Lucene search
K
WpvulndbRecent

14602 matches found

WPVulnDB
WPVulnDB
added 2024/05/10 12:0 a.m.10 views

Blocksy Companion < 2.0.46 - Contributor+ Stored Cross-Site Scripting via SVG Uploads

Description The Blocksy Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG uploads in versions up to, and including, 2.0.45 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level...

6.4CVSS5.5AI score0.00429EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/10 12:0 a.m.13 views

Hotel Booking Lite < 4.11.2 - Unauthenticated PHP Object Injection

Description The Hotel Booking Lite plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.11.1 via deserialization of untrusted input. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the...

9.8CVSS7AI score0.00852EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/10 12:0 a.m.10 views

Thim Elementor Kit < 1.1.9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter

Description The Thim Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.1.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.5AI score0.00353EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/10 12:0 a.m.13 views

Migration Backup Restore < 3.5.0 - Admin+ SSRF

Description The plugin does not prevent users with the administrator role from pinging conducting SSRF attacks, which may be a problem in multisite configurations. PoC 1. Click on "Upload Backup" and add http://127.0.0.1:XXX/123.wpstg - "Upload". If the port is open it will return an error "Not...

9.3AI score0.00591EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/10 12:0 a.m.16 views

Unlimited Elements For Elementor (Free Widgets, Addons, Templates) < 1.5.105 - Contributor+ SQL Injection

Description The Unlimited Elements For Elementor Free Widgets, Addons, Templates plugin for WordPress is vulnerable to time-based SQL Injection via the ‘id’ parameter in all versions up to, and including, 1.5.102 due to insufficient escaping on the user supplied parameter and lack of sufficient...

8.8CVSS6.9AI score0.00821EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/10 12:0 a.m.11 views

Pods – Custom Content Types and Fields < 3.2.1.1 - Contributor+ Stored Cross-Site Scripting via Pod Form Redirect URL

Description The Pods – Custom Content Types and Fields plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Pod Form widget in all versions up to, and including, 3.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possib...

5.4CVSS5.9AI score0.00439EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/10 12:0 a.m.16 views

Gutenberg Blocks by Kadence Blocks – Page Builder Features < 3.2.37 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Timer

Description The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the countdown timer in all versions up to, and including, 3.2.36 due to insufficient input sanitization and output escaping on user supplied...

6.4CVSS5.5AI score0.00433EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/10 12:0 a.m.10 views

Falang multilanguage for WordPress < 1.3.50 - Authenticated (Administrator+) Stored Cross-Site Scripting

Description The Falang multilanguage for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.3.49 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

4.4CVSS5.4AI score0.0035EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/10 12:0 a.m.11 views

Shopping Cart & eCommerce Store < 5.6.5 - Sensitive Information Exposure

Description The Shopping Cart & eCommerce Store plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.6.4 via the order report functionality. This makes it possible for unauthenticated attackers to extract sensitive data including order detai...

5.3CVSS6.3AI score0.00496EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/10 12:0 a.m.13 views

Kognetiks Chatbot for WordPress < 2.0.0 - Unauthenticated Arbitrary File Upload via chatbot_chatgpt_upload_file_to_assistant Function

Description The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the chatbotchatgptuploadfiletoassistant function in all versions up to, and including, 1.9.9. This makes it possible for unauthenticated attackers,...

9.8CVSS7.5AI score0.00905EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/10 12:0 a.m.14 views

Beaver Builder < 2.8.1.3 - Contributor+ Stored Cross-Site Scripting via photo widget crop attribute

Description The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the photo widget crop attribute in all versions up to, and including, 2.8.1.2 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.5AI score0.00486EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/09 12:0 a.m.19 views

Ninja Forms – The Contact Form Builder That Grows With You < 3.8.1 - Admin+ Stored Cross-Site Scripting

Description The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a form field in all versions up to, and including, 3.8.0 due to insufficient input sanitization and output escaping. This makes it possible for...

5.8AI score0.00454EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/09 12:0 a.m.23 views

LearnPress – WordPress LMS Plugin < 4.2.6.6 - Authenticated (Instructor+) Arbitrary File Upload

Description The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'savepostmaterials' function in versions up to, and including, 4.2.6.5. This makes it possible for authenticated attackers, with Instructor-lev...

