.5AI score0.00412EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/26 12:0 a.m.28 views

Image Slider by NextCode <= 1.1.2 - Author+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some parameters, which could allow users with a role as low as author to perform Stored Cross-Site Scripting attacks...

4.8CVSS3.3AI score0.00519EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/25 12:0 a.m.18 views

Private Messages For WordPress <= 2.1.10 - Subscriber+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some parameters, which could allow users with a role as low as subscriber to perform Stored Cross-Site Scripting attacks...

5.4CVSS3AI score0.00524EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/25 12:0 a.m.17 views

Private Messages For WordPress <= 2.1.10 - Arbitrary Message Sent via CSRF

The plugin does not have CSRF in place when sending messages, allowing attackers user sent arbitrary message on their behalf via a CSRF attack...

4.3CVSS5.7AI score0.00389EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/24 12:0 a.m.21 views

WP Statistic < 13.2.2 - Admin+ Stored Cross-Site Scripting

The plugin does not properly sanitise and escape some of its settings, which could allow a high privilege users to perform Stored Cross-Site Scripting attacks when unfiltredhtml is disallowed...

6.1CVSS2.7AI score0.00969EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/24 12:0 a.m.28 views

Ocean Extra < 1.9.5 - Reflected Cross-Site Scripting

The plugin does not escape generated links which are then used when the OceanWP theme is active, leading to a Reflected Cross-Site Scripting issue PoC https://example.com/wp-admin/?step=demo=owpsetup"...

6.1CVSS0.3AI score0.01388EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/24 12:0 a.m.24 views

Rating by BestWebSoft < 1.6 - Rating Denial of Service

The plugin does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service on the post/page when a user submit such rating PoC Under Settings - Discussion, uncheck "Comment must be manually approved" Install and Enable Rating BestWebSoft plugin Change...

6.5CVSS1.9AI score0.01204EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/23 12:0 a.m.22 views

Private Files <= 0.40 - Protection Disabling via CSRF

The plugin is missing CSRF check when disabling the protection, which could allow attackers to make a logged in admin perform such action via a CSRF attack and make the blog public PoC That will also delete the .htaccess...

4.3CVSS4.8AI score0.00412EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/23 12:0 a.m.18 views

Core Control <= 1.2.1 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack PoC...

4.9AI score0.00285EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/23 12:0 a.m.17 views

Genki Pre-Publish Reminder <= 1.4.1 - Stored XSS & RCE via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored XSS as well as RCE when custom code is added via the plugin settings. PoC...

8.8CVSS4.4AI score0.00597EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/23 12:0 a.m.13 views

RB Internal Links <= 2.0.16 - Stored Cross-Site Scripting via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, as well as perform Stored Cross-Site Scripting attacks due to the lack of sanitisation and escaping PoC...

5.4CVSS4.1AI score0.00292EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/23 12:0 a.m.17 views

One Click Plugin Updater <= 2.4.14 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and disable / hide the badge of the available updates and the related check. PoC...

8.1CVSS4AI score0.00517EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/23 12:0 a.m.19 views

Static Page eXtended <= 2.1 - Arbitrary Settings Update via CSRF to Stored XSS

Due to missing checks the plugin is vulnerable to CSRF attacks which allows changing the plugin settings, including required user levels for specific features. This could also lead to Stored Cross-Site Scripting due to the lack of escaping in some of the settings PoC...

5.4CVSS1.5AI score0.00292EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/23 12:0 a.m.15 views

Simple Membership < 4.1.1 - Reflected Cross-Site Scripting

The plugin does not properly sanitise and escape parameters before outputting them back in AJAX actions, leading to Reflected Cross-Site Scripting PoC https://example.com/wp-admin/admin-ajax.php?action=swpmvalidateemail=%22%3Cscript%3Ealert%22XSS%22;%3C/script%3E...

6.1CVSS0.6AI score0.01693EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/23 12:0 a.m.18 views

LaTeX for WordPress <= 3.4.10 - Arbitrary Settings Update via CSRF to Stored XSS

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack which could also lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping PoC...

5.4CVSS4.2AI score0.00292EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/23 12:0 a.m.18 views

Filr - Secure Document Library < 1.2.2.1 - Subscriber+ AJAX Calls

The plugin does not have authorisation check in two of its AJAX actions, allowing them to be called by any authenticated users, such as subscriber. They are are protected with a nonce, however the nonce is leaked on the dashboard. This could allow them to upload arbitrary HTML files as well as...

8.8CVSS0.01263EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/23 12:0 a.m.15 views

postTabs <= 2.10.6 - Arbitrary Settings Update via CSRF to Stored XSS

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, which also lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping PoC...

5.4CVSS4.1AI score0.00292EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/23 12:0 a.m.14 views

Change Uploaded File Permissions <= 4.0.0 - File Permission Update via CSRF

Due to missing checks the plugin is vulnerable to CSRF attacks. This can be used to change the file and folder permissions of any folder. This could be problematic when specific files like ini files are made readable for everyone due to this. PoC...

6.5CVSS2.2AI score0.00736EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/23 12:0 a.m.20 views

Quick Subscribe <= 1.7.1 - Arbitrary Settings Update via CSRF to Stored XSS

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and leading to Stored XSS due to the lack of sanitisation and escaping in some of them PoC...

5.4CVSS4.3AI score0.00292EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/23 12:0 a.m.19 views

Keep Backup Daily < 2.0.3 - Reflected Cross-Site Scripting

The plugin does not escape and sanitise the t parameter before outputting it back in a page, leading to a Reflected Cross-Site Scripting...

