Lucene search
K
WpvulndbRecent

14602 matches found

WPVulnDB
WPVulnDB
added 2023/12/10 12:0 a.m.15 views

Livemesh Addons for WPBakery Page Builder < 3.6 - Contributor+ Stored XSS

Description The plugin does not sanitise and escape some parameters, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.8AI score0.00377EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.17 views

CSprite <= 1.1 - Cross-Site Request Forgery

Description The CSprite plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on an unknown function. This makes it possible for unauthenticated attackers to perform an unauthorized action via a...

8.8CVSS6.3AI score0.00294EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.14 views

CSV Importer < 0.3.9 - Cross-Site Request Forgery

Description The plugin is vulnerable to Cross-Site Request Forgery due to missing or incorrect nonce validation on an unknown function. This makes it possible for unauthenticated attackers to perform an unauthorized action via a forged request granted they can trick a site administrator into...

8.8CVSS8.5AI score0.00264EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.20 views

Genesis Simple Love <= 2.0 - Unauthenticated PHP Object Injection

Description The Genesis Simple Love plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.0 via deserialization of untrusted input. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the...

10CVSS7.3AI score0.00727EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.16 views

Structured Content < 1.6 - Contributor+ Stored XSS

Description The plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user...

6.5CVSS5.7AI score0.00385EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.15 views

Adifier System < 3.1.4 - Unauthenticated Local File Inclusion

Description The Adifier System plugin for WordPress is vulnerable to Local File Inclusion in all versions up to 3.1.4 exclusive. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This c...

8.2AI score0.006EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.17 views

WP Photo Album Plus < 8.6.01.005 - Cross-Site Scripting

Description The WP Photo Album Plus plugin for WordPress is vulnerable to Cross-Site Scripting in versions up to, and including, 8.5.02.005 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages tha...

7.1CVSS6.5AI score0.00396EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.28 views

Astra Pro < 4.3.2 - Authenticated(Contributor+) Remote Code Execution via Metabox

Description The Astra Pro Addon plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.3.1 via the ast-advanced-hook-php-code meta field. This makes it possible for authenticated attackers, with contributor access and above, to execute code on the serv...

9.9CVSS7.6AI score0.00661EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.23 views

WP Booking System < 2.0.19.3 - Missing Authorization

Description The WP Booking System plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the wpbssavecalendardata function in versions up to, and including, 2.0.19.2. This makes it possible for authenticated attackers, with subscriber-level access and above...

6.7AI score0.00404EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.10 views

Flexible Woocommerce Checkout Field Editor <= 2.0.1 - Missing Authorization

Description The Flexible Woocommerce Checkout Field Editor plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on an unknown function function in versions up to, and including, 2.0.1. This makes it possible for unauthenticated attackers to perform an...

7AI score0.00563EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.15 views

Bulk Edit Post Titles <= 5.0.0 - Missing Authorization

Description The Bulk Edit Post Titles plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on an unknown function in versions up to, and including, 5.0.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform ...

6.4AI score0.00396EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.15 views

RegistrationMagic < 5.2.3.1 - Missing Authorization

Description The RegistrationMagic plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the updateuserprofile function in versions up to, and including, 5.2.3.0. This makes it possible for unauthenticated attackers to update other user's...

6.6AI score0.00556EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.18 views

Biteship < 2.2.28 - Shop manager+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as Shop Manager and above to perform Stored Cross-Site Scripting attacks...

5.9CVSS5AI score0.00394EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.10 views

Product Catalog Feed by PixelYourSite < 2.2.0 - Cross-Site Request Forgery

Description The Product Catalog Feed by PixelYourSite plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1.1. This is due to missing or incorrect nonce validation on the setdisablestatus, setwpwoofschedule and checkfeedname functions. This makes i...

8.8CVSS6.3AI score0.00249EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.15 views

Couponis Demo < 2.2 - Unauthenticated SQL Injection

Description The Couponis Demo plugin for WordPress is vulnerable to SQL Injection in versions up to 2.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append addition...

9.8CVSS7.4AI score0.00764EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.15 views

Soledad < 8.4.2 - Reflected Cross-Site Scripting

Description The Soledad theme for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 8.4.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execut...

7.1CVSS6.3AI score0.00393EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.11 views

Fix My Feed RSS Repair <= 1.4 - Cross-Site Request Forgery

Description The Fix My Feed RSS Repair plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.4. This is due to missing or incorrect nonce validation on an unknown function. This makes it possible for unauthenticated attackers to perform an unauthoriz...

