Lucene search
K
WpvulndbRecent

14602 matches found

WPVulnDB
WPVulnDB
added 2023/12/08 12:0 a.m.18 views

System Dashboard < 2.8.8 - Missing Authorization to Information Disclosure (sd_constants)

Description The System Dashboard plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the sdconstants function hooked via an AJAX action in all versions up to, and including, 2.8.7. This makes it possible for authenticated attackers, with...

4.3CVSS6.3AI score0.00468EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/08 12:0 a.m.32 views

JetEngine < 3.2.5 - Authenticated (Contributor+) Privilege Escalation

Description The JetEngine plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.2.4. This is due to an unknown issue. This makes it possible for authenticated attackers, with contributor-level access and above, to gain elevated privileges...

7.4AI score0.00553EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/08 12:0 a.m.19 views

Doofinder for WooCommerce < 2.1.8 - Reflected Cross-Site Scripting

Description The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS5.9AI score0.00403EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/08 12:0 a.m.20 views

Track Geolocation Of Users Using Contact Form 7 <= 1.4 - Authenticated (Administrator+) Stored Cross-Site Scripting

Description The Track Geolocation Of Users Using Contact Form 7 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

5.9CVSS5.5AI score0.00386EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/08 12:0 a.m.19 views

teachPress < 9.0.6 - Cross-Site Request Forgery via delete_database()

Description The teachPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 9.0.5. This is due to missing or incorrect nonce validation on the deletedatabase function. This makes it possible for unauthenticated attackers to clear the database...

8.8CVSS6.1AI score0.0027EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/08 12:0 a.m.24 views

WP Cleanfix < 5.7.0 - Subscriber+ Post/Comment/Post Meta Content Replacement

Description The plugin is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the register function, allowing authenticated attackers, with subscriber-level access and above, to find and replace post, comment, and postmeta content as well as...

9.2AI score0.00369EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/08 12:0 a.m.14 views

WP Catalogue <= 1.7.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode

Description The WP Catalogue plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.7.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.5CVSS5.5AI score0.00377EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/08 12:0 a.m.16 views

WOOCS – WooCommerce Currency Switcher < 1.4.1.5 - Cross-Site Request Forgery via delete_profiles_data

Description The WOOCS – WooCommerce Currency Switcher plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.4.1.4. This is due to missing or incorrect nonce validation on the deleteprofilesdata function. This makes it possible for unauthenticated...

8.8CVSS6.6AI score0.00254EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/08 12:0 a.m.14 views

System Dashboard < 2.8.8 - Missing Authorization to Information Disclosure (sd_global_value)

Description The System Dashboard plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the sdglobalvalue function hooked via an AJAX action in all versions up to, and including, 2.8.7. This makes it possible for authenticated attackers, with...

4.3CVSS6.4AI score0.00432EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/08 12:0 a.m.20 views

Affiliate Booster < 3.0.6 - Blocks Enabling/Disabling via CSRF

Description The plugin is vulnerable to Cross-Site Request Forgery due to missing or incorrect nonce validation on the processbulkaction function. This makes it possible for unauthenticated attackers to enable or disable all blocks via a forged request granted they can trick a site administrator...

8.8CVSS8.5AI score0.0028EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/08 12:0 a.m.17 views

SpeedyCache < 1.1.3 - Authenticated (Subscriber+) Server-Side Request Forgery

Description The SpeedyCache – Cache, Optimization, Performance plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.1.2 via the speedycachecreatetestcache function. This makes it possible for authenticated attackers, subscriber-level access and...

4.9CVSS6.5AI score0.00324EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/08 12:0 a.m.9 views

Manage Notification E-mails < 1.8.6 - Missing Authorization

Description The Manage Notification E-mails plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.8.5 via the cardfamneexportsettings function. This makes it possible for unauthenticated attackers to obtain plugin settings...

5.3CVSS6.4AI score0.00459EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/08 12:0 a.m.10 views

Parallax Slider Block < 1.2.6 - Author+ Stored XSS

Description The plugin for WordPress is vulnerable to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level access and above, to inject arbitrary web scripts in pages that will execute whenever...

5.9CVSS5.3AI score0.00374EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/08 12:0 a.m.25 views

WP Event Manager < 3.1.42 - Editor+ Stored XSS

Description The plugin does not sanitise and escape some parameters, which could allow users with a role as low as Editor to perform Stored Cross-Site Scripting attacks...

5.9CVSS5.4AI score0.00382EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/08 12:0 a.m.20 views

which template file < 5.1.0 - Reflected XSS

Description The plugin does not sanitise and escape the page parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6.1AI score0.00412EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/08 12:0 a.m.12 views

Innovs HR <= 1.0.3.4 - Reflected Cross-Site Scripting

Description The Innovs HR plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 1.0.3.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that...

7.1CVSS6.1AI score0.00412EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/08 12:0 a.m.22 views

Quantity Plus Minus Button for WooCommerce by CodeAstrology < 1.2.0 Settings Update via CSRF

Description The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

8.8CVSS6.7AI score0.00288EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/08 12:0 a.m.15 views

Automatic Youtube Video Posts Plugin <= 5.2.2 - Authenticated (Administrator+) Stored Cross-Site Scripting via settings

Description The Automatic Youtube Video Posts Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 5.2.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wit...

