14603 matches found
Shield Security – Smart Bot Blocking & Intrusion Prevention Security < 18.5.10 - Unauthenticated Local File Inclusion
Description The Shield Security – Smart Bot Blocking & Intrusion Prevention Security plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 18.5.9 via the renderactiontemplate parameter. This makes it possible for unauthenticated attacker to include and...
Quiz Maker < 6.5.0.6 - Denial of Service
Description The Quiz Maker plugin for WordPress is vulnerable to denial of service in all versions up to, and including, 6.5.0.5. The cause is unknown This makes it possible for attackers to potentially deny access to resources...
Total Upkeep < 1.15.9 - Improper Authorization to Unauthenticated Arbitrary File Download
Description The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to unauthorized access of data due to an improper authorization check in all versions up to, and including, 1.15.8. This makes it possible for unauthenticated attackers to...
Happy Addons for Elementor < 3.10.2 - Missing Authorization via add_row_actions
Description The Happy Addons for Elementor plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the addrowactions function in versions up to, and including, 3.10.1. This makes it possible for authenticated attackers, with contributor-level access...
BookIt <= 2.4.0 - Price Bypass
Description The Booking Calendar | Appointment Booking | BookIt plugin for WordPress is vulnerable to Price Bypass in versions up to and including 2.4.0. This makes it possible for site owners to make use of premium plugin features without paying. Note that this does not meaningfully negatively...
All-In-One Security (AIOS) – Security and Firewall < 5.2.6 - Reflected Cross-Site Scripting
Description The All-In-One Security AIOS – Security and Firewall plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab' parameter in all versions up to, and including, 5.2.5 due to insufficient input sanitization and output escaping. This makes it possible for...
Meta Box – WordPress Custom Fields Framework < 5.9.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
Description The Meta Box – WordPress Custom Fields Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom post meta values displayed through the plugin's shortcode in all versions up to, and including, 5.9.2 due to insufficient input sanitization and output escapin...
Quiz Maker < 6.5.2.5 - Missing Authorization to Unauthenticated Quiz Data Retrieval
Description The Quiz Maker plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the aysshowresults function in all versions up to, and including, 6.5.2.4. This makes it possible for unauthenticated attackers to fetch arbitrary quiz results which c...
Premium Addons for Elementor < 4.10.17 - Authenticated (Contributor+) Stored Cross-Site Scripting
Description The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 4.10.16 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access an...
3D Tag Cloud <= 3.8 - Cross-Site Request Forgery to Stored Cross-Site Scripting
Description The 3D Tag Cloud plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.8. This is due to missing or incorrect nonce validation. This makes it possible for unauthenticated attackers to inject malicious JavaScript via a forged request...
WP Smart Editor <= 1.3.3 - Reflected Cross-Site Scripting
Description The WP Smart Editor plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 1.3.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in page...
Quiz Maker < 6.5.2.5 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Quiz Creation & Modification
Description The Quiz Maker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the aysquickstart and addquestionrows functions in all versions up to, and including, 6.5.2.4. This makes it possible for authenticated attackers, with...
EventPrime < 3.4.0 - Improper Input Validation via save_event_booking
Description The EventPrime plugin for WordPress is vulnerable to unauthorized modification of data due to improper input validation in the 'saveeventbooking' function in versions up to, and including, 3.3.9. This makes it possible for unauthenticated attackers to modify the price and other...
CalculatorPro Calculators <= 1.1.7 - Reflected Cross-Site Scripting via CP_preview_calc
Description The CalculatorPro Calculators plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via multiple parameters in the 'CPpreviewcalc' function in versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping. This makes it possible for...
Podlove Subscribe button < 1.3.11 - Authenticated (Contributor+) SQL Injection
Description The Podlove Subscribe button plugin for WordPress is vulnerable to UNION-based SQL Injection via the 'button' attribute of the podlove-subscribe-button shortcode in all versions up to, and including, 1.3.10 due to insufficient escaping on the user supplied parameter and lack of...