8.8CVSS6.6AI score0.00256EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.18 views

WooDiscuz – WooCommerce Comments <= 2.3.0 - Cross-Site Request Forgery

Description The WooDiscuz – WooCommerce Comments plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.3.0. This is due to missing or incorrect nonce validation on an unknown function. This makes it possible for unauthenticated attackers to perform a...

8.8CVSS6.3AI score0.0027EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.12 views

Digital Publications by Supsystic < 1.7.7 - Cross-Site Request Forgery via AJAX action

Description The plugin is vulnerable to Cross-Site Request Forgery due to missing or incorrect nonce validation on the AJAX action handler. This makes it possible for unauthenticated attackers to execute AJAX actions via a forged request granted they can trick a site administrator into performing...

8.8CVSS8.9AI score0.00272EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.16 views

Awesome Support < 6.1.11 - Missing Authorization

Description The plugin is vulnerable to unauthorized access due to a missing capability check on an unknown function, allowing authenticated attackers, with subscriber-level access and above, to perform an unauthorized action...

9.2AI score0.00462EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.19 views

Guest Author < 2.4 - Authenticated (Author+) Stored Cross-Site Scripting

Description The Guest Author plugin for WordPress is vulnerable to Stored Cross-Site Scripting via author name in versions up to, and including, 2.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level access and above, ...

5.9CVSS5.9AI score0.00374EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.20 views

Smart External Link Click Monitor [Link Log] <= 5.0.2 - Authenticated (Administrator+) Stored Cross-Site Scripting

Description The Smart External Link Click Monitor Link Log plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 5.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attacker...

5.9CVSS5.9AI score0.00394EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.22 views

Integrate Google Drive < 1.3.5 - Cross-Site Request Forgery

Description The Integrate Google Drive plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.4. This is due to missing or incorrect nonce validation on an unknown function. This makes it possible for unauthenticated attackers to perform an...

8.8CVSS6.3AI score0.00259EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.15 views

Soledad < 8.4.2 - Authenticated (Contributor+) SQL Injection

Description The Soledad theme for WordPress is vulnerable to SQL Injection in versions up to, and including, 8.4.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with...

8.5CVSS7.1AI score0.00528EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.20 views

Ultimate Addons for Contact Form 7 < 3.2.1 - Reflected Cross-Site Scripting

Description The Ultimate Addons for Contact Form 7 plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in versions up to, and including, 3.2.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers...

7.1CVSS6.3AI score0.00403EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.20 views

Product Enquiry for WooCommerce < 3.1 - Cross-Site Request Forgery

Description The Product Enquiry for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.0. This is due to missing or incorrect nonce validation on the processbulkaction function. This makes it possible for unauthenticated attackers to...

8.8CVSS8.4AI score0.0027EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.18 views

BCorp Shortcodes <= 0.23 - Unauthenticated PHP Object Injection

Description The BCorp Shortcodes plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 0.23 via deserialization of untrusted input. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerab...

10CVSS7.3AI score0.00727EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.19 views

Structured Content < 1.6 - Contributor+ PHP Object Injection

Description The plugin is vulnerable to PHP Object Injection via deserialization of untrusted input. This makes it possible for attackers, with contributor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable plugin. If a POP chain is present via an...

9.8CVSS9.7AI score0.00746EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.22 views

LiveChat < 4.5.16 - Cross-Site Request Forgery

Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS8.6AI score0.0027EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.19 views

AppMySite < 3.11.1 - Unauthenticated Information Disclsoure

Description The plugin is vulnerable to Sensitive Information Exposure, allowing unauthenticated attackers to extract sensitive user or configuration data...

7.5CVSS8AI score0.00452EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.16 views

Elementor Timeline Widget <= 2.0 - Missing Authorization to Notice Dismissal

Description The Elementor Timeline Widget plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check in versions up to, and including, 2.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to dismiss notices...

6.3AI score0.00457EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.17 views

Welcart e-Commerce < 2.9.7 - Authenticated (Administrator+) Directory Traversal

Description The Welcart e-Commerce plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.9.6 via the uploadcertificatefile function. This makes it possible for administrators to upload .pem or .crt files to arbitrary locations on the server...

4.1CVSS7.1AI score0.00458EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.17 views

Block for Font Awesome < 1.4.1 -Settings Update via CSRF

Description The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

8.8CVSS8.9AI score0.00259EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.22 views

Soledad < 8.4.2 - Unauthenticated PHP Object Injection

Description The Soledad theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 8.4.1 via deserialization of untrusted input. This makes it possible for unauthenticated attackers to inject a PHP Object. No POP chain is present in the vulnerable theme. If a...

