Lucene search
K
WpvulndbRecent

14603 matches found

WPVulnDB
WPVulnDB
added 2024/02/16 12:0 a.m.45 views

Bricks < 1.9.6.1 - Unauthenticated Remote Code Execution

Description The Bricks theme for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.9.6. This makes it possible for unauthenticated attackers to execute code on the server...

10CVSS7.8AI score0.88234EPSS
Exploits18References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/16 12:0 a.m.17 views

WP Maintenance < 6.1.7 - Information Exposure

Description The WP Maintenance plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 6.1.6 via the REST API. This makes it possible for unauthenticated attackers to bypass the plugin's maintenance mode obtain post and page content via REST API...

5CVSS6.5AI score0.00461EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/16 12:0 a.m.31 views

MasterStudy LMS WordPress Plugin – for Online Courses and Education < 3.2.6 - Unauthenticated SQL Injection

Description The MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin for WordPress is vulnerable to union based SQL Injection via the 'user' parameter of the /lms/stm-lms/order/items REST route in all versions up to, and including, 3.2.5 due to insufficient escaping on the...

9.8CVSS7.5AI score0.77729EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/16 12:0 a.m.20 views

Microsoft Clarity < 0.9.4 - Cross-Site Request Forgery to Stored Cross-Site Scripting

Description The Microsoft Clarity plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.9.3. This is due to missing nonce validation on the editclarityprojectid function. This makes it possible for unauthenticated attackers to change the project ...

6.1CVSS6AI score0.01324EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/16 12:0 a.m.15 views

Piraeus Bank WooCommerce Payment Gateway < 1.7.0 - Unauthenticated SQL Injection

Description The Piraeus Bank WooCommerce Payment Gateway plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'MerchantReference' parameter in all versions up to, and including, 1.6.5.1 due to insufficient escaping on the user supplied parameter and lack of sufficient...

7.5CVSS7.5AI score0.00659EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/16 12:0 a.m.12 views

Paid Memberships Pro < 2.12.9 - Contributor+ Arbitrary User Custom Field Disclosure

Description The plugin does not prevent user with at least the contributor role from leaking other users' sensitive metadata. PoC As a contributor, - Add shortcode to any post and specify/guess any user ID and meta key and save - Preview the post and see custom field value outputs from any user...

6.4AI score0.00548EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/16 12:0 a.m.24 views

My Private Site < 3.1.0 - Improper Access Control to Sensitive Information Exposure via REST API

Description The My Private Site plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.0.14 via the REST API. This makes it possible for unauthenticated attackers to bypass the plugin's site privacy feature and view restricted page and post...

5.3CVSS5.1AI score0.00461EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/15 12:0 a.m.13 views

PowerPack Addons for Elementor < 2.7.16 - Contributor+ Stored Cross-Site Scripting

Description The plugin does not properly sanitize its Twitter Buttons Widget setting, allowing users with at least the contributor role to conduct Stored XSS attacks...

5.5CVSS5.9AI score0.00423EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/15 12:0 a.m.23 views

Easy Forms for Mailchimp <= 6.9.0 - Sensitive Information Exposure via logfile

Description The plugin stores its logs at a predictable path, making it easy for anyone to leak their content...

7.5CVSS9.3AI score0.00421EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/02/15 12:0 a.m.15 views

Happy Addons for Elementor < 3.10.2 - Contributor+ Stored Cross-Site Scripting

Description The plugin does not properly sanitize the wrapper link parameter in the Age Gate, allowing users with at least the contributor access to conduct Stored XSS attacks...

6.4CVSS5.9AI score0.00581EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/15 12:0 a.m.19 views

Broken Link Checker < 2.2.4 - Admin+ Stored Cross-Site Scripting

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

5.4CVSS6.2AI score0.00339EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/15 12:0 a.m.12 views

Best WordPress Gallery Plugin – FooGallery < 2.4.9 -Admin+ Stored Cross-Site Scripting

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

4.8CVSS5.9AI score0.00626EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/15 12:0 a.m.20 views

Premium Addons for Elementor < 4.10.19 - Contributor+ Stored Cross-Site Scripting

Description The plugin does not prevent users with at least the contributor role from conducting Stored XSS attacks via the plugin's onClick Event functionality...

5.5CVSS5.7AI score0.00613EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/15 12:0 a.m.26 views

WP Editor < 1.2.8 - Sensitive Information Exposure via log file

Description The plugin stores its logs at a predictable path, making it easy for anyone to leak their content...

5CVSS6.7AI score0.00453EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/15 12:0 a.m.18 views

Premium Addons for Elementor < 4.10.19 - Contributor+ Stored Cross-Site Scripting

Description The plugin does not properly sanitize and escape its buttons' onclick attribute, making it possible for users with at least the contributor role to conduct Stored XSS attacks...

5.5CVSS5.7AI score0.00406EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/15 12:0 a.m.17 views

Pexels: Free Stock Photos <= 1.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Pexels: Free Stock Photos plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.2.2 via the pexelsfspimagesoptionsvalidate function. This makes it possible for authenticated attackers, with contributor-level access and above, to...