TablePress < 2.2.5 - Authenticated(Author+) Server Side Request Forgery(SSRF) via _get_import_files
Description The TablePress – Tables in WordPress made easy plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to and including 2.2.4 via the 'getimportfiles' function. This makes it possible for authenticated attackers, with author access and above, to make web...
MW WP Form < 5.1.0 - Editor+ Stored XSS
Description The plugin is vulnerable to Stored Cross-Site Scripting in versions up to due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level access and above, to inject arbitrary web scripts in pages that will execute...
JTRT Responsive Tables <= 4.1.9 - Cross-Site Request Forgery
Description The JTRT Responsive Tables plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.1.9. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to perform an unauthorized acti...
Quicksand Post Filter jQuery Plugin <= 3.1.1 - Cross-Site Request Forgery via renderAdmin
Description The Quicksand Post Filter jQuery Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.1.1. This is due to missing or incorrect nonce validation on the 'renderAdmin' function. This makes it possible for unauthenticated attackers to...
Email Before Download <= 6.9.7 - Cross-Site Request Forgery
Description The Email Before Download plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.9.7. This is due to missing or incorrect nonce validation. This makes it possible for unauthenticated attackers to perform unauthorized actions via a forg...
WP-CFM < 1.7.9 - Cross-Site Request Forgery via multiple AJAX functions
Description The WP-CFM plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.7.8. This is due to missing or incorrect nonce validation on multiple AJAX functions. This makes it possible for unauthenticated attackers to modify the plugin's setting...
Page Restrict <= 2.5.5 - Cross-Site Request Forgery via pr_admin_page
Description The Page Restrict plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.5.5. This is due to missing or incorrect nonce validation on the 'pradminpage' function. This makes it possible for unauthenticated attackers to modify the plugin...
Structured Content < 1.6.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Classic Editor Shortcode
Description The Structured Content plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Classic Editor shortcodes in all versions up to, and including, 1.6.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attacker...
BEAR < 1.1.4.1 - Missing Authorization via Several Functions
Description The BEAR plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on several functions in the /ext/history/history.php file in versions up to, and including, 1.1.4. This makes it possible for authenticated attackers, with subscriber-level access and...
PilotPress < 2.0.31 - Subscriber+ Report Access & DB Transients Purging
Description The plugin is vulnerable to unauthorized access to data and loss of data due to a missing capability check on multiple AJAX functions, allowing authenticated attackers, with subscriber access and above, to view reports and purge database transients...
Quicksand Post Filter jQuery Plugin <= 3.1.1 - Missing Authorization via quicksand_admin_ajax
Description The Quicksand Post Filter jQuery Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'quicksandadminajax' function in versions up to, and including, 3.1.1. This makes it possible for unauthenticated attackers to delete...
Post Video Players < 1.160 - Settings Update via CSRF
Description The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
Advanced Forms for ACF < 1.9.3.3 - Missing Authorization to Unauthenticated Form Settings Export
Description The Advanced Forms for ACF plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the exportjsonfile function in all versions up to, and including, 1.9.3.2. This makes it possible for unauthenticated attackers to export form settings...
Setka Editor <= 2.1.20 - Cross-Site Request Forgery via handleRequest
Description The A no-code page builder for beautiful performance-based content plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.20. This is due to missing or incorrect nonce validation on the 'handleRequest' function. This makes it possibl...
GDPR Data Request Form < 1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting
Description The GDPR Data Request Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the formid parameter in versions up to, and including, 1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
Ultra Companion < 1.2.0 - Contributor+ Stored XSS
Description The plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user...
PropertyHive < 2.0.7 - Missing Authorization via activate_pro_feature
Description The PropertyHive plugin for WordPress is vulnerable to unauthorized access of premium features due to a missing capability check on the activateprofeature function in versions up to, and including, 2.0.6. This makes it possible for unauthenticated attackers to activate pro features...
