14602 matches found
EasyRecipe <= 3.5.3251 - Cross-Site Request Forgery
Description The EasyRecipe plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.5.3251. This is due to missing nonce validation on several functions such as the saveStyle and updateCustomCSS functions. This makes it possible for unauthenticated...
UserPro < 5.1.2 - Cross-Site Request Forgery via multiple functions
Description The UserPro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.1.1. This is due to missing or incorrect nonce validation on multiple functions. This makes it possible for unauthenticated attackers to add, modify, or delete user meta an...
UserPro < 5.1.1 - Cross-Site Request Forgery to PHP Object Injection
Description The UserPro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.1.0. This is due to missing or incorrect nonce validation on the 'importsettings' function. This makes it possible for unauthenticated attackers to exploit PHP Object...
Image Hover Effects <= 5.5 - Cross-Site Request Forgery
Description The Image Hover Effects plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.5. This is due to missing or incorrect nonce validation on the savecaptionoptions function. This makes it possible for unauthenticated attackers to modify the...
Best Restaurant Menu by PriceListo <= 1.3.1 - Cross-Site Request Forgery via menu_page
Description The Best Restaurant Menu by PriceListo plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.1. This is due to missing or incorrect nonce validation on the menupage function. This makes it possible for unauthenticated attackers to modif...
Legal Pages < 1.3.9 - Cross-Site Request Forgery via moveToTrash and fetch_and_insert_template_data
Description The Legal Pages plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.8. This is due to missing or incorrect nonce validation on the moveToTrash and fetchandinserttemplatedata functions. This makes it possible for unauthenticated...
UserPro < 5.1.2 - Cross-Site Request Forgery to Sensitive Information Exposure
Description The UserPro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.1.1. This is due to missing or incorrect nonce validation on the 'exportusers' function. This makes it possible for unauthenticated attackers to export the users to a csv...
Copy Or Move Comments <= 5.0.4 - Authenticated (Subscriber+) SQL Injection
Description The Copy Or Move Comments plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 5.0.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated...
Blog Filter < 1.5.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Description The Blog Filter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'AWL-BlogFilter' shortcode in versions up to, and including, 1.5.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
Digirisk 6.0.0.0 - Reflected Cross-Site Scripting
Description The Digirisk plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'currentgroupid' parameter in version 6.0.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...
CPO Shortcodes <= 1.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Description The CPO Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.5.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CallRail Phone Call Tracking < 0.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Description The CallRail Phone Call Tracking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'callrailform' shortcode in versions up to, and including, 0.5.2 due to insufficient input sanitization and output escaping on the 'formid' user supplied attribute. This makes it...
ICS Calendar < 10.12.0.2 - Authenticated(Contributor+) Directory Traversal via _url_get_contents
Description The ICS Calendar plugin for WordPress is vulnerable to Directory Traversal in all versions up, and including, 10.12.0.1 via the urlgetcontents function. This makes it possible for authenticated attackers, with contributor access and above, to read the contents of arbitrary files on th...
Website Optimization – Plerdy < 1.3.3 - Authenticated (Admin+) Stored Cross-Site Scripting
Description The Website Optimization – Plerdy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's tracking code settings in all versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
Funnelforms Free < 3.4.2 - Cross-Site Request Forgery to Arbitrary Post Duplication
Description The Funnelforms Free plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.4. This is due to missing or incorrect nonce validation on the fnsfcopyposts function. This makes it possible for unauthenticated attackers to create copies of...
LayerSlider < 7.7.10 - Cross-Site Request Forgery
Description The LayerSlider plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 7.7.9. This is due to missing or incorrect nonce validation on one of its functions. This makes it possible for unauthenticated attackers to invoke this function via a...
Live Preview for Contact Form 7 <= 1.2.0 - Missing Authorization via update_option
Description The Live Preview for Contact Form 7 plugin for WordPress is vulnerable to unauthorized plugin option update due to a missing capability check on the updateoption function in versions up to, and including, 1.2.0. This makes it possible for authenticated attackers, with subscriber acces...
