14602 matches found
Photos and Files Contest Gallery < 21.3.2.1 - Authenticated (Contributor+) SQL Injection
Description The Photos and Files Contest Gallery – Contact Form, Upload Form, Social Share and Voting Competition Plugin for WordPress plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 21.3.2 due to insufficient escaping on the user supplied parameter and...
Unique <= 0.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
Description The Unique theme for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 0.3.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject...
Xserver Migrator < 1.6.2.1 - Arbitrary File Upload via CSRF
Description The plugin is vulnerable to Cross-Site Request Forgery due to missing or incorrect nonce validation on an unknown function. This makes it possible for unauthenticated attackers to upload arbitrary files granted they can trick a site administrator into performing an action such as...
Realtyna Organic IDX plugin < 4.14.8 - Reflected XSS
Description The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
Democracy Poll <= 6.0.3 - Missing Authorization
Description The Democracy Poll plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 6.0.3. This makes it possible for unauthenticated attackers to perform an unauthorized action...
Ultimate Under Construction < 1.9.4 - Authenticated (Administrator+) Stored Cross-Site Scripting
Description The Ultimate Under Construction plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.9.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
Eleblog – Elementor Blog And Magazine Addons <= 1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting
Description The Eleblog – Elementor Blog And Magazine Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-lev...
Sliding Widgets <= 1.5.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting
Description The Sliding Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level access and above, to...
Progressive WordPress (PWA) <= 2.1.13 - Missing Authorization
Description The Progressive WordPress PWA plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 2.1.13. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform ...
WP Media folder < 5.7.3 - Missing Authorization to Authenticated(Subscriber+) Title Modification
Description The wp-media-folder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on an unknown function in all versions up to, and including, 5.7.2. This makes it possible for authenticated attackers, with subscriber access and above, to...
Print My Blog – Print, PDF, & eBook Converter WordPress Plugin < 3.26.3 - Missing Authorization
Description The Print My Blog – Print, PDF, & eBook Converter WordPress Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions like the saveProjectGenerate function in all versions up to, and including, 3.26.2. This...
Edge < 2.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Author Display Name
Description The Edge theme for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.0.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrar...
Sheets To WP Table Live Sync < 3.7.1 - Authenticated (Administrator+) Stored Cross-Site Scripting
Description The Table Plugin for WordPress with Google Sheets Integration – Sheets to WP Table Live Sync plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.7.0 due to insufficient input sanitization and output escaping. Thi...
Edwiser Bridge < 3.0.6 - Authentication Bypass due to Missing Empty Value Check
Description The Build App Online plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.0.5. This is due to the 'ebuseremailverificationkey' default value is empty, and the not empty check is missing in the 'ebuseremailverify' function. This makes it...
ADFO – Custom data in admin dashboard < 1.9.1 - Cross-Site Request Forgery
Description The ADFO – Custom data in admin dashboard plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.9.0. This is due to missing or incorrect nonce validation on several functions hooked via the controller function. This makes it possible...
ADFO – Custom data in admin dashboard < 1.9.1 - Reflected Cross-Site Scripting
Description The ADFO – Custom data in admin dashboard plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'dbpid' parameter in all versions up to, and including, 1.9.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
Advanced Ads – Ad Manager & AdSense < 1.52.2 - Authenticated (Admin+) PHP Object Injection
Description The Advanced Ads plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.52.1 via deserialization of untrusted input in the 'placementslug' parameter. This makes it possible for authenticated attackers to inject a PHP Object. No POP chain is...
Advanced Ads – Ad Manager & AdSense < 1.52.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Ad Widget
Description The Advanced Ads – Ad Manager & AdSense plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Advanced Ad widget in all versions up to, and including, 1.52.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
Soccer Engine – Soccer Plugin for WordPress < 1.13 - Cross-Site Request Forgery
Description The Soccer Engine – Soccer Plugin for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.12. This is due to missing or incorrect nonce validation when saving match and team settings. This makes it possible for...
Adventure Journal <= 1.7.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
Description The Adventure Journal theme for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.7.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with...
Restaurant and Cafe < 1.2.2 - Cross-Site Request Forgery to Notice Dismissal
Description The Restaurant and Cafe theme for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.1. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to dismiss notices via a forged...
HT Mega – Absolute Addons For Elementor < 2.5.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Tooltip & Popover Widget
Description The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Tooltip & Popover Widget in all versions up to, and including, 2.5.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes...
The Plus Addons for Elementor < 5.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Age Gate
Description The The Plus Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Age Gate widget in all versions up to, and including, 5.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
RomethemeKit For Elementor < 1.4.2 - Missing Authorization
Description The RomethemeKit For Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the addNewPost function in versions up to, and including, 1.4.1. This makes it possible for unauthenticated attackers to add new posts...