5.9CVSS5.8AI score0.00386EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/08 12:0 a.m.14 views

Adifier (Premium Theme) < 3.1.4 - Reflected Cross-Site Scripting

Description The Adifier Premium Theme theme for WordPress is vulnerable to Reflected Cross-Site Scripting via an unknown parameter in versions up to, and including, 3.9.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

7.1CVSS6.5AI score0.00407EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/08 12:0 a.m.27 views

BigCommerce <= 5.0.7 - Unauthenticated Sensitive Information Exposure

Description The BigCommerce For WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.0.7. This makes it possible for unauthenticated attackers to extract sensitive data...

7.5CVSS7.9AI score0.00443EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/08 12:0 a.m.19 views

Formzu WP < 1.6.7 - Contributor+ Stored XSS via id

Description The plugin does not validate and escape the ‘id’ parameter, allowing users with the contributor role and above perform Stored XSS attacks...

6.5CVSS5.6AI score0.00409EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/08 12:0 a.m.16 views

CommentLuv <= 4 - Unauthenticated SSRF

Description The plugin is vulnerable to Server-Side Request Forgery via the doclick function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal service...

7.5CVSS8AI score0.0043EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/08 12:0 a.m.11 views

Abandoned Cart Lite for WooCommerce < 5.16.2 - Missing Authorization via multiple AJAX functions

Description The Abandoned Cart Lite for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to missing capability checks on multiple AJAX functions in versions up to, and including, 5.16.1. This makes it possible for authenticated attackers,...

6.7AI score0.00457EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/08 12:0 a.m.16 views

Yet Another Stars Rating < 3.4.4 - Missing Authorization via init

Description The Yet Another Stars Rating plugin for WordPress is vulnerable to unauthorized modification of data due to a missing check on the init function in versions up to, and including, 3.4.3. This makes it possible for unauthenticated attackers to vote on private or nonexistent posts...

7AI score0.00431EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/08 12:0 a.m.13 views

PayHere Payment Gateway < 2.2.12 - Unauthenticated Log Data Disclosure

Description The plugin automatically creates publicly-accessible log files containing sensitive information when transactions occur. PoC https://www.suppliment.lk/wp-content/uploads/payhere-logs/?SD https://www.medic.lk/wp-content/uploads/payhere-logs/?SD...

7.5CVSS6.2AI score0.0072EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/08 12:0 a.m.17 views

Email Subscription Popup < 1.2.19 - Reflected Cross-Site Scripting

Description The Email Subscription Popup plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the HTTPREFERER header in all versions up to, and including, 1.2.18 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

6.1CVSS6.5AI score0.00378EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/08 12:0 a.m.19 views

BP Better Messages < 2.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode

Description The Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 2.4.0 due to insufficient input sanitization and output...

6.5CVSS5.9AI score0.00385EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/08 12:0 a.m.16 views

File Gallery <= 1.8.5.4 - Reflected Cross-Site Scripting via post_id

Description The File Gallery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘postid’ parameter in versions up to, and including, 1.8.5.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitra...

7.1CVSS6.5AI score0.00412EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/08 12:0 a.m.50 views

JetEngine < 3.2.5 - Missing Authorization

Description The JetEngine plugin for WordPress is vulnerable to unauthorized access due to a missing capability check in versions up to, and including, 3.2.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform an unauthorized action...

6.7AI score0.003EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/08 12:0 a.m.219 views

Elementor < 3.18.2 - Contributor+ Arbitrary File Upload to RCE via Template Import

Description The plugin is vulnerable to Remote Code Execution via file upload via the template import functionality, allowing authenticated attackers, with contributor-level access and above, to upload files and execute code on the server. PoC 1. Edit a post in Elementor. 2. Import a template...

9.9CVSS9.7AI score0.041EPSS
Exploits3References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/07 12:0 a.m.41 views

WP 6.4-6.4.1 - POP Chain

Description WP 6.4 introduced a PHP gadget chain. While the issue is not directly exploitable, it could be used along with a PHP unserialization for example in a plugin or theme installed on the blog to achieve RCE...

7AI score
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/07 12:0 a.m.7 views

Calculated Fields Form < 1.2.41 - Authenticated (Admin+) Stored Cross-Site Scripting

Description The Calculated Fields Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.2.40 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

4.8CVSS5.6AI score0.00303EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/07 12:0 a.m.21 views

NextScripts < 4.4.3 - Reflected Cross-Site Scripting via code

Description The NextScripts plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘code’ parameter in versions up to, and including, 4.4.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary we...

7.1CVSS6.1AI score0.00407EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/07 12:0 a.m.20 views

CF7 Google Sheets Connector < 5.0.6 - Unauthenticated Sensitive Information Exposure via Debug Log

Description The CF7 Google Sheets Connector plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.0.5 via the debug log functionality in google-sheet-connector.php. This makes it possible for unauthenticated attackers to extract sensitive dat...