3.6CVSS6.4AI score0.00303EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/02/15 12:0 a.m.14 views

Defender Security < 4.4.2 - IP Address Spoofing

Description The plugin prioritized user-supplied HTTP headers when trying to retrieve a user's IP address, making it possible for them to bypass IP address based restrictions...

5.3CVSS6.8AI score0.0041EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/15 12:0 a.m.16 views

Happy Addons for Elementor < 3.10.2 - Contributor+ Stored Cross-Site Scripting

Description The does not properly sanitize the side image URL parameter in the Age Gate, allowing users with at least thhe contributor role to conduct Stored XSS attacks...

6.4CVSS5.9AI score0.00496EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/15 12:0 a.m.17 views

SMTP Mail Plugin < 1.3.21 - Cross Site Request Forgery

Description The SMTP Mail plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.20. This is due to missing or incorrect nonce validation on an unknown function. This makes it possible for unauthenticated attackers to perform an unauthorized...

4.3CVSS4.2AI score0.00214EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/14 12:0 a.m.21 views

PJ News Ticker <= 6.8.10 - Authenticated(Contributor+) Stored Cross-Site Scripting via shortcode

Description The PJ News Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 6.8.10 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...

6.5CVSS5.9AI score0.0031EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/02/14 12:0 a.m.13 views

TinyMCE Professional Formats and Styles <= 1.1.2 - Cross-Site Request Forgery via bb_taps_backend_page

Description The TinyMCE Professional Formats and Styles plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the 'bbtapsbackendpage ' function. This makes it possible for unauthenticated...

8.8CVSS6.2AI score0.00214EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/02/14 12:0 a.m.20 views

Sydney Toolbox < 1.26 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Sydney Toolbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's aThemes Slider button element in all versions up to, and including, 1.25 due to insufficient input sanitization and output escaping on user supplied link. This makes it possible for...

5.5CVSS5.6AI score0.00432EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/14 12:0 a.m.16 views

EmbedPress < 3.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Description The EmbedPress – Embed PDF, YouTube, Google Docs, Vimeo, Wistia Videos, Audios, Maps & Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 3.9.8 due to insufficient...

5.5CVSS5.9AI score0.00445EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/14 12:0 a.m.18 views

Frontend File Manager < 22.8 - Sensitive Information Exposure via user uploads

Description The Frontend File Manager Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 22.7 via the user upload functionality. This makes it possible for unauthenticated attackers to access user-uploaded files...

7.5CVSS6.7AI score0.00453EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/14 12:0 a.m.17 views

MoveTo <= 6.2 - Unauthenticated SQL Injection

Description The MoveTo plugin for WordPress is vulnerable to SQL Injection via an unknown parameter in versions up to, and including, 6.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

7.5CVSS7.4AI score0.00565EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/02/14 12:0 a.m.19 views

Multi Step Form < 1.7.19 - Form Deletion via CSRF

Description The plugin does not have CSRF check when deleting forms in via a bulk action, which could allow attackers to make logged in admins delete arbitrary forms via a CSRF attack...

5.8CVSS5.8AI score0.00186EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/14 12:0 a.m.18 views

Simple Share Buttons Adder < 8.4.12 - Authenticated(Administrator+) Stored Cross-Site Scripting via CSS Settings

Description The Simple Share Buttons Adder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 8.4.11 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

3.2CVSS5.6AI score0.00491EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/14 12:0 a.m.20 views

MoveTo <= 6.2 - Missing Authorization to Unauthenticated Options Update

Description The moveto plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 6.2. This makes it possible for unauthenticated attackers to update arbitrary WordPress options, potentially leading to site...

7.5CVSS6.7AI score0.00582EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/02/14 12:0 a.m.12 views

PB oEmbed HTML5 Audio <= 2.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode

Description The PB oEmbed HTML5 Audio – with Cache Support plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 2.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

6.5CVSS5.9AI score0.0031EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/02/14 12:0 a.m.17 views

Livemesh Addons for Elementor < 8.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via animated_text_class

Description The Livemesh Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘animatedtextclass’ attribute in versions up to, and including, 8.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attacker...

6.5CVSS5.7AI score0.00317EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/14 12:0 a.m.20 views

Maspik – Spam blacklist < 0.10.7 - Authenticated (Administrator+) Stored Cross-Site Scripting via settings

Description The Maspik – Spam Blacklist plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 0.10.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

5.4CVSS5.6AI score0.00418EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/14 12:0 a.m.13 views

Bricks < 1.9.6.1 - Unauthenticated Remote Code Execution

Description The plugin does not prevent unauthenticated visitors from running code on vulnerable sites. PoC Run the following JS on any site using the theme: await fetch"/wp-json/bricks/v1/renderelement", "credentials": "include", "headers": "Content-Type": "application/json" , "body":...

7.4AI score
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/14 12:0 a.m.10 views

MyWaze <= 1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode

Description The MyWaze plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers...

