Lucene search
K
WpvulndbRecent

14603 matches found

WPVulnDB
WPVulnDB
added 2024/02/27 12:0 a.m.14 views

Orbit Fox by ThemeIsle < 2.10.31 - Contributor+ Stored XSS via Form Widget

Description The plugin is vulnerable to Stored Cross-Site Scripting via the form widget addr2width attribute due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or higher, to inject arbitrary web scripts in pages...

6.4CVSS6AI score0.00532EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/27 12:0 a.m.15 views

Page Duplicator <= 0.1.1 - Missing Authorization to Unauthenticated Post/Page Duplication

Description The Page Duplicator plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the duplicatedatpage function in all versions up to, and including, 0.1.1. This makes it possible for unauthenticated attackers to duplicate arbitrary posts...

5.3CVSS6.8AI score0.00422EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/02/27 12:0 a.m.13 views

Easy PayPal & Stripe Buy Now Button <= 1.8.3 & Contact Form 7 – PayPal & Stripe Add-on <= 2.1 - Cross-Site Request Forgery to Settings Update

Description The Easy PayPal & Stripe Buy Now Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.8.3 and in Contact Form 7 – PayPal & Stripe Add-on all versions up to, and including 2.1. This is due to missing or incorrect nonce validati...

4.3CVSS6.4AI score0.00297EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/27 12:0 a.m.17 views

WP eCommerce <= 3.15.1 - Unauthenticated SQL Injection

Description The WP eCommerce plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'cartcontents' parameter in all versions up to, and including, 3.15.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...

9.8CVSS7.5AI score0.00724EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/02/27 12:0 a.m.11 views

Envo's Elementor Templates & Widgets for WooCommerce < 1.4.5 - Subscriber+ Template Creation

Description The plugin is vulnerable to unauthorized modification of data due to a missing capability check on the templatesajaxrequest function, allowing subscribers and higher to create templates...

4.3CVSS4.8AI score0.00457EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/27 12:0 a.m.22 views

Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan < 4.53 - Missing Authorization to Authenticated (Subscriber+) Table Truncation

Description The Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the antihackertruncatescantable function in all versions up to, and including,...

4.3CVSS6.4AI score0.00361EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/27 12:0 a.m.14 views

CodeMirror Blocks < 2.0.0 - Contributor+ Stored XSS

Description The plugin is vulnerable to Stored Cross-Site Scripting via the Code Mirror block due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will...

6.4CVSS6.1AI score0.00444EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/27 12:0 a.m.13 views

WP eCommerce <= 3.15.1 - Missing Authorization to Unauthenticated Arbitrary Post Creation

Description The WP eCommerce plugin for WordPress is vulnerable to unauthorized arbitrary post creation due to a missing capability check on the checkforsaaspush function in all versions up to, and including, 3.15.1. This makes it possible for unauthenticated attackers to create arbitrary posts...

5.3CVSS6.8AI score0.00422EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/02/27 12:0 a.m.11 views

Seraphinite Accelerator < 2.21 - Authenticated (Subscriber+) Server-Side Request Forgery in OnAdminApi_HtmlCheck

Description The Seraphinite Accelerator plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.20.52 via the OnAdminApiHtmlCheck function. This makes it possible for authenticated attackers, with subscriber-level access and above, to make web...

6.4CVSS6.5AI score0.00335EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/27 12:0 a.m.14 views

Redirects <= 1.2.1 - Missing Authorization via save

Description The Redirects plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save function in all versions up to, and including, 1.2.1. This makes it possible for unauthenticated attackers to change redirects created with this plugin...

6.5CVSS6.7AI score0.0053EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/02/27 12:0 a.m.15 views

Envo's Elementor Templates & Widgets for WooCommerce < 1.4.5 - Arbitrary Theme Activation via CSRF

Description The plugin is vulnerable to Cross-Site Request Forgery due to missing or incorrect nonce validation on the ajaxthemeactivation function, allowing unauthenticated attackers to activate arbitrary installed themes via a forged request granted they can trick a site administrator into...

4.3CVSS4.9AI score0.00322EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/27 12:0 a.m.16 views

Profile Box Shortcode And Widget < 1.2.1 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC When creating a new widget, insert...