7.5CVSS6.4AI score0.0052EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/07 12:0 a.m.20 views

Coming soon and Maintenance mode <= 3.7.3 - IP Address Spoofing via get_real_ip

Description The Coming soon and Maintenance mode plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 3.7.3 due to the use of user-supplied HTTP headers as a primary method for IP retrieval. This makes it possible for attackers to bypass the coming soon...

6.3AI score0.0034EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/07 12:0 a.m.22 views

Nested Pages < 3.2.7 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.3AI score0.00386EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/07 12:0 a.m.11 views

Enhanced Text Widget <= 1.6.2 - Missing Authorization via etw_hide_admin_notification_callback

Description The Enhanced Text Widget plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the etwhideadminnotificationcallback function in versions up to, and including, 1.6.2. This makes it possible for unauthenticated attackers to hide adm...

6.4AI score0.00457EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/07 12:0 a.m.11 views

Social Pug < 1.30.1 - Missing Authorization via multiple admin_init actions

Description The plugin is vulnerable to unauthorized modification of data due to a missing capability check on multiple functions that run on admininit, allowing unauthenticated attackers to update the database...

6.5AI score0.00457EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/07 12:0 a.m.15 views

Aruba HiSpeed Cache < 2.0.7 - Unauthenticated Log File Access

Description The plugin is vulnerable to Sensitive Information Exposure via the plugin's log file, allowing unauthenticated attackers to extract sensitive data including debug and trace information...

7.5CVSS7.7AI score0.00599EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/07 12:0 a.m.12 views

Customer Reviews for WooCommerce < 5.36.1 - Missing Authorization

Description The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on several AJAX actions in versions up to, and including, 5.36.0. This makes it possible for authenticated attackers with subscriber level...

6.7AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/07 12:0 a.m.8 views

Optimize Database after Deleting Revisions < 5.1 - Missing Authorization via 'odb_csv_download'

Description The Optimize Database after Deleting Revisions plugin for WordPress is vulnerable to information disclosure in versions up to, and including, 5.0.110. This is due to a missing capability check on the 'odbcsvdownload' function which is hooked via admininit. This makes it possible for...

6.6AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/07 12:0 a.m.25 views

RegistrationMagic < 5.2.4.2 - Reflected Cross-Site Scripting via section_id

Description The RegistrationMagic plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘sectionid’ parameter in versions up to, and including, 5.2.4.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

7.1CVSS6.5AI score0.00351EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/07 12:0 a.m.16 views

Media File Renamer < 5.7.0 - Sensitive Information Exposure via Log File

Description The Media File Renamer: Rename Files Manual, Auto & AI plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.6.9 via the logging functionality. This makes it possible for unauthenticated attackers to extract sensitive data includi...

7.5CVSS6.5AI score0.00648EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/07 12:0 a.m.23 views

Email Address Encoder 1.0.22 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Email Address Encoder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's eaeshortcode shortcode in version 1.0.22 due to insufficient input sanitization and output escaping on the 'link' user supplied attribute. This makes it possible for...

6.5CVSS5.5AI score0.004EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/07 12:0 a.m.19 views

ArtPlacer Widget < 2.20.7 - Editor+ SQLi

Description The plugin does not sanitize and escape the "id" parameter before submitting the query, leading to a SQLI exploitable by editors and above. Note: Due to the lack of CSRF check, the issue could also be exploited via a CSRF against a logged editor or above PoC As an editor, open...

8.8CVSS6.4AI score0.00415EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/07 12:0 a.m.14 views

WP Retina 2x < 6.4.6 - Sensitive Information Exposure

Description The Perfect Images Manage Image Sizes, Thumbnails, Replace, Retina plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.4.5 due to guessable log file names. This makes it possible for unauthenticated attackers to extract sensitiv...

7.5CVSS6.9AI score0.01437EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/07 12:0 a.m.22 views

HUSKY – Products Filter for WooCommerce (formerly WOOF) < 1.3.4.3 - Unauthenticated SQL Injection via search terms

Description The HUSKY – Products Filter for WooCommerce formerly WOOF plugin for WordPress is vulnerable to generic SQL Injection via search terms in versions up to, and including, 1.3.4.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existi...

9.8CVSS7.2AI score0.00588EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/07 12:0 a.m.29 views

Responsive Lightbox < 2.4.6 - Authenticated (Author+) Stored Cross-Site Scripting via name

Description The Responsive Lightbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘name’ parameter in versions up to, and including, 2.4.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level...

5.9CVSS5.9AI score0.00382EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/07 12:0 a.m.17 views

JetFormBuilder < 3.1.5 - Unauthenticated Content Injection

Description The JetFormBuilder — Dynamic Blocks Form Builder plugin for WordPress is vulnerable to content injection in all versions up to, and including, 3.1.4. This makes it possible for unauthenticated attackers to inject content onto the site...

6.8AI score0.00373EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/07 12:0 a.m.12 views

Site Offline < 1.5.7 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.9AI score0.00386EPSS
Exploits0References1Affected Software1
Total number of security vulnerabilities14602