WP Custom Admin Interface < 7.32 - Missing Authorization via wpcai_pro_notice_disable
Description The WP Custom Admin Interface plugin for WordPress is vulnerable to unauthorized admin notice dismissal due to a missing capability check on the wpcaipronoticedisable function in versions up to, and including, 7.31. This makes it possible for authenticated attackers, with...
WP Users Media <= 4.2.3 - Missing Authorization via wpusme_save_settings
Description The WP Users Media plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpusmesavesettings function in versions up to, and including, 4.2.3. This makes it possible for authenticated attackers, with subscriber-level permission...
miniorange otp verification < 4.2.2 - Missing Authorization via dismiss_notice
Description The miniorange otp verification plugin for WordPress is vulnerable to unauthorized admin notice dismissal due to a missing capability check on the dismissnotice function in versions up to, and including, 4.2.1. This makes it possible for authenticated attackers, with subscriber-level...
BetterDocs < 2.5.3 - Missing Authorization via AJAX actions
Description The BetterDocs plugin for WordPress is vulnerable to unauthorized document modification due to a missing capability check on several AJAX functions in versions up to, and including, 2.5.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to...
Ni WooCommerce Sales Report <= 3.7.3 - Missing Authorization via ajax_sales_order
Description The Ni WooCommerce Sales Report plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'ajaxsalesorder' function in versions up to, and including, 3.7.3. This makes it possible for authenticated attackers, with subscriber-level acces...
WPCafe < 2.2.23 - Missing Authorization
Description The plugin is vulnerable to unauthorized access, modification, or loss of data due to a missing capability check on an unknown function, allowing unauthenticated attackers to make use of the unprotected functionality...
Acme Fix Images <= 1.0.0 - Missing Authorization via acme_fix_images_ajax_callback
Description The Acme Fix Images plugin for WordPress is vulnerable to unauthorized access to the acmefiximagesajaxcallback function in versions up to, and including, 1.0.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to resize images...
Restaurant & Cafe Addon for Elementor < 1.5.4 - Missing Authorization via multiple AJAX functions
Description The Restaurant & Cafe Addon for Elementor plugin for WordPress is vulnerable to unauthorizedmodification of data due to a missing capability check on multiple AJAX functions in versions up to, and including, 1.5.3. This makes it possible for unauthenticated attackers to update the...
FormCraft < 1.2.8 - Missing Authorization via formcraft_nag_update
Description The FormCraft plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the formcraftnagupdate AJAX nopriv function in versions up to, and including, 1.2.7. This makes it possible for unauthenticated attackers to delay or disable upda...
SearchIQ < 4.5 - Unauthenticated Sensitive Information Disclosure
Description The plugin is vulnerable to unauthorized access of data due to a missing capability check on the getSIQPluginSettings function, allowing unauthenticated attackers to view information such as the plugin settings, theme, and WordPress and PHP version...
WRC Pricing Tables < 2.3.8 - Missing Authorization
Description The WRC Pricing Tables plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on several functions including wrcptprocesspackagefeatures, wrcpteditpricingpackages, wrcptactivatetemplate and others in versions up to, and including, 2.3.7...
MP3 Audio Player for Music, Radio & Podcast by Sonaar < 4.10.1 - Missing Authorization to Template Import
Description The MP3 Audio Player for Music, Radio & Podcast by Sonaar plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the importsrmp3template function in all versions up to, and including, 4.10. This makes it possible for authenticated...
WP Like Button <= 1.7.0 - Missing Authorization via crublabFBLBAjax
Description The WP Like Button plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the crublabFBLBAjax function in versions up to, and including, 1.7.0. This makes it possible for authenticated attackers, with subscriber-level access and...
Namaste! LMS < 2.6.1.2 - Reflected Cross-Site Scripting
Description The Namaste! LMS plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'courseid' parameter in versions up to, and including, 2.6.1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
Ultimate Addons for Contact Form 7 < 3.2.11 - Missing Authorization
Description The Ultimate Addons for Contact Form 7 plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the uacf7databaseexportcsv function hooked via init in versions up to, and including, 3.2.10. This makes it possible for unauthenticated...
Information Reel < 10.1 - Authenticated (Subscriber+) SQL Injection via Shortcode
Description The Information Reel plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 10.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible f...