8.8CVSS7.9AI score0.01025EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/09 12:0 a.m.12 views

Unlimited Elements For Elementor (Free Widgets, Addons, Templates) < 1.5.103 - Reflected Cross-Site Scripting

Description The Unlimited Elements For Elementor Free Widgets, Addons, Templates plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'googleconnecterror' parameter in all versions up to, and including, 1.5.102 due to insufficient input sanitization and output escaping. Th...

6.1CVSS6.5AI score0.00397EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/09 12:0 a.m.11 views

Elegant Themes Divi Theme, Extra Theme, Divi Page Builder <= 4.25.0 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting

Description The Elegant Themes Divi theme, Extra theme, and Divi Page Builder plugin for WordPress are vulnerable to DOM-Based Stored Cross-Site Scripting via the ‘title’ parameter in versions up to, and including, 4.25.0 due to insufficient input sanitization and output escaping. This makes it...

6.4CVSS5.9AI score0.00505EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/05/09 12:0 a.m.12 views

Starter Templates — Elementor, WordPress & Beaver Builder Templates < 4.1.7 - Contributor+ Server-Side Request Forgery

Description The Starter Templates — Elementor, WordPress & Beaver Builder Templates plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.1.6 via the aiapirequest. This makes it possible for authenticated attackers, with contributor-level access...

4.3CVSS6.7AI score0.00574EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/09 12:0 a.m.18 views

Essential Addons for Elementor < 5.9.20 - Contributor+ DOM-Based Stored Cross-Site Scripting via Several Widgets

Description The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'Fancy Text', 'Filter Gallery', 'Sticky Video', 'Content Ticker', 'Woo Product Gallery', & 'Twitter...

6.4CVSS5.9AI score0.00343EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/09 12:0 a.m.42 views

Max Mega Menu < 3.3.1 - Missing Authorization

Description The Max Mega Menu plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the sandbox function in all versions up to, and including, 3.3. This makes it possible for authenticated attackers, with subscriber-level access and above, to trigger the...

5.4CVSS6.7AI score0.00324EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/09 12:0 a.m.15 views

Colibri Page Builder < 1.0.249 - Missing Authorization

Description The Colibri Page Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpajaxcolibripagebuilderwpmusetting AJAX action in all versions up to, and including, 1.0.248. This makes it possible for authenticated attackers,...

5.4CVSS6.6AI score0.00358EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/09 12:0 a.m.15 views

Spectra Pro < 1.1.6 - Authenticated (Author+) Privilege Escalation

Description The Spectra Pro plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.1.5. This is due to the plugin allowing lower-privileged users to create registration forms and set the default role to administrator This makes it possible for...

8.8CVSS6.8AI score0.00563EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/09 12:0 a.m.17 views

White Label CMS < 2.7.4 - Missing Authorization to Plugin Settings Reset

Description The White Label CMS plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the resetplugin function in all versions up to, and including, 2.7.3. This makes it possible for unauthenticated attackers to reset plugin settings...

5.3CVSS7AI score0.00425EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/09 12:0 a.m.19 views

Gutenberg Blocks with AI by Kadence WP – Page Builder Features < 3.2.20 - Contributor+ Server-Side Request Forgery

Description The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.2.19. This makes it possible for authenticated attackers, with contributor-level access and above, to make web...

7.7CVSS6.7AI score0.00505EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/09 12:0 a.m.13 views

Unlimited Elements For Elementor (Free Widgets, Addons, Templates) < 1.5.103 - Admin+ Command Injection

Description The Unlimited Elements For Elementor Free Widgets, Addons, Templates plugin for WordPress is vulnerable to command injection in all versions up to, and including, 1.5.102. This is due to insufficient filtering of template attributes during the creation of HTML for custom widgets This...

