Lucene search
K
WpvulndbRecent

14602 matches found

WPVulnDB
WPVulnDB
added 2024/05/02 12:0 a.m.21 views

Flattr <= 1.2.2 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. Go to "Flattr" settings 2. In...

5.3AI score0.00372EPSS
Exploits2
WPVulnDB
WPVulnDB
added 2024/05/02 12:0 a.m.49 views

Elementor Website Builder Pro < 3.21.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting

Description The Elementor Website Builder – More than Just a Page Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the several parameters in versions up to, and including, 3.21.0 due to insufficient input sanitization and output escaping. This makes it possible fo...

6.4CVSS5.9AI score0.00419EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/02 12:0 a.m.26 views

ProfileGrid – User Profiles, Memberships, Groups and Communities < 5.8.0 - Insecure Direct Object Reference

Description The ProfileGrid – User Profiles, Memberships, Groups and Communities plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.7.9 due to missing validation on a user controlled key. This makes it possible for authenticated attacker...

8.8CVSS6.7AI score0.00448EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/02 12:0 a.m.19 views

Last Viewed Posts by WPBeginner < 1.0.1 - Unauthenticated PHP Object Injection

Description The Last Viewed Posts by WPBeginner plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.0 via deserialization of untrusted input from the LastViewedPosts Cookie. This makes it possible for unauthenticated attackers to inject a PHP Objec...

9.8CVSS7.7AI score0.01158EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/02 12:0 a.m.18 views

CAS <= 1.0.0 - Unauthenticated SSRF

Description The plugin does not validate a parameter before making a request to it, which could allow unauthenticated users to perform SSRF attack PoC https://example.com/wp-content/themes/cas/download.php?path=http://127.0.0.1:8080...

6.6AI score0.01836EPSS
Exploits2
WPVulnDB
WPVulnDB
added 2024/05/02 12:0 a.m.13 views

Pet Manager <= 1.4 - Reflected XSS

Description The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC 1. Add a pet and publish the listing 2. View the pet on the frontend of the site...

5.7AI score0.00347EPSS
Exploits2
WPVulnDB
WPVulnDB
added 2024/05/02 12:0 a.m.20 views

CAS <= 1.0.0 - Unauthenticated Arbitrary File Access

Description This plugin does not validate a path generated with user input when downloading files, allowing unauthenticated user to download arbitrary files from the server PoC https://example.com/wp-content/themes/cas/download.php?path=...

6.7AI score0.00719EPSS
Exploits1
WPVulnDB
WPVulnDB
added 2024/05/02 12:0 a.m.27 views

Button contact VR <= 4.7 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC Click on the "Button contact" and...

5.4AI score0.0033EPSS
Exploits2References1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.13 views

ColorNews < 1.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The ColorNews theme for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.2.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject...

6.5CVSS6AI score0.00339EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.15 views

Knowledge Base documentation & wiki plugin – BasePress < 2.16.2.1 - Authenticated (Subscriber+) Server-Side Request Forgery

Description The Knowledge Base documentation & wiki plugin – BasePress Docs plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.16.1 via the themestylerender function. This makes it possible for authenticated attackers, with subscriber-level...

5CVSS6.7AI score0.00353EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.10 views

PopupAlly <= 2.1.1 - Authenticated (Admin+) Stored Cross-Site Scripting

Description The PopupAlly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...

5.9CVSS5.9AI score0.00359EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.14 views

Piotnet Addons For Elementor Pro <= 7.1.17 - Cross-Site Request Forgery

Description The Piotnet Addons For Elementor Pro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 7.1.17. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to perform an...

5.4CVSS6.4AI score0.00211EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.12 views

The Plus Blocks for Block Editor | Gutenberg < 3.2.6 - Missing Authorization

Description The The Plus Blocks for Block Editor | Gutenberg plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the Tpfdeletetransient function in versions up to, and including, 3.2.5. This makes it possible for authenticated attackers, with...

8.8CVSS6.7AI score0.0043EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.14 views

Piotnet Addons For Elementor < 2.4.27 - Contributor+ Stored XSS

Description The plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user...

6.5CVSS6.3AI score0.00342EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.18 views

User Meta < 3.1 - Unauthenticated Sensitive Information Exposure

Description The User Meta – User Profile Builder and User management plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.0 via the /views/debug.php file. This makes it possible for unauthenticated attackers, with to extract sensitive...

