Lucene search
K
WpvulndbRecent

14602 matches found

WPVulnDB
WPVulnDB
added 2024/06/05 12:0 a.m.17 views

Login/Signup Popup ( Inline Form + Woocommerce ) 2.7.1 - 2.7.2 - Missing Authorization to Arbitrary Options Exposure

Description The Login/Signup Popup Inline Form + Woocommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ‘exportsettings’ function in versions 2.7.1 to 2.7.2. This makes it possible for authenticated attackers, with Subscriber-level...

4.3CVSS6.5AI score0.00362EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/06/05 12:0 a.m.14 views

WP Dark Mode – WordPress Dark Mode Plugin for Improved Accessibility, Dark Theme, Night Mode, and Social Sharing < 5.0.5 - Missing Authorization

Description The WP Dark Mode – WordPress Dark Mode Plugin for Improved Accessibility, Dark Theme, Night Mode, and Social Sharing plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpdmsocialsharesaveoptions function in all versions up...

4.3CVSS6.4AI score0.00346EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/06/05 12:0 a.m.17 views

Easy Digital Downloads – Recent Purchases <= 1.0.2 - Unauthenticated Remote File Inclusion

Description The Easy Digital Downloads – Recent Purchases plugin for WordPress is vulnerable to Remote File Inclusion in all versions up to, and including, 1.0.2. This makes it possible for unauthenticated attackers to include and execute arbitrary files hosted on external server,s allowing the...

9.8CVSS9.8AI score0.00538EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/06/05 12:0 a.m.10 views

FV Flowplayer Video Player < 7.5.46.7212 - Reflected Cross-Site Scripting

Description The FV Flowplayer Video Player plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 7.5.45.7212 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary we...

7.1CVSS6.3AI score0.00271EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/06/05 12:0 a.m.12 views

Restrict for Elementor <= 1.0.6 - Protection Mechanism Bypass

Description The Restrict for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.6 due to improper restrictions on hidden data that make it accessible through the REST API. This makes it possible for unauthenticated attackers to...

5.3CVSS6.7AI score0.00452EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/06/05 12:0 a.m.14 views

WP Back Button <= 1.1.3 - Authenticated (Admin+) Stored Cross-Site Scripting

Description The WP Back Button plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...

5.9CVSS5.7AI score0.00259EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/06/05 12:0 a.m.20 views

Frontend Checklist <= 2.3.2 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. Go to frontend-checklist admin...

4.9AI score0.00329EPSS
Exploits2
WPVulnDB
WPVulnDB
added 2024/06/05 12:0 a.m.16 views

Blocksy Companion < 2.0.43 - Authenticated (Admin+) Server-Side Request Forgery

Description The Blocksy Companion plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.0.42. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations originating...

4.9CVSS9.2AI score0.00262EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/06/05 12:0 a.m.11 views

Spotify Play Button <= 1.0 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC spotify-play...

5.7AI score0.00356EPSS
Exploits2
WPVulnDB
WPVulnDB
added 2024/06/05 12:0 a.m.12 views

The Moneytizer <= 9.5.20 - Missing Authorization via multiple AJAX actions

Description The The Moneytizer plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability check on multiple AJAX functions in the /core/coreajax.php file in all versions up to, and including, 9.5.20. This makes it possible...

8.1CVSS6.4AI score0.00394EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/06/05 12:0 a.m.11 views

Uploadcare File Uploader and Adaptive Delivery (beta) <= 3.0.11 - Cross-Site Request Forgery

Description The Uploadcare File Uploader and Adaptive Delivery beta plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0.11. This is due to missing or incorrect nonce validation on an unknown function. This makes it possible for unauthenticate...

4.3CVSS9.2AI score0.00172EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/06/05 12:0 a.m.8 views

Rotating Tweets (Twitter widget and shortcode) <= 1.9.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Description The Rotating Tweets Twitter widget and shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's' 'rotatingtweets' in all versions up to, and including, 1.9.10 due to insufficient input sanitization and output escaping on user supplied attributes. Th...