5.3AI score0.00416EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/27 12:0 a.m.15 views

Orbit Fox by ThemeIsle < 2.10.32 - Contributor+ Stored XSS via Post Type Grid Widget

Description The plugin is vulnerable to Stored Cross-Site Scripting via the plugin's Post Type Grid Widget Title due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions ...

6.4CVSS5.9AI score0.00486EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/27 12:0 a.m.15 views

WordPress Access Control <= 4.0.13 - Improper Access Control to Sensitive Information Exposure via REST API

Description The WordPress Access Control plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.0.13 via the REST API. This makes it possible for unauthenticated attackers to bypass the plugin's "Make Website Members Only" feature when unset a...

5.3CVSS6.8AI score0.00517EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/02/27 12:0 a.m.24 views

Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan < 4.52 - Missing Authorization to Unauthenticated IP Address Whitelist

Description The Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the antihackeraddwhitelist function in all versions up to, and including, 4.51...

6.5CVSS6.7AI score0.00378EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/27 12:0 a.m.24 views

Conversios < 7.0.8 - Subscriber+ SQL Injection

Description The plugin is vulnerable to SQL Injection via the 'valueData' parameter due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with subscriber-level access and above,...

8.8CVSS8.8AI score0.00828EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/27 12:0 a.m.13 views

Oliver POS – A WooCommerce Point of Sale (POS) < 2.4.1.9 - Cross-Site Request Forgery

Description The Oliver POS – A WooCommerce Point of Sale POS plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.4.1.8. This is due to missing or incorrect nonce validation in the includes/class-pos-bridge-install.php file. This makes it possib...

6.3CVSS6.4AI score0.00215EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/27 12:0 a.m.22 views

MainWP Dashboard < 5.0 - Cross-Site Request Forgery via posting_bulk

Description The MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.6.0.1. This is due to missing or incorrect nonce validation on the 'postingbulk' function. This makes it...

4.3CVSS6.4AI score0.00303EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/27 12:0 a.m.25 views

Gestpay for WooCommerce < 20240307 - Cross-Site Request Forgery (CSRF) via ajax_delete_card

Description The Gestpay for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 20221130. This is due to missing or incorrect nonce validation on the 'ajaxdeletecard' function. This makes it possible for unauthenticated attackers to...

4.3CVSS4.6AI score0.00275EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/27 12:0 a.m.13 views

Orbit Fox by ThemeIsle < 2.10.31 - Contributor+ Stored XSS via Pricing Table Widget

Description The plugin is vulnerable to Stored Cross-Site Scripting via the Pricing Table widget in the $settings'titletags' parameter due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or above, to inject...

6.4CVSS6AI score0.00532EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/27 12:0 a.m.22 views

Simple Tweet <= 1.4.0.2 - Authenticated (Author+) Stored Cross-Site Scripting

Description The Simple Tweet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Tweet this text value in all versions up to, and including, 1.4.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.9AI score0.00532EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.14 views

Categorify < 1.0.7.5 - Cross-Site Request Forgery via categorifyAjaxAddCategory

Description The Categorify plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.7.4. This is due to missing or incorrect nonce validation on the categorifyAjaxAddCategory function. This makes it possible for unauthenticated attackers to add...

4.3CVSS6.4AI score0.00204EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.16 views

Elementor Addon Elements < 1.13 - Contributor+ Stored XSS

Description The plugin is vulnerable to Stored Cross-Site Scripting via the ‘eaecustomoverlayswitcher’ attribute of the Thumbnail Slider widget due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, ...

6.4CVSS5.7AI score0.00501EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.16 views

Bulk Edit Post Titles <= 5.0.0 - Missing Authorization via bulkUpdatePostTitles

Description The Bulk Edit Post Titles plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the bulkUpdatePostTitles function in all versions up to, and including, 5.0.0. This makes it possible for authenticated attackers, with subscriber...

4.3CVSS6.5AI score0.00428EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.13 views

Categorify < 1.0.7.5 - Missing Authorization in categorifyAjaxRenameCategory

Description The Categorify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the categorifyAjaxRenameCategory function in all versions up to, and including, 1.0.7.4. This makes it possible for authenticated attackers, with subscriber-leve...

4.3CVSS6.7AI score0.0034EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.18 views

Elementor Addon Elements < 1.13 - Contributor+ Stored XSS

Description The plugin is vulnerable to Stored Cross-Site Scripting via the 'button1icon' attribute of the Dual Button widget due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrar...

