Lucene search
K
WpvulndbRecent

14602 matches found

WPVulnDB
WPVulnDB
added 2023/12/13 12:0 a.m.24 views

Export and Import Users and Customers < 2.4.9 - Shop Manager+ Arbitrary File Upload

Description The plugin does not properly check uploaded files via the uploadimportfile function, allowing users with the Shop Manager role and above to upload arbitrary files...

7.2CVSS6.9AI score0.01366EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/13 12:0 a.m.8 views

Image Regenerate & Select Crop < 7.3.1 - Sensitive Information Exposure

Description The plugin discloses sensitive information via log files which are publicly accessibe...

5.3CVSS6.6AI score0.00552EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/13 12:0 a.m.11 views

PayTR Taksit Tablosu <= 1.3.1 - CSRF

Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS7.1AI score0.00254EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/13 12:0 a.m.18 views

CAOS < 4.7.15 - Unauthenticated Settings Update

Description The plugin does not have authorisation check when updating its settings, which could allow unauthenticated users to update them...

6.5CVSS6.8AI score0.00542EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/12 12:0 a.m.14 views

Import and export users and customers < 1.24.3 - Admin+ Arbitrary File Read/Deletion

Description The plugin is vulnerable to Directory Traversal via the Recurring Import functionality. This makes it possible for authenticated attackers, with administrator access and above, to read and delete the contents of arbitrary files on the server including wp-config.php, which can contain...

7.2CVSS6.7AI score0.00809EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/12 12:0 a.m.15 views

Ni Purchase Order(PO) For WooCommerce <= 1.2.1 - Admin+ File Upload to Remote Code Execution

Description The plugin does not validate logo and signature image files uploaded in the settings, allowing high privileged user to upload arbitrary files to the web server, triggering an RCE vulnerability by uploading a web shell. PoC 1. Create a malicious file exploit.php with the contents 2...

7.2CVSS6.5AI score0.00876EPSS
Exploits2
WPVulnDB
WPVulnDB
added 2023/12/12 12:0 a.m.12 views

Ultimate Dashboard < 3.7.11 - Login Page Disclosure on Multi-site

Description The plugin is vulnerable to secret login page disclosure, allowing unauthenticated attackers to discover the secret login page URL on multi-site instances...

7.1AI score0.00303EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/12 12:0 a.m.14 views

WP Go Maps < 9.0.28 - Unauthenticated Stored XSS

Description The plugin does not properly protect most of its REST API routes, which attackers can abuse to store malicious HTML/Javascript on the site. PoC Run the following Python script, then visit https://vulnerable-site.tld/wp-admin/admin.php?page=wp-google-maps-menu=editid=1. Alternatively,...

6.1CVSS5.8AI score0.00619EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/12 12:0 a.m.10 views

Master Addons for Elementor < 2.0.4 - Contributor+ Stored XSS

Description The plugin does not validate and escape its heading tag dropdown before outputting it back in a page/post, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.1AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/12 12:0 a.m.20 views

Maspik – Spam blacklist < 0.10.4 - IP Validation Bypass

Description The plugin does not properly validates IP addresses, allowing unauthenticated attackers to bypass IP-based restrictions...

7.2AI score0.0035EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/12 12:0 a.m.12 views

Import and export users and customers < 1.24.4 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS5.8AI score0.00352EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/12 12:0 a.m.19 views

Bold Page Builder < 4.7.0 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.8AI score0.00466EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/12 12:0 a.m.14 views

DoFollow Case by Case < 3.5.0 - Email&URLs Adding to Allowlist via CSRF

Description The plugin does not have CSRF checks in its getEmail and getUrl functions, which could allow attackers to make logged in admins add email and URLs to the allow list via CSRF attacks...

8.8CVSS6.8AI score0.00271EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/12 12:0 a.m.65 views

Backup Migration < 1.3.8 - Unauthenticated RCE

Description The plugin is vulnerable to Remote Code Execution via the /includes/backup-heart.php file. This is due to an attacker being able to control the values passed to an include, and subsequently leverage that to achieve remote code execution. This makes it possible for unauthenticated...

9.8CVSS10AI score0.97846EPSS
Exploits14References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/12 12:0 a.m.14 views

Social Media Feather < 2.1.4 - Subscriber+ Unauthorised Action

Description The plugin does not have authorisation in a function, allowing any authenticated users, such as subscriber to call it...

9.2AI score0.00404EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/12 12:0 a.m.20 views

Prime Mover < 1.9.3 - Directory Listing to Sensitive Data Exposure

Description The plugin does not prevent directory listing in sensitive directories containing export files. PoC http://127.0.0.1/wordpress/wp-content/uploads/prime-mover-export-files/1/ 0 Go to packages and crate new If there is no backup now 1 Go to this URL manualy 2 Use Exploit...