6.4CVSS5.8AI score0.00257EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/06/05 12:0 a.m.7 views

Countdown, Coming Soon, Maintenance – Countdown & Clock < 2.7.8.1 - Missing Authorization to Authenticated (Subscriber+) PHP Object Injection

Description The Countdown, Coming Soon, Maintenance – Countdown & Clock plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the conditionsRow and switchCountdown functions in all versions up to, and including, 2.7.8. This makes it possible for...

5.4CVSS6.5AI score0.00317EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/06/05 12:0 a.m.9 views

WP TripAdvisor Review Slider < 12.7 - Authenticated (Administrator+) SQL Injection

Description The WP TripAdvisor Review Slider plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 12.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticate...

7.6CVSS7.2AI score0.00394EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/06/05 12:0 a.m.14 views

WebP & SVG Support <= 1.4.0 - Author+ Stored XSS via SVG

Description The plugin does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads. PoC Upload an SVG with the following markup: Load the SVG and see the XSS. Code reference:...

6.2AI score0.00331EPSS
Exploits2
WPVulnDB
WPVulnDB
added 2024/06/05 12:0 a.m.9 views

Album and Image Gallery plus Lightbox < 2.1 - Unauthenticated Arbitrary Shortcode Execution

Description The The Album and Image Gallery plus Lightbox plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.0. This is due to the software allowing users to execute an action that does not properly validate a value before running...

7.3CVSS7.5AI score0.00478EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/06/05 12:0 a.m.16 views

Cowidgets – Elementor Addons <= 1.1.1 - Authenticated (Contributor+) Local File Inclusion

Description The Cowidgets – Elementor Addons plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.1.1 via the 'itemstyle' and 'style' parameters. This makes it possible for authenticated attackers, with Contributor-level access and above, to include a...

8.8CVSS7.6AI score0.00932EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/06/05 12:0 a.m.12 views

Easy Social Like Box – Popup – Sidebar Widget <= 4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Description The Easy Social Like Box – Popup – Sidebar Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'cardozafacebooklikebox' shortcode in all versions up to, and including, 4.0 due to insufficient input sanitization and output escaping on user supplied...

6.4CVSS5.8AI score0.00314EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/06/05 12:0 a.m.11 views

WordPress prettyPhoto <= 1.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via url Parameter

Description The WordPress prettyPhoto plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.8AI score0.00333EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/06/04 12:0 a.m.12 views

Mime Types Extended <= 0.11 - Author+ Stored XSS via SVG Upload

Description The plugin does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads. PoC 1. As an admin, enable SVG uploads at https://example.com/wp-admin/options-general.php?page=mime-types-extended 2. As an author,...

5.7AI score0.0035EPSS
Exploits2
WPVulnDB
WPVulnDB
added 2024/06/04 12:0 a.m.14 views

Boostify Header Footer Builder for Elementor < 1.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via size Parameter

Description The Boostify Header Footer Builder for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘size’ parameter in all versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS5.8AI score0.00321EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/06/04 12:0 a.m.13 views

Brizy – Page Builder < 2.4.42 - Authenticated(Contributor+) Stored Cross-Site Scripting

Description The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via post content in all versions up to, and including, 2.4.41 due to insufficient input sanitization performed only on the client side and insufficient output escaping. This makes it possible fo...

7.1CVSS5.7AI score0.00267EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/06/04 12:0 a.m.15 views

Brizy – Page Builder < 2.4.44 - Unauthenticated Stored Cross-Site Scripting via Form

Description The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form name values in all versions up to, and including, 2.4.43 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

7.2CVSS6AI score0.00378EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/06/04 12:0 a.m.10 views

Responsive Addons – Starter Templates, Advanced Features and Customizer Settings for Responsive Theme. < 3.0.6 - Authenticated (Author+) Stored Cross-Site Scripting

Description The Responsive Addons – Starter Templates, Advanced Features and Customizer Settings for Responsive Theme. plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's file uploader in all versions up to, and including, 3.0.5 due to insufficient input sanitizatio...

6.4CVSS5.8AI score0.00315EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/06/04 12:0 a.m.11 views

Mollie Forms < 2.6.14 - Cross-Site Request Forgery to Arbitrary Post Duplication

Description The Mollie Forms plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.13. This is due to missing or incorrect nonce validation on the duplicateForm function. This makes it possible for unauthenticated attackers to duplicate forms v...

