14603 matches found
Vitepos < 3.0.2 - Missing Authorization
Description The Vitepos plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 3.0.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform unauthorized actions...
Advanced Most Recent Posts Mod <= 1.6.5.2 - Authenticated (Author+) Stored Cross-Site Scripting
Description The Advanced Most Recent Posts Mod plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.6.5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level access and...
WordPress Ad Widget <= 2.20.0 - Authenticated (Admin+) Stored Cross-Site Scripting
Description The WordPress Ad Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.20.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
LA-Studio Element Kit for Elementor < 1.3.7.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via LaStudioKit Post Author Widget
Description The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's LaStudioKit Post Author widget in all versions up to, and including, 1.3.7.5 due to insufficient input sanitization and output escaping on user supplied attribute...
KB Support < 1.6.1 - Missing Authorization
Description The KB Support plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the kbsajaxdisplayticketnotes and kbsajaxdisplayticketreplies function in versions up to, and including, 1.6.0. This makes it possible for authenticated attackers, wit...
XStore Core <= 5.3.5 - Unauthenticated SQL Injection
Description The XStore Core plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 5.3.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to...
XStore Core <= 5.3.5 - Unauthenticated PHP Object Injection
Description The XStore Core plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 5.3.5 via deserialization of untrusted input. This makes it possible for unauthenticated attackers to inject a PHP Object. No POP chain is present in the vulnerable plugin...
Pretty Google Calendar < 2.0.0 - Contributor+ Stored XSS
Description The plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user...
VOD Infomaniak <= 1.5.6 - Reflected Cross-Site Scripting
Description The VOD Infomaniak plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 1.5.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages tha...
Piotnet Addons For Elementor Pro <= 7.1.17 - Unauthenticated Server-Side Request Forgery
Description The Piotnet Addons For Elementor Pro plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.1.17. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application...
Easy Accept Payments < 5.0 - Missing Authorization
Description The Easy Accept Payments via PayPal plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 4.9.10. This makes it possible for unauthenticated attackers to perform an unauthorized action...
Absolutely Glamorous Custom Admin < 7.2.4 - Admin+ SSRF
Description The plugin is vulnerable to Server-Side Request Forgery, allowing authenticated attackers, with administrator-level access and above, to make web requests to arbitrary locations originating from the web application which can be used to query and modify information from internal servic...
XStore < 9.3.9 - Unauthenticated Local File Inclusion
Description The theme is vulnerable to Local File Inclusion, allowing unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution...
Barcode Scanner with Inventory & Order Manager < 1.5.4 - Missing Authorization
Description The Barcode Scanner with Inventory & Order Manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 1.5.3. This makes it possible for unauthenticated attackers to perform an unauthorized action...
Serious Slider <= 1.2.4 - Cross-Site Request Forgery
Description The Serious Slider plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.4. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to perform an unauthorized action...
XStore Core <= 5.3.5 - Authenticated (Subscriber+) Limited Arbitrary File Upload
Description The XStore Core plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 5.3.5. This makes it possible for authenticated attackers, with subscriber-level access and above, to upload arbitrary files on the...
XforWooCommerce <= 2.0.2 - Authenticated (Subscriber+) Local File Inclusion
Description The XforWooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.0.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to include and execute arbitrary files on the server, allowing the...
FameTheme Demo Importer < 1.1.6 - Cross-Site Request Forgery
Description The plugin is vulnerable to Cross-Site Request Forgery due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to perform an unauthorized action granted they can trick a site administrator into performing an action such as...
Opal Widgets For Elementor <= 1.6.9 - Authenticated (Contributor+) Stored Cross-Site Scripting
Description The Opal Widgets For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.6.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and...
Follow Us Badges < 3.1.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpsite_follow_us_badges Shortcode
Description The Follow Us Badges plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpsitefollowusbadges shortcode in all versions up to, and including, 3.1.10 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
SSU < 1.5.1 - Missing Authorization
Description The SSU plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the deleteawsoptions function in versions up to, and including, 1.5.0. This makes it possible for unauthenticated attackers to delete AWS options...
WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting < 1.13.2 - Authenticated (AccountingManager+) SQL Injection
Description The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting plugin for WordPress is vulnerable to time-based SQL Injection via the id parameter in all versions up to, and including, 1.13.1 due to insufficient escaping on the user supplied parameter...
WPZOOM Addons for Elementor (Templates, Widgets) <= <=1.1.35 - Authenticated (Contributor+) Stored Cross-Site Scripting
Description The WPZOOM Addons for Elementor Templates, Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 1.1.35 due to insufficient input sanitization and output escaping on user supplied attributes like...
Filterable Portfolio <= 1.6.4 - Authenticated (Admin+) Stored Cross-Site Scripting
Description The Filterable Portfolio plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.6.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
XStore < 9.3.9 - Subscriber+ Arbitrary Options Update
Description The theme is vulnerable to unauthorized modification of data due to a missing capability check on a function, allowing authenticated attackers, with subscriber-level access and above, to update arbitrary options which can be used to achieve privilege escalation...
Better Elementor Addons < 1.4.2 - Authenticated(Contributor+) Local File Inclusion
Description The Better Elementor Addons plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.4.1. This makes it possible for authenticated attackers, with contributor-level access and above, to include and execute arbitrary files on the server, allowi...
WooCommerce Amazon Affiliates - Wordpress Plugin <= 14.0.10 - Missing Authorization
Description The WooCommerce Amazon Affiliates - Wordpress Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 14.0.10. This makes it possible for unauthenticated attackers to perform an unauthorized...
