Lucene search
K
WpvulndbRecent

14603 matches found

WPVulnDB
WPVulnDB
added 2024/03/27 12:0 a.m.15 views

Multiple Page Generator Plugin – MPG < 3.4.1 - Missing Authorization via mpg_get_log_by_project_id

Description The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'mpggetlogbyprojectid' function in versions up to, and including, 3.4.0. This makes it possible for authenticated attackers, with...

8.8CVSS6.4AI score0.00439EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/27 12:0 a.m.16 views

Social Media Share Buttons < 2.8.9 - Admin+ Stored XSS via settings

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. Go to "Ultimate Social Media...

5.3AI score0.00405EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/27 12:0 a.m.29 views

Events Manager < 6.4.7.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the physical location value in all versions up to, and including, 6.4.7.1 due to insufficient input sanitization and output escaping. This makes it possibl...

6.4CVSS5.5AI score0.0034EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/27 12:0 a.m.187 views

Elementor Website Builder < 3.20.3 - Contributor+ DOM Stored XSS

Description The plugin is vulnerable to Stored Cross-Site Scripting via the plugin's Path Widget due to insufficient output escaping on user supplied attributes, allowingnauthenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execut...

6.4CVSS6.1AI score0.00462EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/26 12:0 a.m.20 views

Elementor Website Builder Pro < 3.20.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Media Carousel widget in all versions up to, and including, 3.20.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

5.4CVSS5.7AI score0.0034EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/26 12:0 a.m.21 views

VK All in One Expansion Unit < 9.96.0.0 - Unauthenticated Password Protected Content Access

Description The plugin is vulnerable to Sensitive Information Exposure via social meta tags, allowing unauthenticated attackers to view limited password protected content...

6.5CVSS7.2AI score0.00678EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/26 12:0 a.m.13 views

VK All in One Expansion Unit < 9.97.0.0 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its child page index widget options such as className before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.4CVSS5.9AI score0.0034EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/26 12:0 a.m.35 views

Astra < 4.6.9 - Contributor+ Stored XSS

Description The theme for WordPress is vulnerable to Stored Cross-Site Scripting via a user's display name due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in...

6.4CVSS5.7AI score0.00353EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/26 12:0 a.m.19 views

WordPress Action Network 1.4.3 - Admin+ SQLi

Description The plugin is vulnerable to SQL Injection via the 'bulk-action' parameter due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with administrator-level access and...

7.2CVSS7.8AI score0.00621EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/26 12:0 a.m.20 views

Simple Ajax Chat < 20240216 - Authenticated (Admin+) Stored Cross-Site Scripting

Description The Simple Ajax Chat – Add a Fast, Secure Chat Box plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 20231101 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

4.4CVSS5.7AI score0.0033EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/26 12:0 a.m.23 views

WP Go Maps < 9.0.35 - Information Exposure to Potential Denial of Service

Description The plugin is vulnerable to unauthenticated API key disclosure due to the plugin adding the API key to several plugin files. This makes it possible for unauthenticated attackers to obtain the developer's Google API key. While this does not affect the security of sites using this plugi...

6.5CVSS6.6AI score0.00795EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/26 12:0 a.m.15 views

Responsive Gallery Grid < 2.3.11 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. Navigate to "RGG Gallery" and...

4.9AI score0.00492EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/26 12:0 a.m.28 views

The Plus Addons for Elementor < 5.4.2 - Contributor+ LFI

Description The plugin is vulnerable to Local File Inclusion via the Team Member Listing and Clients widgets. This makes it possible for authenticated attackers, with contributor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code i...

8.8CVSS7.9AI score0.00594EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/26 12:0 a.m.18 views

Essential Addons for Elementor < 5.9.12 - Contributor+ Stored XSS

Description The plugin is vulnerable to Stored Cross-Site Scripting via the countdown widget's message parameter due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or higher, to inject arbitrary web scripts in...

6.4CVSS6AI score0.00446EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/26 12:0 a.m.25 views

RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login < 5.3.2.0 - Authenticated (Contributor+) SQL Injection via Shortcode

Description The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to blind SQL Injection via the ‘id’ parameter of the RMForm shortcode in all versions up to, and including, 5.3.1.0 due to insufficient escaping on the user...

8.8CVSS7.2AI score0.00821EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/26 12:0 a.m.19 views

Check & Log Email < 1.0.10 - Unauthenticated Hook Injection

Description The plugin is vulnerable to Unauthenticated Hook Injection via the checknonce function. This makes it possible for unauthenticated attackers to execute actions with hooks in WordPress under certain circumstances. The action the attacker wishes to execute needs to have a nonce check, a...