4.3CVSS6.4AI score0.00185EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/06/04 12:0 a.m.12 views

Newsletter < 8.3.5 - Unauthenticated Stored Cross-Site Scripting via np1

Description The Newsletter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'np1' parameter in all versions up to, and including, 8.3.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.4CVSS6AI score0.00291EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/06/04 12:0 a.m.14 views

Brizy – Page Builder < 2.4.44 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Attributes

Description The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Custom Attributes for blocks in all versions up to, and including, 2.4.43 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS5.7AI score0.00254EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/06/04 12:0 a.m.15 views

Email Subscribers by Icegram Express < 5.7.21 - Unauthenticated SQL Injection via hash

Description The Email Subscribers by Icegram Express plugin for WordPress is vulnerable to SQL Injection via the ‘hash’ parameter in all versions up to, and including, 5.7.20 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...

9.8CVSS9.6AI score0.10161EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/06/04 12:0 a.m.14 views

Download Manager < 3.2.94 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpdm_modal_login_form Shortcode

Description The Download Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpdmmodalloginform' shortcode in all versions up to, and including, 3.2.93 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

6.4CVSS5.8AI score0.00263EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/06/04 12:0 a.m.9 views

LifterLMS – WordPress LMS Plugin for eLearning < 7.6.3 - Authenticated (Contributor+) SQL Injection via Shortcode

Description The LifterLMS – WordPress LMS Plugin for eLearning plugin for WordPress is vulnerable to SQL Injection via the orderBy attribute of the lifterlmsfavorites shortcode in all versions up to, and including, 7.6.2 due to insufficient escaping on the user supplied parameter and lack of...

9.8CVSS7.1AI score0.00457EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/06/04 12:0 a.m.15 views

Logo Manager For Enamad <= 0.7.0 - Stored XSS via CSRF

Description The plugin does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack PoC Make a logged in admin open an HTML file containing:...

5.5AI score0.00464EPSS
Exploits2
WPVulnDB
WPVulnDB
added 2024/06/04 12:0 a.m.11 views

Brizy – Page Builder < 2.4.44 - Authenticated (Contributor+) Store Cross-Site Scripting via Widget Link To URL

Description The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Link To' field of multiple widgets in all versions up to, and including, 2.4.43 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

7.4CVSS5.8AI score0.00322EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/06/04 12:0 a.m.16 views

EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor < 4.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via EmbedPress PDF Widget

Description The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'url' attribute within the plugin's EmbedPress PDF widget in all versions...

6.4CVSS5.7AI score0.00314EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/06/04 12:0 a.m.20 views

GP Premium < 2.4.1 - Reflected Cross-Site Scripting

Description The GP Premium plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the message parameter in all versions up to, and including, 2.4.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrar...

6.1CVSS6.3AI score0.00637EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/06/04 12:0 a.m.9 views

Weaver Xtreme Theme Support < 6.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via div Shortcode

Description The Weaver Xtreme Theme Support plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's div shortcode in all versions up to, and including, 6.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.8AI score0.00273EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/06/04 12:0 a.m.9 views

Brizy – Page Builder < 2.4.44 - Authenticated(Contributor+) Stored Cross-Site Scripting via Form Functionality

Description The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's contact form widget error message and redirect URL in all versions up to, and including, 2.4.43 due to insufficient input sanitization and output escaping on user supplied error...

6.4CVSS5.7AI score0.00254EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/06/04 12:0 a.m.17 views

LearnPress – WordPress LMS Plugin < 4.2.6.8.1 - Basic Information Disclosure via JSON API

Description The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.2.6.8 due to incorrect implementation of getitemspermissionscheck function. This makes it possible for unauthenticated attackers to extrac...

5.3CVSS6.5AI score0.01008EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/06/04 12:0 a.m.12 views

GamiPress – Link < 1.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The GamiPress – Link plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's gamipresslink shortcode in all versions up to, and including, 1.1.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible fo...

6.4CVSS5.8AI score0.00257EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/06/04 12:0 a.m.9 views

Gutenberg Blocks and Page Layouts – Attire Blocks < 1.9.3 - Missing Authorization

Description The Gutenberg Blocks and Page Layouts – Attire Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the disablefeassets function in all versions up to, and including, 1.9.2. This makes it possible for authenticated...