EventON < 2.2.15 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
Share This Image < 1.99 - Open Redirect
Description The plugin is vulnerable to Open Redirect due to insufficient validation on a redirect url supplied. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action...
Pliska < 0.3.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Author Display Name
Description The Pliska theme for WordPress is vulnerable to Stored Cross-Site Scripting via author display names in all versions up to, and including, 0.3.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...
Giphypress <= 1.6.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
Description The Giphypress plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.6.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject...
Digital Publications by Supsystic < 1.7.8 - Missing Authorization
Description The WordPress Flipbook by Supsystic plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 1.7.7. This makes it possible for unauthenticated attackers to perform an unauthorized action...
Google Typography <= 1.1.2 - Missing Authorization
Description The Google Typography plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 1.1.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform an...
PropertyHive < 2.0.11 - Authenticated (Contributor+) Stored Cross-Site Scripting
Description The PropertyHive plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.0.10 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to injec...
WP Post Author <= 3.6.5 - Missing Authorization
Description The WP Post Author plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function allowing authenticated attackers, with subscriber-level access and above, to perform an unauthorized action...
Squelch Tabs and Accordions Shortcodes < 0.4.8 - Cross-Site Request Forgery
Description The Squelch Tabs and Accordions Shortcodes plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.4.7. This is due to missing or incorrect nonce validation when saving plugin settings. This makes it possible for unauthenticated attacke...
Custom Field Suite < 2.6.6 - Authenticated (Admin+) Stored Cross-Site Scripting
Description The Custom Field Suite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'cfsfieldsname' parameter in all versions up to, and including, 2.6.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
ReviewX < 1.6.22 - Missing Authorization
Description The ReviewX plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the remotepost function in versions up to, and including, 1.6.21. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform a post...
Debug Log Manager < 2.3.2 - Missing Authorization via toggle_debugging
Description The Debug Log Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the toggledebugging function in versions up to, and including, 2.3.1. This makes it possible for authenticated attackers, with subscriber-level access and...
GWP-Histats <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
Description The GWP-Histats plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject...
Preview E-mails for WooCommerce < 2.2.2 - Reflected Cross-Site Scripting
Description The Preview E-mails for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...
WidgetKit <= 2.5.0 - Missing Authorization to Notice Dismissal
Description The WidgetKit plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wktdadsdismissnotice function in versions up to, and including, 2.4.8. This makes it possible for unauthenticated attackers to dismiss notices...
BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net < 1.1.4.3 - Reflected Cross-Site Scripting
Description The BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 1.1.4.2 due to insufficient input sanitization and output escaping. This makes it possibl...
AJAX Login and Registration modal popup + inline form <= 2.23 - Authenticated (Author+) Stored Cross-Site Scripting
Description The AJAX Login and Registration modal popup + inline form plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.23 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
JW Player for WordPress <= 2.3.3 - Missing Authorization
Description The JW Player for WordPress plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 2.3.3. This makes it possible for unauthenticated attackers to perform an unauthorized action...
School Management Pro <= 10.3.4 - Authenticated (School Admin+) SQL Injection
Description The The School Management Pro plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 10.3.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
AI Engine < 2.1.5 - Authenticated (Editor+) Server-Side Request Forgery
Description The AI Engine plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.1.4 via the downloadimage function. This makes it possible for authenticated attackers, with editor-level access and above, to make web requests to arbitrary locatio...
Tumult Hype Animations < 1.9.13 - Authenticated (Author+) Arbitrary File Upload
Description The Tumult Hype Animations plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the hypeanimationspanelupload functionin all versions up to, and including, 1.9.12. This makes it possible for authenticated attackers, with author-level...
Sina Extension for Elementor < 3.5.2 - Authenticated (Contributor+) Local File Inclusion
Description The Sina Extension for Elementor Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.5.1. This makes it possible for authenticated...
ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup < 4.0.27 - Authenticated (Contributor+) PHP Object Injection
Description The ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.0.26 via deserialization of untrusted input. This makes it possible for authenticated...
Mooberry Book Manager < 4.15.13 - Unauthenticated Information Exposure via Export Files
Description The Mooberry Book Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.15.12 via exported files. This makes it possible for unauthenticated attackers to extract potentially sensitive information from those files...
SP Project & Document Manager <= 4.70 - Authenticated (Subscriber+) Arbitrary Folder Name Update
Description The SP Project & Document Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the cdmsavecategory AJAX action in all versions up to, and including, 4.70. This makes it possible for authenticated attackers, with...
Academy LMS < 1.9.17 - Missing Authorization
Description The Academy LMS plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on afunction in versions up to, and including, 1.9.16. This makes it possible for authenticated attackers, with student-level access and above, to perform an unauthorized action...