7.2CVSS7.9AI score0.01749EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/09 12:0 a.m.14 views

LearnPress – WordPress LMS Plugin < 4.2.6.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via layout_html Parameter

Description The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘layouthtml’ parameter in all versions up to, and including, 4.2.6.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS5.5AI score0.0034EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/09 12:0 a.m.18 views

Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders < 5.9.20 - Contributor+ Stored Cross-Site Scripting via 'Dual Color Header', 'Event Calendar', & 'Advanced Data Table'

Description The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'Dual Color Header', 'Event Calendar', & 'Advanced Data Table' widgets in all versions up to, and...

6.5CVSS5.9AI score0.00508EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/09 12:0 a.m.13 views

EmbedPress Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor < 3.9.17 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter

Description The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 3.9.16 due to...

6.4CVSS5.9AI score0.0034EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/09 12:0 a.m.11 views

Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders < 5.9.20 - Contributor+ Stored Cross-Site Scripting via 'Interactive Circles'

Description The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Interactive Circle widget in all versions up to, and including, 5.9.19 due to insufficient input...

6.4CVSS5.9AI score0.00343EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/09 12:0 a.m.19 views

LearnPress – WordPress LMS Plugin < 4.2.6.6 - Unauthenticated Bypass to User Registration

Description The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to bypass to user registration in versions up to, and including, 4.2.6.5. This is due to missing checks in the 'createaccount' function in the checkout. This makes it possible for unauthenticated attackers to...

6.5CVSS7AI score0.00712EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/09 12:0 a.m.26 views

LearnPress – WordPress LMS Plugin < 4.2.6.6 - Unauthenticated Time-Based SQL Injection

Description The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the ‘termid’ parameter in versions up to, and including, 4.2.6.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...

9.8CVSS9.6AI score0.36925EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/09 12:0 a.m.14 views

EWWW Image Optimizer < 7.3.0 - Cross-Site Request Forgery

Description The EWWW Image Optimizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 7.2.3. This is due to missing or incorrect nonce validation on the checkforoptin and checkforoptout functions. This makes it possible for unauthenticated...

4.3CVSS6.6AI score0.00253EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/09 12:0 a.m.11 views

Orders Tracking for WooCommerce < 1.2.11 - Unauthenticated Arbitrary Shortcode Execution

Description The The Orders Tracking for WooCommerce plugin for WordPress for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.2.10. This is due to the plugin allowing users to execute an action that does not properly validate a value before running...

6.5CVSS7.4AI score0.00623EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/09 12:0 a.m.10 views

HTML5 Audio Player- Best WordPress Audio Player Plugin < 2.2.22 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets

Description The HTML5 Audio Player- Best WordPress Audio Player Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 2.2.19 due to insufficient input sanitization and output escaping on user supplied attributes. Th...

6.4CVSS5.9AI score0.00456EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/09 12:0 a.m.13 views

Gutenberg Blocks with AI by Kadence WP < 3.2.37 - Contributor+ Stored Cross-Site Scripting via Block Link

Description The Gutenberg Blocks with AI by Kadence WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'link' attribute of the plugin's blocks in all versions up to, and including, 3.2.36 due to insufficient input sanitization and output escaping on user supplied...

6.4CVSS5.8AI score0.0034EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/08 12:0 a.m.23 views

Porto < 7.1.1 - Unauthenticated Local File Inclusion via porto_ajax_posts

Description The Porto theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 7.1.0 via the 'portoajaxposts' function. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any P...

9.8CVSS8.1AI score0.02687EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/08 12:0 a.m.15 views

Gianism <= 5.1.0 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. Go to...

5.4AI score0.00372EPSS
Exploits2
WPVulnDB
WPVulnDB
added 2024/05/08 12:0 a.m.16 views

Site Reviews < 7.0.0 - IP Spoofing

Description The plugin retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to bypass IP-based blocking PoC Request sent to the server to add review: POST /wordpress/wp-admin/admin-ajax.php HTTP/1.1 Host: localhost:8888...

6.5AI score0.00565EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/08 12:0 a.m.13 views

Swift Performance Lite < 2.3.6.19 - Subscriber+ Settings Update

Description The plugin is vulnerable to unauthorized access due to a missing capability check on the ajaxhandler function, allowing authenticated attackers, with subscriber-level access and above, to retrieve and modify settings...