7.5CVSS6.4AI score0.39867EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/12 12:0 a.m.34 views

Google Calendar Events < 3.2.8 - Contributor+ Stored XSS via shortcode

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS6.1AI score0.00401EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/12 12:0 a.m.15 views

Ibtana – WordPress Website Builder < 1.2.2.1 - Contributor+ Stored XSS via Shortcode

Description The plugin does not validate and escape some of its ive shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.4CVSS5.7AI score0.00436EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/11 12:0 a.m.14 views

Shortcoder < 6.3.1 - Subscriber+ Unauthorised AJAX Call

Description The plugin does not have proper authorisation in an AJAX action, allowing any authenticated users, such as subscriber to call it...

6.9AI score0.00404EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/11 12:0 a.m.14 views

affiliate-toolkit < 3.4.3 - Unauthenticated SSRF

Description The plugin lacks authorization and authentication for requests to it's affiliate-toolkit-starter/tools/atkpimagereceiver.php endpoint, allowing unauthenticated visitors to make requests to arbitrary URL's, including RFC1918 private addresses, leading to a Server Side Request Forgery...

9.8CVSS7AI score0.00898EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/11 12:0 a.m.13 views

WooCommerce Payments < 6.5.0 - Contributor+ Cross-Site Scripting

Description The plugin does not validate and escape some of its block attributes before outputting them back in a page/post where the block is rendered, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.8AI score0.00384EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/11 12:0 a.m.13 views

Shortcodes and extra features for Phlox theme < 2.15.5 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.9AI score0.00377EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/11 12:0 a.m.15 views

Burst Statistics (Free < 1.5.0, Pro < 1.5.1) - Unauthenticated SQL Injection

Description The plugins do not properly sanitise and escape the url parameter before using it in a SQL statement, leading to an SQL injection exploitable by any authenticated users, such as subscribers PoC curl 'https://example.com/burst-statistics-endpoint.php' \ -H 'content-type:...

9.8CVSS7.9AI score0.0069EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/11 12:0 a.m.64 views

Popup Builder < 4.2.3 - Unauthenticated Stored XSS

Description The plugin does not prevent simple visitors from updating existing popups, and injecting raw JavaScript in them, which could lead to Stored XSS attacks. PoC 1 Create a popup using the plugin 2 Run the following curl command, switching $POPUPID with that popup's ID: curl --url...

6.1CVSS8.7AI score0.01999EPSS
Exploits4References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/11 12:0 a.m.16 views

Tutor LMS < 2.3.0 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.6AI score0.00394EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/11 12:0 a.m.20 views

Spectra < 2.7.10 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.8AI score0.0056EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/11 12:0 a.m.17 views

WP TripAdvisor Review Slider < 11.9 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. Go to Get TripAdvisor Reviews...

4.8CVSS4.9AI score0.00402EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/10 12:0 a.m.19 views

WP Project Manager < 2.6.9 - Subscriber+ Stored XSS

Description The plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping, allowing authenticated attackers, with subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected...

6.5CVSS5.4AI score0.00385EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/10 12:0 a.m.23 views

Login With Ajax < 4.2 - Missing Authorization

Description The Login With Ajax plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on an unknown function in versions up to, and including, 4.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform an...

9.1AI score0.00415EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/10 12:0 a.m.17 views

Custom Login < 4.1.1 - Subscriber+ Unauthorised Action

Description The plugin does not have proper authorisation in an unknown function, allowing any authenticated attackers, such as subscribers, to perform an unauthorized action...

8.5AI score0.00404EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/10 12:0 a.m.9 views

Redirects <= 1.2.1 - Missing Authorization

Description The Redirects plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on tan unknown function in versions up to, and including, 1.2.1. This makes it possible for unauthenticated attackers to perform an unauthorized action...

6.6AI score0.00448EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/10 12:0 a.m.15 views

WP Project Manager < 2.6.8 - Missing Authorization

Description The WP Project Manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on an unknown function in versions up to, and including, 2.6.7. This makes it possible for unauthenticated attackers to perform an unauthorized action...

9.3AI score0.00489EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/10 12:0 a.m.18 views

Optin Forms <= 1.3.6 - Authenticated (Administrator+) Stored Cross-Site Scripting

Description The Optin Forms – Simple List Building Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.3.6 due to insufficient input sanitization and output escaping. This makes it possible for...