6CVSS5.6AI score0.00317EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/02/14 12:0 a.m.31 views

Canto < 3.0.7 - Unauthenticated RCE

Description The plugin is vulnerable to Remote Code Execution via the 'abspath' parameter due to the use of the includeonce statement on the parameter allowing remote file inclusion. This makes it possible for unauthenticated attackers to execute code on the server...

10CVSS9.9AI score0.00687EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/14 12:0 a.m.21 views

Malware Scanner < 4.7.3 - Admin+ SQLi

Description The plugin is vulnerable to SQL Injection via an unknown parameter due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with administrator access and above, to appe...

7.6CVSS7.8AI score0.00541EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/14 12:0 a.m.20 views

WP Media folder < 5.7.3 - Missing Authorization to Authenticated(Subscriber+) Plugin settings change

Description The wp-media-folder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on an unknown function in all versions up to, and including, 5.7.2. This makes it possible for authenticated attackers, with subscriber access and above, to...

5.5CVSS6.7AI score0.00364EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/14 12:0 a.m.17 views

MoveTo <= 6.2 - Unauthenticated Directory Traversal to Arbitrary File Deletion

Description The moveto plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 6.2. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, leading to site takeover...

5CVSS6.7AI score0.00529EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/02/14 12:0 a.m.29 views

NEX-Forms – Ultimate Form Builder < 8.5.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode

Description The NEX-Forms – Ultimate Form Builder – Contact forms and much more plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 8.5.5 due to insufficient input sanitization and output escaping on user supplied...

6.5CVSS5.7AI score0.00317EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/14 12:0 a.m.18 views

Photos and Files Contest Gallery < 21.3.1 - Author+ Stored Cross Site Scripting

Description The plugin does not sanitize and escape some parameters, which could allow users with a role as low as author to perform Cross-Site Scripting attacks. PoC 1. Add a New gallery, and click on the "Add files" button to add content. 2. Now add a description for this content with the XSS...

5.3AI score0.00398EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/14 12:0 a.m.12 views

Landing Page Cat – Coming Soon Page, Maintenance Page & Squeeze Pages < 1.7.3 - Unauthenticated Information Exposure

Description The Landing Page Cat – Coming Soon Page, Maintenance Page & Squeeze Pages plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.7.2. This makes it possible for unauthenticated attackers to access landing pages that may not be publ...

5.3CVSS7AI score0.00454EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/14 12:0 a.m.11 views

EmbedPress < 3.9.9 - Authenticated(Contributor+) Stored Cross-Site Scripting via Google Calendar Widget Link

Description The EmbedPress – Embed PDF, YouTube, Google Docs, Vimeo, Wistia Videos, Audios, Maps & Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Google Calendar Widget Link in all versions up to, and including, 3.9.8 due to...

5.5CVSS5.9AI score0.00545EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/14 12:0 a.m.16 views

Ultimate Reviews < 3.2.9 - Unauthenticated stored Cross-Site Scripting via reviews

Description The Ultimate Reviews plugin for WordPress is vulnerable to stored Cross-Site Scripting via the review functionality in versions up to, and including, 3.2.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

7.1CVSS6.3AI score0.00375EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/14 12:0 a.m.13 views

Doofinder for WooCommerce < 2.1.9 - Authenticated (Administrator+) Stored Cross-Site Scripting via settings

Description The Doofinder WP & WooCommerce Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.1.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

5.9CVSS5.6AI score0.00316EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/14 12:0 a.m.15 views

MoveTo <= 6.2 - Unauthenticated Arbitrary File Upload

Description The moveto plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in an unknown function in all versions up to, and including, 6.2. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server...

7.5CVSS7.9AI score0.0063EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/02/14 12:0 a.m.19 views

Paytium: Mollie payment forms & donations < 4.4.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode

Description The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 4.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

6.5CVSS5.6AI score0.00419EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/14 12:0 a.m.16 views

TNC PDF viewer < 2.9.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode

Description The TNC PDF viewer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 2.8.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.5CVSS5.9AI score0.00419EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/13 12:0 a.m.13 views

Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction < 2.11.2 - Missing Authorization via creating_pricing_table_page

Description The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the creatingpricingtablepage function in all versions up to, and including,...

4.3CVSS4.7AI score0.00538EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/13 12:0 a.m.20 views

Ultimate Posts Widget < 2.3.1 - Admin+ Stored XSS

Description The plugin does not validate and escape some of its Widget options before outputting them back in attributes, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...

8AI score0.00442EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/13 12:0 a.m.13 views

Email Encoder – Protect Email Addresses and Phone Numbers < 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Description The Email Encoder – Protect Email Addresses and Phone Numbers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 2.2.0 due to insufficient input sanitization and output escaping on user supplied attribute...

6.4CVSS5.9AI score0.00443EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/13 12:0 a.m.13 views

Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction < 2.11.2 - Missing Authorization via pms_stripe_connect_handle_authorization_return

Description The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pmsstripeconnecthandleauthorizationreturn function in all versions up t...

5.3CVSS6.9AI score0.00519EPSS
Exploits0References1Affected Software1
Total number of security vulnerabilities14603