6.4CVSS5.7AI score0.00509EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.15 views

Categorify < 1.0.7.5 - Missing Authorization in categorifyAjaxClearCategory

Description The Categorify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the categorifyAjaxClearCategory function in all versions up to, and including, 1.0.7.4. This makes it possible for authenticated attackers, with subscriber-level...

4.3CVSS6.7AI score0.0034EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.15 views

Team Members < 5.3.2 - Author+ Stored XSS

Description The plugin does not validate and escape some of its Team options attributes before outputting them back in a page/post where the related shortcode is embed, which could allow users with the author role and above to perform Stored Cross-Site Scripting attacks. PoC 1. Create/edit a team...

5.7AI score0.00443EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.14 views

Responsive Pricing Table < 5.1.11 - Author+ Stored XSS

Description The plugin does not validate and escape some of its Pricing Table options before outputting them back in a page/post where the related shortcode is embed, which could allow users with the author role and above to perform Stored Cross-Site Scripting attacks PoC - Create a new Pricing...

8.4AI score0.00401EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.21 views

Restrict User Access – Ultimate Membership & Content Protection < 2.6 - Information Exposure

Description The Restrict User Access – Ultimate Membership & Content Protection plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.5 via API. This makes it possible for unauthenticated attackers to obtain the contents of posts and pages via API...

5.3CVSS6.5AI score0.00546EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.15 views

Categorify < 1.0.7.5 - Cross-Site Request Forgery via categorifyAjaxClearCategory

Description The Categorify plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.7.4. This is due to missing or incorrect nonce validation on the categorifyAjaxClearCategory function. This makes it possible for unauthenticated attackers to clea...

4.3CVSS6.6AI score0.00202EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.15 views

Duitku Payment Gateway < 2.11.7 - Missing Authorization via check_duitku_response

Description The Duitku Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the checkduitkuresponse function in all versions up to, and including, 2.11.4. This makes it possible for unauthenticated attackers to change the...

5.3CVSS5.5AI score0.0063EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.15 views

Categorify < 1.0.7.5 - Missing Authorization in categorifyAjaxUpdateFolderPosition

Description The Categorify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the categorifyAjaxUpdateFolderPosition in all versions up to, and including, 1.0.7.4. This makes it possible for authenticated attackers, with subscriber-level...

4.3CVSS6.5AI score0.0034EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.17 views

Relevanssi < 4.22.1 - Unauthenticated Query Log Export

Description The plugin is vulnerable to unauthorized access of data due to a missing capability check on the relevanssiexportlogcheck function, allowing unauthenticated attackers to export the query log data. The vendor has indicated that they may look into adding a capability check for proper...

5.3CVSS7.1AI score0.50192EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.21 views

Comments Extra Fields For Post,Pages and CPT < 5.1 - Missing Authorization

Description The Comments Extra Fields For Post,Pages and CPT plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 5.0. This is due to missing or incorrect capability checks on several ajax actions. This makes it possible for authenticated attackers, wi...

4.3CVSS6.7AI score0.00533EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.17 views

Categorify < 1.0.7.5 - Cross-Site Request Forgery via categorifyAjaxRenameCategory

Description The Categorify plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.7.4. This is due to missing or incorrect nonce validation on the categorifyAjaxRenameCategory function. This makes it possible for unauthenticated attackers to...

4.3CVSS6.4AI score0.00202EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.16 views

Thank You Page Customizer for WooCommerce – Increase Your Sales < 1.1.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Shortcode Execution

Description The Thank You Page Customizer for WooCommerce – Increase Your Sales plugin for WordPress is vulnerable to unauthorized execution of shortcodes due to a missing capability check on the gettexteditorcontent function in all versions up to, and including, 1.1.2. This makes it possible for...

5.4CVSS7.5AI score0.00367EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.14 views

SMS Alert Order Notifications – WooCommerce < 3.7.0 - Cross-Site Request Forgery

Description The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.6.9. This is due to missing or incorrect nonce validation on the processBulkAction function. This makes it possible for...

4.3CVSS6.6AI score0.00239EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.21 views

Categorify < 1.0.7.5 - Missing Authorization in categorifyAjaxAddCategory

Description The Categorify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the categorifyAjaxAddCategory function in all versions up to, and including, 1.0.7.4. This makes it possible for authenticated attackers, with subscriber-level...