5.4CVSS6.2AI score0.00413EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/08 12:0 a.m.20 views

GiveWP – Donation Plugin and Fundraising Platform < 3.5.0 - Authenticated (GiveWP Manager+) PHP Object Injection

Description The GiveWP plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.4.2 via deserialization of untrusted input. This makes it possible for authenticated attackers, with give manager-level access and above, to inject a PHP Object. No known POP...

8CVSS7.4AI score0.00622EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/08 12:0 a.m.17 views

Porto Theme - Functionality < 3.1.1 - Authenticated (Contributor+) Local File Inclusion via Shortcode

Description The Porto Theme - Functionality plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.1.0 via the 'portoportfolios' shortcode 'portfoliolayout' attribute. This makes it possible for authenticated attackers, with contributor-level and above...

8.8CVSS7.9AI score0.01002EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/08 12:0 a.m.14 views

Themify Shortcodes < 2.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via themify_button Shortcode

Description The Themify Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's themifybutton shortcode in all versions up to, and including, 2.0.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...

6.4CVSS5.9AI score0.00385EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/08 12:0 a.m.11 views

Enter Addons < 2.1.6 - Contributor+ Stored XSS via Heading widget

Description The plugin is vulnerable to Stored Cross-Site Scripting via the Heading widget due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or above, to inject arbitrary web scripts in pages that will execute...

6.4CVSS6AI score0.00429EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/08 12:0 a.m.12 views

Pure Chat – Live Chat Plugin & More! <= 2.22 - Authenticated (Subscriber+) Stored Cross-Site Scripting

Description The Pure Chat – Live Chat Plugin & More! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the purechatwid and purechatwname parameter in all versions up to, and including, 2.22 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.9AI score0.0045EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/05/08 12:0 a.m.22 views

Anti-Malware Security and Brute-Force Firewall < 4.23.56 - Unauthenticated Remote Code Execution

Description The Anti-Malware Security and Brute-Force Firewall plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.21.96 due to weak nonce generation combined with missing authorization. This makes it possible for unauthenticated attackers to brute...

9CVSS8.1AI score0.00869EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/08 12:0 a.m.10 views

Porto < 7.1.1 - Authenticated (Contributor+) Local File Inclusion via Post Meta

Description The Porto theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 7.1.0 via 'portopageheadershortcodetype', 'slideshowtype' and 'postlayout' post meta. This makes it possible for authenticated attackers, with contributor-level and above...

8.8CVSS7.9AI score0.01538EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/08 12:0 a.m.13 views

Enter Addons < 2.1.6 - Contributor+ Stored XSS via Animation Title widget

Description The plugin is vulnerable to Stored Cross-Site Scripting via the Animation Title widget's img tag due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access and higher, to inject arbitrary web scripts in pages...

6.4CVSS5.9AI score0.00429EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/08 12:0 a.m.12 views

Playlist for Youtube <= 1.32 - Editor+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. Go to...

5.4AI score0.00332EPSS
Exploits2
WPVulnDB
WPVulnDB
added 2024/05/08 12:0 a.m.11 views

Gallery Block (Meow Gallery) < 5.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Gallery Block Meow Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘dataatts’ parameter in versions up to, and including, 5.1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.9AI score0.00446EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/08 12:0 a.m.18 views

Breakdance < 1.7.2 - Authenticated (Contributor+) Remote Code Execution

Description The Breakdance plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.7.1 via post meta data. This is due to the plugin storing custom data in metadata with an underscore prefix. This makes it possible for lower privileged users, such as...

8.8CVSS8.3AI score0.00902EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/08 12:0 a.m.14 views

Porto Theme - Functionality < 3.1.0 - Authenticated (Contributor+) Local File Inclusion via Post Meta

Description The Porto Theme - Functionality plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.0.9 via the 'slideshowtype' post meta. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and...

8.8CVSS7.9AI score0.01002EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/08 12:0 a.m.24 views

Survey Maker < 4.1.0 - IP Address Spoofing

Description The Survey Maker – Best WordPress Survey Plugin plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 4.0.9 due to insufficient IP address validation and/or use of user-supplied HTTP headers as a primary method for IP retrieval. This makes it...

6.9AI score0.00263EPSS
Exploits0References1Affected Software1
Total number of security vulnerabilities14602