8.1CVSS7.4AI score0.00732EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/26 12:0 a.m.20 views

Elementor Website Builder Pro < 3.20.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via video_html_tag

Description The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the videohtmltag attribute in all versions up to, and including, 3.20.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attacker...

6.4CVSS5.8AI score0.00323EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/26 12:0 a.m.15 views

Simple Ajax Chat < 20240223 - Unauthenticated Stored Cross-Site Scripting

Description The Simple Ajax Chat – Add a Fast, Secure Chat Box plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the name field in all versions up to, and including, 20240216 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

6.1AI score
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/26 12:0 a.m.20 views

Elementor Website Builder Pro < 3.20.2 - Authententicated (Contributor+) Stored Cross-Site Scripting

Description The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via widget's customid in all versions up to, and including, 3.20.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.8AI score0.0032EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/26 12:0 a.m.18 views

Real Media Library: Media Library Folder & File Manager < 4.22.8 - Contributor+ Stored XSS

Description The plugin is vulnerable to Stored Cross-Site Scripting via its style attributes due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or above, to inject arbitrary web scripts in pages that will execute...

6.4CVSS6AI score0.00423EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/26 12:0 a.m.12 views

Essential Addons for Elementor < 5.9.12 - Contributor+ Stored XSS

Description The plugin is vulnerable to Stored Cross-Site Scripting via the alignment parameter in the Woo Product Carousel widget due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or higher, to inject arbitrary...

6.4CVSS6AI score0.00356EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/26 12:0 a.m.39 views

Elementor Website Builder Pro < 3.20.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Form Widget SVGZ File Upload

Description The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an SVGZ file uploaded via the Form widget in all versions up to, and including, 3.20.1 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.8AI score0.0032EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/26 12:0 a.m.16 views

Event Tickets and Registration < 5.8.3 - Improper Authorization to Information Disclosure

Description The Event Tickets and Registration plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.8.2 via the RSVP functionality. This makes it possible for authenticated attackers, with contributor access and above, to extract sensitive...

4.3CVSS6.3AI score0.00398EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/26 12:0 a.m.14 views

Link Whisper Free < 0.7.2 - Authenticated (Contributor+) PHP Object Injection

Description The Link Whisper Free plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 0.7.1 via deserialization of untrusted input of the 'mfn-page-items' post meta value. This makes it possible for authenticated attackers, with contributor-level acces...

8.8CVSS7.4AI score0.00813EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/26 12:0 a.m.18 views

Ajax Load More < 7.1.0 - Authenticated (Admin+) Directory Traversal to Arbitrary File Read

Description The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 7.0.1 via the 'type' parameter. This makes it possible for authenticated attackers, with administrator-level access and above, to read the contents...

4.9CVSS6.3AI score0.00833EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/26 12:0 a.m.18 views

Elementor Website Builder – More than Just a Page Builder < 3.20.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Navigation

Description The Elementor Website Builder – More than Just a Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Post Navigation widget in all versions up to, and including, 3.20.1 due to insufficient input sanitization and output escaping on user...

5.4CVSS5.8AI score0.0034EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/26 12:0 a.m.27 views

My Sticky Bar < 2.6.8 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC You should click on "My Sticky Bar...

5.4AI score0.00315EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/26 12:0 a.m.21 views

Networker - Tech News WordPress Theme with Dark Mode < 1.1.10 - Missing Authorization

Description The Networker - Tech News WordPress Theme with Dark Mode theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the adminreloadnavmenu function in all versions up to, and including, 1.1.9. This makes it possible for unauthenticated...

5.3CVSS6.7AI score0.00504EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/26 12:0 a.m.18 views

Gutenberg Blocks by Kadence Blocks < 3.2.26 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its Advanced Form Widget options before outputting them back in a page/post where the widget is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.7AI score
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/26 12:0 a.m.11 views

Master Addons for Elementor < 2.0.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Pricing Table Widget

Description The Master Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Pricing Table widget in all versions up to, and including, 2.0.5.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

6.4CVSS5.9AI score0.0034EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/25 12:0 a.m.15 views

NPS computy < 2.7.6 - Results Deletion via CSRF

Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks PoC Make a logged in admin open the following: The result is that all existing poll responses are deleted...