ARI Stream Quiz < 1.3.0 - Contributor+ Stored XSS
Description The plugin does not sanitise and escape some parameters, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks...
Slider Revolution < 6.6.15 - Authenticated (Contributor+) Stored Cross-Site Scripting
Description The Slider Revolution plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 6.6.14 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to...
Parcel Pro < 1.6.12 - Open Redirect
Description The plugin does not validate the redirect parameter before redirecting the user to its value, leading to an Open Redirect issue...
Foyer <= 1.7.5 - Content Injection via Improper Access Control
Description The Foyer – Digital Signage for WordPress plugin for WordPress is vulnerable to unauthorized content injection due to an insufficient capability check on the editing functionality in all versions up to, and including, 1.7.5. This makes it possible for authenticated attackers, with...
Olive One Click Demo Import <= 1.0.9 - Authenticated (Administrator+) Arbitrary File Upload in olive_one_click_demo_import_save_file
Description The Olive One Click Demo Import plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the oliveoneclickdemoimportsavefile function in versions up to, and including, 1.0.9. This makes it possible for authenticated attackers, with...
LuckyWP Scripts Control <= 1.2.1 - Missing Authorization
Description The LuckyWP Scripts Control plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check in all versions up to, and including, 1.2.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform...
Easy Call Now by ThikShare <= 1.1.0 - Cross-Site Request Forgery via settings_page
Description The Easy Call Now by ThikShare plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.0. This is due to missing or incorrect nonce validation on the settingspage function. This makes it possible for unauthenticated attackers to modify th...
UserPro < 5.1.2 - Sensitive Information Disclosure via Shortcode
Description The UserPro plugin for WordPress is vulnerable to sensitive information disclosure via the 'userpro' shortcode in versions up to, and including 5.1.1. This is due to insufficient restriction on sensitive user meta values that can be called via that shortcode. This makes it possible fo...
UserPro < 5.1.2 - Insecure Password Reset Mechanism
Description The UserPro plugin for WordPress is vulnerable to unauthorized password resets in versions up to, and including 5.1.1. This is due to the plugin using native password reset functionality, with insufficient validation on the password reset function userproprocessform. The function uses...
UserPro < 5.1.2 - Authentication Bypass to Administrator
Description The UserPro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.1.1. This is due to insufficient verification on the user being supplied during a Facebook login through the plugin. This makes it possible for unauthenticated attackers to log ...
UserPro < 5.1.5 - Missing Authorization to Arbitrary Shortcode Execution via userpro_shortcode_template
Description The UserPro plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'userproshortcodetemplate' function in versions up to, and including, 5.1.4. This makes it possible for unauthenticated attackers to arbitrary shortcode execution. An...
Drop Shadow Boxes < 1.7.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Description The Drop Shadow Boxes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'dropshadowbox' shortcode in versions up to, and including, 1.7.13 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticat...
Bus Ticket Booking with Seat Reservation < 5.2.6 - Unauthenticated Cross-Site Scripting
Description The Bus Ticket Booking with Seat Reservation – WpBusTicketly | WordPress plugin plugin for WordPress is vulnerable to Cross-Site Scripting in all versions up to, and including, 5.2.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
Daily Prayer Time < 2023.10.21 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode
Description The Daily Prayer Time plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 2023.10.13 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
Remove Add to Cart WooCommerce <= 1.4.4 - Cross-Site Request Forgery to Settings Modification
Description The Remove Add to Cart WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.4.4. This is due to missing or incorrect nonce validation on the ratcwprolebasesavedata function. This makes it possible for unauthenticated attacker...
CodeBard's Patron Button and Widgets for Patreon < 2.2.0 - Cross-Site Request Forgery
Description The CodeBard's Patron Button and Widgets for Patreon plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1.9. This is due to missing or incorrect nonce validation on one of its functions. This makes it possible for unauthenticated...
Nexter Extension < 2.0.4 - Authenticated(Editor+) Remote Code Execution via metabox
Description The Nexter Extension plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 2.0.3 via the nxt-code-php-snippet metabox. This allows authenticated attackers with editor-level privileges and above to execute code on the server...