14603 matches found
GG Woo Feed for WooCommerce Shopping Feed < 1.2.7 - Missing Authorization
Description The GG Woo Feed for WooCommerce Shopping Feed on Google Facebook and Other Channels plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on several functions in the /inc/Core/ajax-functions.php file in all versions up to, and...
PeproDev CF7 Database <= 1.8.0 - Cross-Site Request Forgery
Description The PeproDev CF7 Database plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.8.0. This is due to missing or incorrect nonce validation on an unknown function. This makes it possible for unauthenticated attackers to perform an unkno...
Popup Anything < 2.8.1 - Missing Authorization
Description The Popup Anything – Popup for opt-ins and Lead Generation Conversions plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the popupaocrenderpopuppreview function in all versions up to, and including, 2.8.0. This makes it possible for...
Schema & Structured Data for WP & AMP < 1.30 - Authenticated (Contributor+) Stored Cross-Site Scripting via How To and FAQ Blocks
Description The Schema & Structured Data for WP & AMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's "How To" and "FAQ" Blocks in all versions up to, and including, 1.29 due to insufficient input sanitization and output escaping on user supplied attributes. Thi...
Collapse-O-Matic < 1.8.5.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Description The Collapse-O-Matic plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'expand' shortcode in all versions up to, and including, 1.8.5.5 due to insufficient input sanitization and output escaping on the 'tag' user supplied attribute. This makes it...
WP Datepicker < 2.1.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update
Description The WP Datepicker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpdpaddnewdatepickerajax function in all versions up to, and including, 2.1.0. This makes it possible for authenticated attackers, with subscriber-level...
Attesa Extra < 1.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
Description The Attesa Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 1.3.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
BMI Adult & Kid Calculator < 1.2.2 - Cross-Site Request Forgery to Cross-Site Scripting
Description The BMI Adult & Kid Calculator plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.1. This is due to missing or incorrect nonce validation on several AJAX functions. This makes it possible for unauthenticated attackers to inject...
Mega Addons For Elementor < 1.9 - Missing Authorization
Description The plugin is vulnerable to unauthorized access due to a missing capability check on a function. This makes it possible for unauthenticated attackers to perform an unauthorized action...
PeproDev Ultimate Invoice < 2.0.2 - Missing Authorisation
Description The plugin is vulnerable to unauthorized access due to a missing capability check on a function, allowing unauthenticated attacker to perform an unauthorized action...
App Builder < 3.8.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Description The App Builder – Create Native Android & iOS Apps On The Flight plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode in all versions up to, and including, 3.8.8 due to insufficient input sanitization and output escaping on user supplied...
Wp Ultimate Review < 2.3.0 - Unauthenticated Review Restriction Bypass
Description The WP Ultimate Review plugin for WordPress is vulnerable to bypass review restrictions in all versions up to, and including, 2.2.5. This is due to the plugin not properly enforcing review restrictions. This makes it possible for unauthenticated attackers to review things multiple tim...
Multi Currency For WooCommerce < 1.5.6 - Missing Authorization
Description The Multi Currency For WooCommerce plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the AddAdminAjaxAction function in all versions up to, and including, 1.5.5. This makes it possible for authenticated attackers, with subscriber-level acce...
Ultimate Blocks < 3.1.7 - Contributor+ Stored XSS
Description The plugin does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC As a contributor, put the below code in...
Ovic Responsive WPBakery <= 1.3.0 - Missing Authorization
Description The Ovic Responsive WPBakery plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 1.3.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform an...
Access Category Password <= 1.5.1 - Reflected Cross-Site Scripting
Description The Access Category Password plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 1.5.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web script...
Premium Addons for Elementor < 4.10.29 - Contributor+ Stored Cross-Site Scripting
Description The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the subcontainer value parameter in all versions up to, and including, 4.10.28 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
Barcode Scanner with Inventory & Order Manager < 1.5.4 - Missing Authorization
Description The Barcode Scanner with Inventory & Order Manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 1.5.3. This makes it possible for authenticated attackers, with subscriber-level access and...