9.3AI score0.00365EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/25 12:0 a.m.16 views

Newsmatic < 1.3.5 - Unauthenticated Information Exposure via newsmatic_filter_posts_load_tab_content

Description The Newsmatic theme for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.0 via the 'newsmaticfilterpostsloadtabcontent'. This makes it possible for unauthenticated attackers to view draft posts and post content...

5.3CVSS7AI score0.00584EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/25 12:0 a.m.28 views

Paid Memberships Pro < 3.0 - Cross-Site Request Forgery

Description The Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.12.10. This is due to missing nonce validation on the pmproliftersavestreamlineoption...

4.3CVSS6.2AI score0.00912EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/25 12:0 a.m.15 views

Fancy Product Designer < 6.1.81 - Admin+ Cross Site Scripting via Product Title

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC Note: This requires WooCommerce to...

8.1AI score0.00441EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/25 12:0 a.m.18 views

Jetpack < 13.2.1 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC When the "Let visitors...

6.1AI score
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/25 12:0 a.m.11 views

Responsive Tabs < 4.0.7 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC 1. Go to "Tab Sets Add New"...

5.7AI score0.00501EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/25 12:0 a.m.19 views

Advanced Access Manager < 6.9.21 - Reflected XSS

Description The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6.2AI score0.00438EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/25 12:0 a.m.11 views

Easy Textillate < 2.02 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode

Description The Easy Textillate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'textillate' shortcode in all versions up to, and including, 2.01 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.7AI score0.00335EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/25 12:0 a.m.12 views

Testimonial Slider < 2.3.8 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. Go to "Testimonial Shortcode"...

5.5AI score0.00442EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/25 12:0 a.m.14 views

Super Socializer < 7.13.64 - Editor+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed PoC When creating a new widget, insert the following payload in the "FaceBook URL" field ...

5.7AI score0.005EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/25 12:0 a.m.16 views

WP Armour < 2.1.14 - Reflected XSS

Description The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6.3AI score0.00354EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/25 12:0 a.m.15 views

GiveWP < 3.4.0 - Reflected Cross-Site Scripting

Description The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6.3AI score0.00354EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/25 12:0 a.m.15 views

WooCommerce Customers Manager < 29.7 - Subscriber+ SQL Injection

Description The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to an SQL injection exploitable by Subscriber+ role. Note: v29.5 added authorisation, however the injection was not fixed and still exploitable by users with the managewoocommerce...

7.3AI score0.02877EPSS
Exploits5Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/25 12:0 a.m.16 views

Carousel Slider < 2.2.7 - Editor+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. Add a new slider at "Carousel...

5.4AI score0.00484EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/25 12:0 a.m.13 views

Simple Buttons Creator <= 1.04 - Aribtrary Button Deletion via CSRF

Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks PoC Make a logged in admin open a page with the code below where is an existing button:...

9.4AI score0.00192EPSS
Exploits2
WPVulnDB
WPVulnDB
added 2024/03/25 12:0 a.m.12 views

Simple Buttons Creator <= 1.04 - Unauthenticated Stored XSS

Description The plugin does not have any authorisation as well as CSRF in its add button function, allowing unauthenticated users to call them either directly or via CSRF attacks. Furthermore, due to the lack of sanitisation and escaping, it could also allow them to perform Stored Cross-Site...

8.3AI score0.00235EPSS
Exploits2
WPVulnDB
WPVulnDB
added 2024/03/25 12:0 a.m.12 views

WP Customer Reviews < 3.7.1 - Malicious Redirect via HTTP-EQUIV Injection

Description The plugin does not validate a parameter allowing contributor and above users to redirect a page to a malicious URL PoC 1 Create a new post 2 In the "Bussness Name" field enter the payload: 0;http://smth.me/" HTTP-EQUIV="refresh" a="a 3 Save the post and view it. You will see that you...

6.4AI score0.00495EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/25 12:0 a.m.16 views

Everest Backup < 2.2.5 - Admin+ Arbitrary File Upload

Description The plugin does not properly validate backup files to be uploaded, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to for example in multisite setup PoC 1. Go to the plugin setting and in the "Restore" section...

9.3AI score0.00649EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/25 12:0 a.m.17 views

WP User Profile Avatar <= 1.0.1 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC Enter the following shortcod...

8.2AI score0.0042EPSS
Exploits2References1
WPVulnDB
WPVulnDB
added 2024/03/25 12:0 a.m.14 views

Themify Shortcodes < 2.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Themify Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'themifypostslider shortcode in all versions up to, and including, 2.0.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

5.4CVSS5.8AI score0.00343EPSS
Exploits0References1Affected Software1
Total number of security vulnerabilities14603