5.9CVSS5.4AI score0.00386EPSS
Exploits0References2
WPVulnDB
WPVulnDB
added 2023/12/10 12:0 a.m.16 views

First Order Discount Woocommerce < 1.22 - Discount Update via CSRF

Description The plugin does not have CSRF check in its fodwsavediscount function, which could allow attackers to make logged in admins update discounts via a CSRF attack...

8.8CVSS8.6AI score0.00254EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/10 12:0 a.m.16 views

Awesome Support < 6.1.8 - Missing Authorization

Description The plugin is vulnerable to unauthorized access due to a missing capability check on an unknown function, allowing unauthenticated attackers to perform an unauthorized action...

9.4AI score0.00523EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/10 12:0 a.m.18 views

Sharkdropship dropshipping for Aliexpress, eBay, Amazon, etsy <= 2.1.2 - Missing Authorization

Description The plugin is vulnerable to unauthorized access due to a missing capability check on an unknown function, allowing unauthenticated attackers to perform an unauthorized action...

9.4AI score0.00506EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/10 12:0 a.m.13 views

WP Simple HTML Sitemap < 2.8 - Missing Authorization

Description The plugin is vulnerable to unauthorized access due to a missing capability check on an unknown function, allowing unauthenticated attackers to perform an unauthorized action...

9.4AI score0.00371EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/10 12:0 a.m.13 views

Multi Currency For WooCommerce < 1.5.6 - Cross-Site Request Forgery

Description The plugin is vulnerable to Cross-Site Request Forgery due to missing or incorrect nonce validation on an unknown function. This makes it possible for unauthenticated attackers to perform an unauthorized action via a forged request granted they can trick a site administrator into...

8.8CVSS8.5AI score0.00261EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/10 12:0 a.m.23 views

Annual Archive <= 1.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Annual Archive plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.6.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inje...

6.5CVSS5.7AI score0.00385EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/10 12:0 a.m.9 views

Author Avatars List/Block < 2.1.19 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.7AI score0.00385EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/10 12:0 a.m.24 views

Advanced Page Visit Counter <= 8.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Advanced Page Visit Counter plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 8.0.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and...

6.5CVSS5.7AI score0.00368EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/10 12:0 a.m.9 views

Square Thumbnails <= 1.1.0 - Missing Authorization

Description The Square Thumbnails plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on an unknown function in versions up to, and including, 1.1.0. This makes it possible for unauthenticated attackers to perform an unauthorized action...

7AI score0.00457EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/10 12:0 a.m.24 views

BC Menu Bar Cart Icon For WooCommerce By Binary Carpenter <= 1.49.3 - Cross-Site Request Forgery

Description The BC Menu Bar Cart Icon For WooCommerce By Binary Carpenter plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.49.3. This is due to missing or incorrect nonce validation on an unknown function. This makes it possible for...

8.8CVSS6.6AI score0.00321EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/10 12:0 a.m.16 views

Custom Post Type Page Template <= 1.1 - Cross-Site Request Forgery

Description The Custom Post Type Page Template plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on an unknown function. This makes it possible for unauthenticated attackers to perform an...

8.8CVSS6.3AI score0.00261EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/10 12:0 a.m.16 views

Caddy < 1.9.8 - Cross-Site Request Forgery

Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS8.8AI score0.00254EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/10 12:0 a.m.13 views

Alt Manager < 1.6.2 - Missing Authorization

Description The plugin is vulnerable to unauthorized access due to a missing capability check on an unknown function, allowing unauthenticated attackers to perform an unauthorized action...

9.4AI score0.00614EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/10 12:0 a.m.13 views

Rocket Maintenance Mode & Coming Soon Page < 4.4 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.9AI score0.00394EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/10 12:0 a.m.15 views

Smart Forms < 2.6.85 - Subscriber+ Arbitrary Options Update

Description The plugin does not have authorisation in an AJAX action hooked to smartformssavesettings, and does not ensure that the option to be updated belong to the plugin. As a result, any authenticated users, such as subscriber could update arbitrary options such as defaultrole and...

6.7AI score0.00522EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/10 12:0 a.m.18 views

Alma < 5.2.1 - Contributor+ Stored XSS

Description The plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping, allowing authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injecte...

6.5CVSS5.4AI score0.00377EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/10 12:0 a.m.23 views

WPPerformanceTester <= 2.0.0 - Cross-Site Request Forgery

Description The WPPerformanceTester plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0.0. This is due to missing or incorrect nonce validation on an unknown function. This makes it possible for unauthenticated attackers to perform an unauthorize...

8.8CVSS6.3AI score0.00256EPSS
Exploits0References1
Total number of security vulnerabilities14602