XStore < 9.3.9 - Missing Authorization
Description The theme is vulnerable to unauthorized access due to a missing capability check on a function, allowing unauthenticated attackers to perform an unauthorized action...
Customify Site Library <= 0.0.9 - Unauthenticated Remote Code Execution
Description The Customify Site Library plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 0.0.9. This makes it possible for unauthenticated attackers to execute code on the server...
Hide Dashboard Notifications < 1.3 - Cross-Site Request Forgery
Description The Hide Dashboard Notifications plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.3. This is due to missing or incorrect nonce validation on the warningnoticessettings function. This makes it possible for unauthenticated...
Smart Recent Posts Widget <= 1.0.3 - Authenticated (Admin+) Stored Cross-Site Scripting
Description The Smart Recent Posts Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
Sydney Toolbox < 1.31 - Authenticated (Contributor+) Stored Cross-Site Scripting
Description The Sydney Toolbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the style parameter in all versions up to, and including, 1.30 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor acce...
Piotnet Addons For Elementor Pro <= 7.1.17 - Missing Authorization to Arbitrary Post/Page Deletion
Description The Piotnet Addons For Elementor Pro plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on a function in all versions up to, and including, 7.1.17. This makes it possible for unauthenticated attackers to delete arbitrary pages and posts...
CF7 File Download – File Download for CF7 <= 2.0 - Authenticated (Admin+) Stored Cross-Site Scripting
Description The CF7 File Download – File Download for CF7 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...
MainWP Child Reports < 2.2 - Cross-Site Request Forgery
Description The MainWP Child Reports plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.1. This is due to missing or incorrect nonce validation on the uninstall function. This makes it possible for unauthenticated attackers to deactivate the...
Barcode Scanner with Inventory & Order Manager < 1.5.4 - Unauthenticated Privilege Escalation
Description The Barcode Scanner and Inventory manager. POS Point of Sale – scan barcodes & create orders with barcode reader. plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.5.3. This is due to the plugin not properly restricting user meta values...
XStore < 9.3.9 - Reflected Cross-Site Scripting
Description The theme is vulnerable to Reflected Cross-Site Scripting due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an...
Radio Station by netmix® – Manage and play your Show Schedule in WordPress! < 2.5.8 - Cross-Site Request Forgery to Notice Dismissal
Description The Radio Station by netmix® – Manage and play your Show Schedule in WordPress! plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.5.7. This is due to missing or incorrect nonce validation on the radiostationnoticedismiss function...
Knowledge Base documentation & wiki plugin – BasePress < 2.16.2.1 - Missing Authorization
Description The Knowledge Base documentation & wiki plugin – BasePress plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several AJAX actions in versions up to, and including, 2.16.1. This makes it possible for authenticated attackers, with...
Contact Form 7 Extension For Mailchimp <= 0.5.70 - Cross-Site Request Forgery
Description The Contact Form 7 Extension For Mailchimp plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.5.70. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to perform...
Carousel Slider < 2.2.11 - Editor+ Stored XSS
Description The plugin does not sanitise and escape some parameters, which could allow users with a role as low as editor to perform Cross-Site Scripting attacks PoC 1. Create a new slider and inset: 1212"onmouseover='alert1' to "URL View" field...
XStore Core <= 5.3.5 - Unauthenticated Privilege Escalation
Description The XStore Core plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 5.3.5. This makes it possible for unauthenticated attackers to gain higher privileged access to a vulnerable site...
Payment Gateway Based Fees and Discounts for WooCommerce < 2.12.2 - Cross-Site Request Forgery to Notice Dismissal
Description The Payment Gateway Based Fees and Discounts for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.12.1. This is due to missing or incorrect nonce validation on the dismissnotice function. This makes it possible for...
Master Addons for Elementor < 2.0.5.6 - Missing Authorization on Duplicate Post
Description The Master Addons for Elementor plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the jltmaduplicatorrowactions function in versions up to, and including, 2.0.5.4.1. This makes it possible for authenticated attackers, with...
Element Pack Pro <= 7.7.4 - Authenticated (Contributor+) Arbitrary File Read and PHAR Deserialization
Description The Element Pack Pro - Addon for Elementor Page Builder WordPress Plugin plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 7.7.4. This makes it possible for authenticated attackers, with contributor-level access and above, to read the...
XStore Core <= 5.3.5 - Authenticated (Subscriber+) Limited Arbitrary File Download
Description The et-core-plugin plugin for WordPress is vulnerable to arbitrary file downloads in all versions up to, and including, 5.3.5. This is due to the plugin not properly restricting which files can be downloaded. This makes it possible for authenticated attackers, with subscriber-level...
Fan Page Widget by ThemeNcode < 2.1 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
Booster for WooCommerce < 7.1.9 - Unauthenticated Arbitrary Shortcode Execution
Description The Booster for WooCommerce plugin is vulnerable to Unauthenticated Arbitrary Shortcode Execution in versions up to, and including, 7.1.8. This allows unauthenticated attackers to execute arbitrary shortcodes. The severity and exploitability depends on what other plugins are installed...
Meks ThemeForest Smart Widget <= 1.6 - Authenticated (Admin+) Stored Cross-Site Scripting
Description The Meks ThemeForest Smart Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
Auto Featured Image (Auto Post Thumbnail) <= 4.0.0 - Authenticated (Author+) Server-Side Request Forgery
Description The Auto Featured Image Auto Post Thumbnail plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.0. This makes it possible for authenticated attackers, with author-level access and above, to make web requests to arbitrary location...