Event Manager and Tickets Selling Plugin for WooCommerce – WpEvently < 4.1.2 - Authenticated (Contributor+) PHP Object Injection in mep_event_meta_save
Description The Event Manager and Tickets Selling Plugin for WooCommerce – WpEvently plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.1.1 via deserialization of untrusted input in the mepeventmetasave function. This makes it possible for...
MultiVendorX Marketplace < 4.0.26 - Missing Authorization
Description The plugin is vulnerable to unauthorized modification of data due to a missing capability check, allowing unauthenticated attackers to call a function that should be accessible to higher users only...
Knowledge Base for Documentation, FAQs with AI Assistance < 11.31.0 - Unauthenticated PHP Object Injection in is_article_recently_viewed
Description The Knowledge Base for Documentation, FAQs with AI Assistance plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 11.30.2 via deserialization of untrusted input in the isarticlerecentlyviewed function. This makes it possible for...
Shariff Wrapper < 4.6.10 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC Put the following payload in the...
WooCommerce Box Office < 1.2.3 - Missing Authorization
Description The WooCommerce Box Office plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 1.2.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform an...
PowerPack Pro for Elementor < 2.10.8 - Missing Authorization to Settings Reset
Description The PowerPack Pro for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check in all versions up to, and including, 2.10.6. This makes it possible for unauthenticated attackers to reset plugin settings...
Mighty Addons for Elementor <= 1.9.3 - Reflected Cross-Site Scripting
Description The Mighty Addons for Elementor plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 1.9.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts...
BEAR < 1.1.4.1 - Authenticated (Shop manager+) Stored Cross-Site Scripting via Plugin Options
Description The BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net plugin for WordPress is vulnerable to Stored Cross-Site Scripting via plugin options in all versions up to, and including, 1.1.4 due to insufficient input sanitization and output escaping. This...
WP Visitor Statistics (Real Time Traffic) < 6.9.5 - Sensitive Information Exposure via Log File
Description The WP Visitor Statistics Real Time Traffic plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.9.4. This makes it possible for unauthenticated attackers to extract sensitive data from log files...
Debug < 1.11 - CSRF
Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in admins perform unwanted actions, such as clear logs, via CSRF attacks...
Scroll Triggered Box <= 2.3 - Authenticated (Editor+) Stored Cross-Site Scripting
Description The Scroll Triggered Box plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level access and above, to injec...
Add Customer for WooCommerce < 1.7.1 - Authenticated (Administrator+) Stored Cross-Site Scripting
Description The Add Customer for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
PT Sign Ups <= 1.0.4 - Unauthenticated Stored Cross-Site Scripting
Description The PT Sign Ups plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.0.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will...
Location Picker at Checkout for WooCommerce < 1.9.0 - Missing Authorization via checkout_map_rules_order_ajax_handler
Description The Location Picker at Checkout for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the checkoutmaprulesorderajaxhandler function in versions up to, and including, 1.8.9. This makes it possible for authenticated...
FG Drupal to WordPress < 3.68.0 - Cross-Site Request Forgery via ajax_importer
Description The FG Drupal to WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.67.0. This is due to missing or incorrect nonce validation on the ajaximporter function. This makes it possible for unauthenticated attackers to delete logs...
ERE Recently Viewed < 2.0 - Unauthenticated PHP Object Injection
Description The plugin is vulnerable to PHP Object Injection via deserialization of untrusted input. This makes it possible for unauthenticated attackers to inject a PHP Object. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker...
WP Club Manager – WordPress Sports Club Plugin < 2.2.11 - Missing Authorization to Unauthenticated Event Permalink Update
Description The WP Club Manager – WordPress Sports Club Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the settingssave function in all versions up to, and including, 2.2.10. This makes it possible for unauthenticated attackers ...
PowerPack Pro for Elementor < 2.10.8 - Cross-Site Request Forgery to Plugin Settings Modification and Cross-Site Scripting
Description The PowerPack Pro for Elementor plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions prior to 2.10.8. This is due to missing or incorrect nonce validation. This makes it possible for unauthenticated attackers to modify plugin settings and inject arbitrary web...