5.3CVSS6.9AI score0.01121EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.16 views

WooCommerce Amazon Affiliates - Wordpress Plugin <= 14.0.10 - Reflected Cross-Site Scripting

Description The WooCommerce Amazon Affiliates - Wordpress Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 14.0.10 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to injec...

7.1CVSS6.5AI score0.00375EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.28 views

WooCommerce Amazon Affiliates - Wordpress Plugin <= 14.0.10 - Unauthenticated SQL Injection

Description The WZone plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 14.0.10 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to...

9.3CVSS7.8AI score0.00629EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.23 views

WooCommerce Amazon Affiliates - Wordpress Plugin <= 14.0.10 - Authenticated (Subscriber+) Privilege Escalation

Description The WooCommerce Amazon Affiliates - Wordpress Plugin plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 14.0.10. This makes it possible for authenticated attackers, with subscriber-level access and above, to elevate their privileges...

8.8CVSS7.1AI score0.00512EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.27 views

ClickCease Click Fraud Protection <= 3.2.6 - Cross-Site Request Forgery

Description The plugin is vulnerable to Cross-Site Request Forgery due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to perform unauthorized actions via a forged request granted they can trick a site administrator into performing an...

4.3CVSS4.4AI score0.00203EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.14 views

Meks Smart Social Widget <= 1.6.4 - Authenticated (Admin+) Stored Cross-Site Scripting

Description The Meks Smart Social Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.6.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

5.9CVSS5.7AI score0.00341EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.16 views

Save as PDF plugin by Pdfcrowd < 3.2.1 - Missing Authorization

Description The Save as PDF plugin by Pdfcrowd plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the createsamplebutton function in versions up to, and including, 3.2.0. This makes it possible for authenticated attackers, with...

6.5CVSS6.4AI score0.00279EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.17 views

Easy Set Favicon <= 1.1 - Reflected Cross-Site Scripting

Description The Easy Set Favicon plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages tha...

7.1CVSS6.5AI score0.00356EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.18 views

Regenerate post permalink <= 1.0.3 - Cross-Site Request Forgery

Description The Regenerate post permalink plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.3. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to perform an unauthorized...

7.1CVSS6.6AI score0.00197EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.16 views

MF Gig Calendar <= 1.2.1 - Cross-Site Request Forgery

Description The MF Gig Calendar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.1. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to perform an unauthorized action...

8.8CVSS6.7AI score0.00236EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.11 views

WP Page Post Widget Clone <= 1.0.1 - Missing Authorization

Description The WP Page Post Widget Clone plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 1.0.1. This makes it possible for authenticated attackers, with contributor-level access and above, to perform...

5.4CVSS6.7AI score0.00308EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.15 views

Five Star Restaurant Reservations < 2.6.17 - Missing Authorization

Description The Five Star Restaurant Reservations plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions in versions up to, and including, 2.6.16. This makes it possible for unauthenticated attackers to perform unauthorized actions...

5.3CVSS7AI score0.00384EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.12 views

Piotnet Addons For Elementor Pro <= 7.1.17 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Piotnet Addons For Elementor Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 7.1.17 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access...

9.8CVSS5.8AI score0.00441EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.22 views

WPPizza < 3.18.11 - Missing Authorization

Description The WPPizza plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the adminajax function found in several files in versions up to, and including, 3.18.10. This makes it possible for authenticated attackers, with subscriber-level...

6.5CVSS6.7AI score0.00494EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.15 views

Video Conferencing with Zoom < 4.4.5 - Open Redirect

Description The Video Conferencing with Zoom plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 4.4.4. This is due to insufficient validation on a redirect url. This makes it possible for unauthenticated attackers to redirect users to potentially malicious...

4.7CVSS6.9AI score0.00408EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.15 views

EPROLO Dropshipping < 1.7.2 - Missing Authorization

Description The EPROLO Dropshipping plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the eprolodisconnect, eproloreflsh, and eproloconnectkey functions in versions up to, and including, 1.7.1. This makes it possible for authenticated...

4.3CVSS6.6AI score0.00376EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.15 views

Assistant – Every Day Productivity Apps < 1.4.9.2 - Unauthenticated Sensitive Information Exposure

Description The Assistant – Every Day Productivity Apps plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.9.1 via publicly accessible files. This makes it possible for unauthenticated attackers to view potentially sensitive information...

5.3CVSS6.4AI score0.00443EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.12 views

Financio < 1.1.4 - Cross-Site Request Forgery to Notice Dismissal

Description The Financio theme for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.3. This is due to missing or incorrect nonce validation on the noticeclosed function. This makes it possible for unauthenticated attackers to dismiss notices via a...