MyRewards < 5.3.1 - Missing Authorization
Description The MyRewards plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions in the /assets/lws-adminpanel/include/internal/ajax.php file in versions up to, and including, 5.3.0. This makes it possible for authenticated attackers, with...
FileOrganizer and FileOrganizer Pro < 1.0.7 - Authenticated Stored Cross-Site Scripting
Description The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to Stored Cross-Site Scripting via svg file upload in all versions up to, and including, 1.0.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
Zero Spam < 5.5.7 - Spam Protection Bypass
Description The plugin is vulnerable to bypass, allowing unauthenticated attackers to bypass spam protections in place...
WPC Frequently Bought Together for WooCommerce < 7.0.4 - Missing Authorization
Description The WPC Frequently Bought Together for WooCommerce plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the ajaxgetsearchresults, ajaximportexport, and ajaximportexportsave functions in versions up to, and including, 7.0.3. This makes it...
Poll Maker <= 3.4 - Authenticated (Subscriber+) Arbitrary File Upload
Description The WP Poll Maker – Best WordPress Poll Plugin for Voting Contest plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 3.4. This makes it possible for authenticated attackers, with subscriber-level acces...
Custom Order Statuses for WooCommerce <= 1.5.2 - Missing Authorization
Description The Custom Order Statuses for WooCommerce plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 1.5.2. This makes it possible for authenticated attackers, with subscriber-level access and above, ...
Wp Ultimate Review < 2.3.0 - Unauthenticated Insecure Direct Object Reference
Description The WP Ultimate Review plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.5 due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to perform an unauthorized action...
Canva – Design beautiful blog graphics <= 1.2.4 - Reflected Cross-Site Scripting
Description The Canva – Design beautiful blog graphics plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 1.2.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
KODO Qiniu < 1.5.1 - Cross-Site Request Forgery
Description The KODO Qiniu plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to 1.5.1 exclusive. This is due to missing or incorrect nonce validation on the kodosettingpage function. This makes it possible for unauthenticated attackers to replace URLs via a forge...
WP Dummy Content Generator < 3.3.0 - Unauthenticated Code Injection
Description The WP Dummy Content Generator plugin for WordPress is vulnerable to Remote Code Execution in all versions up to 3.3.0 exclusive. This makes it possible for unauthenticated attackers to execute code on the server...
Shared Files < 1.7.17 - Missing Authorization to Notice Dismissal
Description The Shared Files plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the processnotifications function in versions up to, and including, 1.7.16. This makes it possible for unauthenticated attackers to dismiss notices...
TrackShip for WooCommerce < 1.7.6 - Missing Authorization
Description The TrackShip for WooCommerce plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 1.7.5. This makes it possible for unauthenticated attackers to perform an unauthorized action...
Custom Thank You Page Customize For WooCommerce by Binary Carpenter < 1.4.14 - Missing Authorization
Description The Custom Thank You Page Customize For WooCommerce by Binary Carpenter plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the activationcallback function in all versions up to, and including, 1.4.13. This makes it possible for authenticated...
wpDiscuz < 7.6.16 - Authenticated (Author+) Stored Cross-Site Scripting via Uploaded Image Alternative Text
Description The wpDiscuz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Alternative Text' field of an uploaded image in all versions up to, and including, 7.6.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
Bulk Block Converter <= 1.0.1 - Reflected Cross-Site Scripting
Description The Bulk Block Converter plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...
WPC Grouped Product for WooCommerce < 4.4.3 - Missing Authorization
Description The WPC Grouped Product for WooCommerce plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the ajaxupdatesearchsettings, ajaxgetplugins, and ajaxgetessentialkit functions in all versions up to, and including, 4.4.2. This makes it possible fo...
Order Limit for WooCommerce < 2.0.1 - Missing Authorization
Description The Order Limit for WooCommerce plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the saverules, savewcoloptions, xsollwcsupportform, and wcolloadnewrow functions in versions up to, and including, 2.0.0. This makes it possible for...