4.3CVSS6.5AI score0.0028EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/06/04 12:0 a.m.10 views

ProfileGrid < 5.8.7 - Missing Authorization

Description The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pmdismissiblenotice and pmwizardupdategroupicon functions in all versions up to, and including, 5.8.6. This makes it...

4.3CVSS6.6AI score0.00351EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/06/03 12:0 a.m.12 views

Claudio Sanches – Checkout Cielo for WooCommerce <= 1.1.0 - Insufficient Verification of Data Authenticity to Order Payment Status Update

Description The Claudio Sanches – Checkout Cielo for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to insufficient payment validation in the updateorderstatus function in all versions up to, and including, 1.1.0. This makes it possible for unauthenticated...

5.3CVSS6.8AI score0.002EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/06/03 12:0 a.m.20 views

SEOPress < 7.8 - Contributor+ Open Redirect

Description The plugin does not validate and escape one of its Post settings, which could allow contributor and above role to perform Open redirect attacks against any user viewing a malicious post PoC As a contributor, create a new Post, at the bottom of the page put the following payload in the...

6.4AI score0.00329EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/06/03 12:0 a.m.14 views

WP-DB-Table-Editor <= 1.8.4 - Missing Authorization to Authenticated(Contributor+) Database Access

Description The WP-DB-Table-Editor plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to lack of a default capability requirement on the 'dbterender' function in all versions up to, and including, 1.8.4. This makes it possible for...

7.5CVSS6.4AI score0.00382EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/06/03 12:0 a.m.12 views

WPUpper Share Buttons <= 3.43 - Missing Authorization

Description The WPUpper Share Buttons plugin for WordPress is vulnerable to unauthorized access of data when preparing sharing links for posts and pages in all versions up to, and including, 3.43. This makes it possible for unauthenticated attackers to obtain the contents of password protected...

5.3CVSS6.8AI score0.00423EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/06/03 12:0 a.m.15 views

Slider Revolution < 6.7.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via Elementor wrapperid and zindex

Description The Slider Revolution plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 6.7.10 due to insufficient input sanitization and output escaping on the user supplied Elementor 'wrapperid' and 'zindex' display attributes. This makes it...

6.4CVSS5.7AI score0.00263EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/06/03 12:0 a.m.15 views

Authorize.net Payment Gateway For WooCommerce <= 8.0 - Insufficient Verification of Data Authenticity to Unauthenticated Payment Bypass

Description The Authorize.net Payment Gateway For WooCommerce plugin for WordPress is vulnerable to payment bypass in all versions up to, and including, 8.0. This is due to the plugin not properly verifying the authenticity of the request that updates a orders payment status. This makes it possib...

5.3CVSS6.8AI score0.00206EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/06/03 12:0 a.m.22 views

Cowidgets – Elementor Addons <= 1.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via heading_tag Parameter

Description The Cowidgets – Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘headingtag’ parameter in all versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

6.5CVSS5.7AI score0.00349EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/06/03 12:0 a.m.9 views

Fluid Notification Bar <= 3.2.3 - Authenticated (Admin+) Stored Cross-Site Scripting

Description The Fluid Notification Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.2.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

4.4CVSS5.7AI score0.00271EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/06/03 12:0 a.m.9 views

Admin Notices Manager < 1.5.0 - Missing Authorization to Authenticated (Subscriber+) User Email Retrieval

Description The Admin Notices Manager plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the handleajaxcall function in all versions up to, and including, 1.4.0. This makes it possible for authenticated attackers, with subscriber-level access an...

4.3CVSS6.4AI score0.00383EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/06/03 12:0 a.m.19 views

SureTriggers – Connect All Your Plugins, Apps, Tools & Automate Everything! < 1.0.48 - Authenticated (Contributor+) Stored Cross-Site Scripting via Trigger Link Shortcode

Description The SureTriggers – Connect All Your Plugins, Apps, Tools & Automate Everything! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Trigger Link shortcode in all versions up to, and including, 1.0.47 due to insufficient input sanitization and output...

6.4CVSS5.8AI score0.00355EPSS
Exploits0References1Affected Software1
Total number of security vulnerabilities14602