4.3CVSS6.3AI score0.00578EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.12 views

User Shortcodes Plus <= 2.0.2 - Insecure Direct Object Reference to Authenticated (Contributor+) Sensitive Information Disclosure via user_meta Shortcode

Description The User Shortcodes Plus plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.2 via the usermeta shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...

5.3CVSS6.3AI score0.00472EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.21 views

Gestpay for WooCommerce < 20240307 - Cross-Site Request Forgery (CSRF) via ajax_set_default_card

Description The Gestpay for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 20221130. This is due to missing or incorrect nonce validation on the 'ajaxsetdefaultcard' function. This makes it possible for unauthenticated attackers ...

4.3CVSS4.6AI score0.00295EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.8 views

User Feedback < 1.0.14 - Unauthenticated Stored XSS

Description The plugin is vulnerable to Stored Cross-Site Scripting via the 'pagesubmitted' 'link' value due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in the feedback submission page that will execu...

6.1CVSS6.4AI score0.00438EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.10 views

Categorify < 1.0.7.5 - Missing Authorization in categorifyAjaxDeleteCategory

Description The Categorify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the categorifyAjaxDeleteCategory function in all versions up to, and including, 1.0.7.4. This makes it possible for authenticated attackers, with subscriber-leve...

4.3CVSS6.7AI score0.0034EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.17 views

Thank You Page Customizer for WooCommerce – Increase Your Sales < 1.1.3 - Missing Authorization to Authenticated (Subscriber+) Data Export

Description The Thank You Page Customizer for WooCommerce – Increase Your Sales plugin for WordPress is vulnerable to missing authorization e in all versions up to, and including, 1.1.2 via the applylayout function due to a missing capability check. This makes it possible for authenticated...

6.5CVSS6.8AI score0.00406EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.17 views

ArtiBot Free Chat Bot for WordPress WebSites <= 1.1.6 - Missing Authorization to Settings Update

Description The ArtiBot Free Chat Bot for WordPress WebSites plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the artibotupdate function in all versions up to, and including, 1.1.6. This makes it possible for authenticated attackers, wit...

5CVSS6.7AI score0.00585EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.14 views

Categorify < 1.0.7.5 - Cross-Site Request Forgery via categorifyAjaxDeleteCategory

Description The Categorify plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.7.4. This is due to missing or incorrect nonce validation on the categorifyAjaxDeleteCategory function. This makes it possible for unauthenticated attackers to...

4.3CVSS6.4AI score0.00202EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.23 views

Categorify < 1.0.7.5 - Cross-Site Request Forgery via categorifyAjaxUpdateFolderPosition

Description The Categorify plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.7.4. This is due to missing or incorrect nonce validation on the categorifyAjaxUpdateFolderPosition function. This makes it possible for unauthenticated attackers ...

4.3CVSS6.7AI score0.00202EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.37 views

NotificationX – Best FOMO, Social Proof, WooCommerce Sales Popup & Notification Bar Plugin With Elementor < 2.8.3 - Unauthenticated SQL Injection

Description The NotificationX – Best FOMO, Social Proof, WooCommerce Sales Popup & Notification Bar Plugin With Elementor plugin for WordPress is vulnerable to SQL Injection via the 'type' parameter in all versions up to, and including, 2.8.2 due to insufficient escaping on the user supplied...

9.8CVSS7.8AI score0.77434EPSS
Exploits3References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.16 views

Comments Extra Fields For Post,Pages and CPT < 5.1 - Cross-Site Request Forgery

Description The Comments Extra Fields For Post,Pages and CPT plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.0. This is due to missing or incorrect nonce validation on several ajax actions. This makes it possible for unauthenticated attacke...

4.3CVSS6.7AI score0.00303EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.80 views

Ultimate Member 2.1.3 - 2.8.2 - Unauthenticated SQL Injection

Description The plugin does not sanitize and escape the sorting parameter before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks when the "Enable custom table for usermeta" option is enabled. PoC Requirement: "Enable custom table for usermeta" option t...

9.8CVSS9.7AI score0.89431EPSS
Exploits8References1Affected Software1
Total number of security vulnerabilities14603