4.3CVSS6.6AI score0.002EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.21 views

XStore Core <= 5.3.5 - Missing Authorization

Description The XStore Core plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions in versions up to, and including, 5.3.5. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform unauthorized...

8.8CVSS6.7AI score0.00417EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.10 views

WZone <= 14.0.10 - Missing Authorization

Description The WZone plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 14.0.10. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform unauthorized actions...

8.8CVSS6.7AI score0.00387EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.14 views

Smart Maintenance Mode <= 1.4.4 - Cross-Site Request Forgery

Description The Smart Maintenance Mode plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.4. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to perform an unauthorized...

5.4CVSS6.7AI score0.00211EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.10 views

WP Portfolio < 2.5 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The WP Portfolio theme for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject...

6.5CVSS6AI score0.00351EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.13 views

WP Video Lightbox < 1.9.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via width Parameter

Description The WP Video Lightbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘width’ parameter in all versions up to, and including, 1.9.10 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.8AI score0.00447EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.17 views

XStore < 9.3.9 - Unauthenticated SQLi

Description The theme is vulnerable to SQL Injection due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that c...

9.3CVSS9.6AI score0.03553EPSS
Exploits3References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.12 views

OrderConvo < 12.5 - Missing Authorization to Arbitrary File Upload

Description The Admin and Customer Messages After Order for WooCommerce: OrderConvo plugin for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on a REST API endpoint in all versions up to, and including, 12.4. This makes it possible for unauthenticated attacker...

10CVSS8.2AI score0.01071EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.13 views

Client Dash <= 2.2.1 - Missing Authorization

Description The Client Dash plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 2.2.1. This makes it possible for unauthenticated attackers to perform an unauthorized action...

5.3CVSS7AI score0.00524EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.14 views

Secure Copy Content Protection and Content Locking < 3.9.1 - Missing Authorization

Description The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the deactivatesccpoption function in versions up to, and including, 3.9.0. This makes it possible for unauthenticated...

5.3CVSS6.8AI score0.00384EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.16 views

Annual Archive <= 1.6.0 - Authenticated (Admin+) Stored Cross-Site Scripting

Description The Annual Archive plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.6.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...

5.9CVSS5.9AI score0.00362EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.21 views

WooCommerce Amazon Affiliates - Wordpress Plugin <= 14.0.10 - Authenticated (Subscriber+) SQL Injection

Description The WooCommerce Amazon Affiliates - Wordpress Plugin plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 14.0.10 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

9.6CVSS7.5AI score0.00529EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.21 views

Recencio Book Reviews <= 1.66.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Recencio Book Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.66.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above,...

6.5CVSS5.9AI score0.00373EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.25 views

Crelly Slider <= 1.4.5 - Authenticated (Subscriber+) Insecure Direct Object Reference

Description The Crelly Slider plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.4.5 due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with subscriber-level access and above, to perfo...

4.3CVSS6.7AI score0.00411EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.13 views

XStore Core <= 5.3.5 - Authenticated (Subscriber+) Local File Inclusion

Description The XStore Core plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 5.3.5. This makes it possible for authenticated attackers, with subscriber-level access and above, to include and execute arbitrary files on the server, allowing the...

8.8CVSS7.9AI score0.0056EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.21 views

Smart Forms < 2.6.92 - Missing Authorization to Notice Dismissal

Description The Smart Forms plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the rednaosmartformsdontshowagain function in versions up to, and including, 2.6.91. This makes it possible for authenticated attackers, with subscriber-level...

4.3CVSS6.7AI score0.0034EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.13 views

All-in-One Video Gallery < 3.6.5 - Contributor+ Arbitrary File Upload via featured image

Description The plugin is vulnerable to arbitrary file uploads due to missing file type validation in the aiovgcreateattachmentfromexternalimageurl function. This makes it possible for authenticated attackers, with contributor access and above, to upload arbitrary files on the affected site's...

8.8CVSS8.9AI score0.01558EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.12 views

XStore < 9.3.9 - Missing Authorization

Description The XStore theme for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 9.3.5. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform unauthorized actions...

8.8CVSS9AI score0.00354EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/01 12:0 a.m.15 views

Vitepos < 3.0.2 - Missing Authorization

Description The Vitepos plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 3.0.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform unauthorized actions...

4.3CVSS6.7AI score0.00376EPSS
Exploits0References1Affected Software1
Total number of security vulnerabilities14602