6.1CVSS1.4AI score0.01031EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/23 12:0 a.m.13 views

WP Admin Style <= 0.1.2 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed PoC Put the following payload in the CSS settings of the plugin:...

4.8CVSS2.2AI score0.00565EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/23 12:0 a.m.18 views

Sticky Popup <= 1.2 - Admin+ Stored Cross-Site Scripting

The plugin does not escape and sanitise the popuptitle setting, which could allow high privilege users to perform Stored Cross-Site Scripting attacks when the unfilteredhtml is disallowed...

5.5CVSS2.6AI score0.00526EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/23 12:0 a.m.21 views

Appointment Hour Booking < 1.3.56 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape a settings of its Calendar fields, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed. PoC Create/edit a calendar, and put the following payload in the "Additional CSS Class" settings of...

4.8CVSS0.9AI score0.00565EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/23 12:0 a.m.20 views

Newsletter < 7.4.5 - Reflected Cross-Site Scripting

The plugin does not sanitize and escape the $SERVER'REQUESTURI' before echoing it back in admin pages. Although this uses addslashes, and most modern browsers automatically URLEncode requests, this is still vulnerable to Reflected XSS in older browsers such as Internet Explorer 9 or below. PoC...

6.1CVSS0.4AI score0.01785EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/23 12:0 a.m.12 views

Sideblog <= 6.0 - Arbitrary Settings Update via CSRF to Stored XSS

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping PoC The XSS will be triggered in the Sideblog widget...

5.4CVSS2.5AI score0.00292EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/23 12:0 a.m.13 views

Peter’s Collaboration E-mails <= 2.2.0 - Arbitrary Settings Update via CSRF

The plugin is vulnerable to CSRF due to missing nonce checks. This allows the change of its settings, which can be used to lower the required user level, change texts, the used email address and more. PoC...

6.5CVSS2.8AI score0.00502EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/23 12:0 a.m.19 views

Zephyr Project Manager < 3.2.41 - Reflected Cross-Site Scripting

The plugin does not escape and sanitise the project parameter before outputting it back in a page, leading to a Reflected Cross-Site Scripting...

6.1CVSS1.2AI score0.01031EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/23 12:0 a.m.19 views

WP-chgFontSize <= 1.8 - Arbitrary Settings Update via CSRF to Stored XSS

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping PoC...

5.4CVSS4AI score0.00292EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/23 12:0 a.m.18 views

New User Email Set Up <= 0.5.2 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack PoC...

6.5CVSS4.8AI score0.00513EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/23 12:0 a.m.25 views

Like Button Rating < 2.6.45 - Arbitrary e-mail Sending

The plugin allows any logged-in user, such as subscriber, to send arbitrary e-mails to any recipient, with any subject and body PoC As a subscriber, run the below command in the web developer console of the browser fetch"/wp-admin/admin-ajax.php?action=likebtntestvotenotification", "headers":...

6.5CVSS3.5AI score0.0077EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/23 12:0 a.m.7 views

Minimal Coming Soon – Coming Soon Page < 2.35 - Multiple Authenticated Stored XSS

The plugin does not sanitize or escape some of its settings, allowing high privilege users such as admin to se Cross-Site Scripting payload in them, which will be triggered in the backend. A PoC As admin, put the following in the Custom CSS setting...

2.5AI score
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/23 12:0 a.m.20 views

KiviCare < 2.3.9 - Unauthenticated SQLi

The plugin does not sanitise and escape some parameters before using them in SQL statements via the ajaxpost AJAX action with the getdoctordetails route, leading to SQL Injections exploitable by unauthenticated users PoC With at least one doctor created via the plugin: v 2.3.4 curl...

9.8CVSS2.8AI score0.12619EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/21 12:0 a.m.24 views

Slideshow, Image Slider by 2J <= 1.3.54 - Reflected Cross-Site Scripting

Description The plugin does not sanitise and escape a parameter before outputting it back in a page accessible to contributors and above, leading to a Reflected Cross-Site Scripting...

5.4CVSS5.4AI score0.00505EPSS
Exploits0
WPVulnDB
WPVulnDB
added 2022/05/20 12:0 a.m.17 views

Export any WordPress data to XML/CSV < 1.3.5 - Admin+ SQL Injection

The plugin does not sanitize the cpt POST parameter when exporting post data before using it in a database query, leading to an SQL injection vulnerability. PoC 1. Go to the All Export New Export screen in the WordPress admin. 2. Now click on Specific Post Type Posts. 3. Click now on Migrate...

7.2CVSS1AI score0.01269EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/19 12:0 a.m.37 views

Google Tag Manager for WordPress < 1.15.1 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape the s parameter before outputting it back in a page when the search data is included in the data layer related settings is Basic data Search data...

6.1CVSS1AI score0.90154EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/18 12:0 a.m.20 views

Email Users <= 4.8.8 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and change the notification settings of arbitrary users PoC...

6.5CVSS4.1AI score0.00513EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/18 12:0 a.m.22 views

Latest Tweets Widget <= 1.1.4 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack PoC...

6.5CVSS4.8AI score0.00513EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/18 12:0 a.m.26 views

HC Custom WP-Admin URL <= 1.4 - Unauthenticated Secret URL Disclosure

The plugin leaks the secret login URL when sending a specific crafted request PoC curl -sIXGET -H "Cookie: validloginslug=1" https://example.com/wp-login.php HTTP/2 302 x-redirect-by: WordPress location: secret...

5.3CVSS5.2AI score0.02621EPSS
Exploits2Affected Software1
Total number of security vulnerabilities14604