9.8CVSS7.3AI score0.00567EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.21 views

WappPress < 6.0.0 - Unauthenticated Arbitrary File Upload

Description The plugin is vulnerable to arbitrary file uploads due to missing file type validation, allowing unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible...

10CVSS9.9AI score0.0063EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.22 views

Eventin <= 3.3.44 - Missing Authorization

Description The Eventin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on an unknown function in versions up to, and including, 3.3.44. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform an unauthoriz...

6.7AI score0.00575EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.13 views

Sayfa Sayaç <= 2.6 - Unauthenticated PHP Object Injection

Description The Sayfa Sayac plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.6 via deserialization of untrusted input. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable...

10CVSS7.3AI score0.00753EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.19 views

Symbiostock Lite <= 6.0.0 - Authenticated (Shop Manager+) Arbitrary File Upload

Description The Symbiostock – Sell Photos Online For Free! plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 6.0.0. This makes it possible for authenticated attackers, with shop manager-level access and above, to...

9.1CVSS7.6AI score0.00646EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.40 views

Spiffy Calendar < 4.9.6 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Spiffy Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to 4.9.6 exclusive due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.5CVSS5.9AI score0.00409EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.36 views

Download Manager < 3.2.83 - Unauthenticated Protected File Download Password Leak

Description The plugin does not protect file download's passwords, leaking it upon receiving an invalid one. PoC 223 being the ID of a password protected download: curl -X POST --data 'wpdmID=223=json=wpdmgetlink=wpdmajaxcall=123322' https://example.com/wp-json/wpdm/validate-password The response...

7.5CVSS6.7AI score0.02437EPSS
Exploits3Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.11 views

Cookie Bar < 2.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via settings

Description The Cookie Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...

5.9CVSS5.6AI score0.00374EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.15 views

Smart External Link Click Monitor [Link Log] <= 5.0.2 - Reflected Cross-Site Scripting

Description The Smart External Link Click Monitor Link Log plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 5.0.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

7.1CVSS6.5AI score0.00407EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.19 views

WPsoonOnlinePage <= 1.9 - Cross-Site Request Forgery

Description The WPsoonOnlinePage plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.9. This is due to missing or incorrect nonce validation on an unknown function. This makes it possible for unauthenticated attackers to perform an unauthorized...

8.8CVSS6.3AI score0.00264EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.25 views

WP Photo Album Plus < 8.6.01.003 - Insecure Direct Object Reference

Description The WP Photo Album Plus plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 8.5.02.005 due to missing validation on a user controlled key. This makes it possible for unauthenticated attacker to perform an unauthorized action bas...

7.5CVSS7.8AI score0.00533EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.28 views

Adifier System < 3.1.4 - Unauthenticated SQL Injection

Description The Adifier System plugin for WordPress is vulnerable to SQL Injection in versions up to 3.1.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append...

9.8CVSS7.8AI score0.00588EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.16 views

Code Embed < 2.3.7 - Authenticated(Contributor+) Denial of Service

Description The Code Embed plugin for WordPress is vulnerable to Denial of Service in all versions up to, and including, 2.3.6. This makes it possible for authenticated attackers, with contributor access and above, to disrupt access to the site...

7AI score0.00449EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.19 views

Gift Up < 2.22 - Settings Update via CSRF

Description The plugin is vulnerable to Cross-Site Request Forgery due to missing or incorrect nonce validation on the consumepost function, allowing unauthenticated attackers to set the plugin's API key and update other plugin settings via a forged request granted they can trick a site...

8.8CVSS8.9AI score0.00249EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.20 views

Webflow Pages <= 1.0.8 - Missing Authorization

Description The Webflow Pages plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on an unknown function in versions up to, and including, 1.0.8. This makes it possible for unauthenticated attackers to perform an unauthorized action...

7AI score0.00497EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.16 views

Dashboard Widgets Suite < 3.4.2 - Authenticated (Administrator+) Stored Cross-Site Scripting

Description The Dashboard Widgets Suite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.4.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

5.9CVSS5.9AI score0.00394EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/09 12:0 a.m.17 views

SureTriggers < 1.0.24 - Cross-Site Request Forgery

Description The SureTriggers plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.23. This is due to missing or incorrect nonce validation on an unknown function. This makes it possible for unauthenticated attackers to perform an unauthorized acti...

8.8CVSS6.6AI score0.00256EPSS
Exploits0References1Affected Software1
Total number of security vulnerabilities14602