Theme My Login < 7.1.7 - Missing Authorization to Notice Dismissal
Description The Theme My Login plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tmladminajaxdismissnotice function in all versions up to, and including, 7.1.6. This makes it possible for authenticated attackers, with subscriber-level...
Wp Ultimate Review < 2.3.0 - Missing Authorization
Description The Wp Ultimate Review plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the wurmetaboxcontentsave function in versions up to, and including, 2.2.5. This makes it possible for unauthenticated attackers to leave reviews on password...
Open Close WooCommerce Store < 4.9.2 - Missing Authorization
Description The Open Close WooCommerce Store – Best Business Schedules Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxswitchactive and ajaxupdatetimezone functions in all versions up to, and including, 4.9.1. This makes...
Send PDF for Contact Form 7 < 1.0.2.4 - Missing Authorization
Description The Send PDF for Contact Form 7 plugin for WordPress is vulnerable to unauthorized access of form submissions due to a missing capability check on the hooks function in all versions up to, and including, 1.0.2.3. This makes it possible for unauthenticated attackers to download...
Related Posts for WordPress <= 4.0.3 - Cross-Site Request Forgery
Description The Related Posts for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.0.3. This is due to missing or incorrect nonce validation on an unknown function. This makes it possible for unauthenticated attackers to inject...
Flash Video Player <= 5.0.4 - Cross-Site Request Forgery
Description The Flash Video Player plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.0.4. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to perform an unauthorized action v...
WP Social Comments < 1.7.4 - Missing Authorization via wpfc_allow_comments()
Description The WP Social Comments plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpfcallowcomments function in all versions up to, and including, 1.7.3. This makes it possible for authenticated attackers, with subscriber-level...
Royal Elementor Addons and Templates < 1.3.972 - Contributor+ DOM-Based Stored Cross-Site Scripting
Description The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widget containers in all versions up to, and including, 1.3.971 due to insufficient input sanitization and output escaping on user supplied attributes. This make...
Exclusive Addons for Elementor < 2.6.9.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Call to Action
Description The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Call to Action widget in all versions up to, and including, 2.6.9.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes ...
Exclusive Addons for Elementor < 2.6.9.4 - Contributor+ Stored Cross-Site Scripting
Description The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the URL attribute of the Button widget in all versions up to, and including, 2.6.9.3 due to insufficient input sanitization and output escaping. This makes it possible for...
rtMedia for WordPress, BuddyPress and bbPress < 4.6.19 - Authenticated (Contributor+) SQL Injection via rtmedia_gallery Shortcode
Description The rtMedia for WordPress, BuddyPress and bbPress plugin for WordPress is vulnerable to blind SQL Injection via the rtmediagallery shortcode in all versions up to, and including, 4.6.18 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on t...
Colibri Page Builder < 1.0.264 - Author+ Stored Cross-Site Scripting
Description The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image alt data parameter in all versions up to, and including, 1.0.262 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
Prime Slider – Addons For Elementor < 3.14.1 - Contributor+ Stored Cross-Site Scripting
Description The Prime Slider – Addons For Elementor Revolution of a slider, Hero Slider, Media Slider, Drag Drop Slider, Video Slider, Product Slider, Ecommerce Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via urls in link fields, images from URLs, and html tags used i...
Rank Math SEO with AI SEO Tools < 1.0.217 - Contributor+ Stored Cross-Site Scripting via 'titleWrapper'
Description The Rank Math SEO with AI SEO Tools plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's HowTo and FAQ widgets in all versions up to, and including, 1.0.216 due to insufficient input sanitization and output escaping on user supplied attributes. This makes...
Colibri Page Builder < 1.0.272 - Contributor+ Stored Cross-Site Scripting via the plugin's 'colibri_breadcrumb_element' shortcode
Description The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'colibribreadcrumbelement' shortcode in all versions up to, and including, 1.0.272 due to insufficient input sanitization and output escaping on user supplied attributes. This...