14602 matches found
Smart App Banner <= 1.1.3 - Authenticated (Administrator+) Stored Cross-Site Scripting
Description The Smart App Banner plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-leve...
Phlox Shop <= 2.0.0 - Unauthenticated Local File Inclusion
Description The Phlox Shop plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.0.0. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This...
Spider Facebook <= 1.0.15 - Cross-Site Request Forgery
Description The Spider Facebook plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.15. This is due to missing or incorrect nonce validation. This makes it possible for unauthenticated attackers to perform unauthorized actions via a forged reques...
Very Simple Google Maps < 2.9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Description The Very Simple Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'vsgmap' shortcode in all versions up to, and including, 2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible fo...
Post Sliders & Post Grids <= 1.0.20 - Authenticated (Administrator+) Stored Cross-Site Scripting
Description The Post Sliders & Post Grids plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0.20 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
WP Helper Premium < 4.5.2 - Cross-Site Request Forgery via whp_fields
Description The WP Helper Premium plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.5.1. This is due to missing or incorrect nonce validation on the 'whpfields' function. This makes it possible for unauthenticated attackers to update the plugin...
Auto Limit Posts Reloaded <= 2.5 - Cross-Site Request Forgery
Description The Auto Limit Posts Reloaded plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.5. This is due to missing or incorrect nonce validation on the alpradmin function. This makes it possible for unauthenticated attackers to modify the...
Jquery accordion slideshow < 8.2 - Authenticated (Subscriber+) SQL Injection via Shortcode
Description The Jquery accordion slideshow plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 8.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
Add Widgets to Page <= 1.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
Description The Add Widgets to Page plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to...
TK Google Fonts GDPR Compliant < 2.2.12 - Missing Authorization to Font Deletion
Description The TK Google Fonts GDPR Compliant plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tkgooglefontsdeletefont function in all versions up to, and including, 2.2.11. This makes it possible for authenticated attackers, with...
iPanorama 360 – WordPress Virtual Tour Builder < 1.8.1 - Authenticated (Contributor+) SQL Injection via Shortcode
Description The iPanorama 360 – WordPress Virtual Tour Builder plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 1.8.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...
Master Slider Pro <= 3.6.5 - Reflected Cross-Site Scripting
Description The Master Slider Pro plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via an unknown parameter in versions up to, and including, 3.6.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
Social Feed | All social media in one place <= 1.5.4.6 - Authenticated (Administrator+) Stored Cross-Site Scripting]
Description The Social Feed | All social media in one place plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.5.4.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
BMI Calculator Plugin <= 1.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
Description The BMI Calculator Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.0.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, ...
Wp photo text slider 50 < 8.1 - Authenticated (Subscriber+) SQL Injection via Shortcode
Description The Wp photo text slider 50 plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 8.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
RumbleTalk Live Group Chat < 6.2.0 - Missing Authorization via handleRequest
Description The RumbleTalk Live Group Chat plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability check on the handleRequest AJAX function in versions up to, and including, 6.1.9. This makes it possible for authenticat...
ANAC XML Bandi di Gara <= 7.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode
Description The ANAC XML Bandi di Gara plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 7.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
Funnelforms Free < 3.4.2 - Cross-Site Request Forgery to Arbitrary Post Deletion
Description The Funnelforms Free plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.4. This is due to missing or incorrect nonce validation on the fnsfdeleteposts function. This makes it possible for unauthenticated attackers to delete arbitrary...
iPages Flipbook < 1.5.0 - Authenticated (Administrator+) SQL Injection
Description The iPages Flipbook For WordPress plugin for WordPress is vulnerable to SQL Injection via the orderby parameter in all versions up to 1.5.0 exclusive due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
FeedFocal <= 1.2.2 - Unauthenticated Tracking Code Update
Description The plugin is lacking authorisation checks in its feedfocalapisetup function, allowing unauthenticated attackers to update the Tracking Code via the feedfocalsurveycode option...
Contact Form With Captcha <= 1.6.8 - Cross-Site Request Forgery
Description The Contact Form With Captcha plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.6.8. This is due to missing or incorrect nonce validation on one of its functions. This makes it possible for unauthenticated attackers to invoke this...
Auto Excerpt everywhere <= 1.5 - Cross-Site Request Forgery
Description The Auto Excerpt everywhere plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.5. This is due to missing or incorrect nonce validation on the autoexcerpteverywhereoptions function and included options.php file. This makes it possible f...
video carousel slider with lightbox 1.0 - Cross-Site Request Forgery
Description The video carousel slider with lightbox plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 1.0. This is due to missing or incorrect nonce validation on the responsivevideogallerywithlightboxvideomanagementfunc function. This makes it possible for unauthenticat...
WP Category Post List Widget <= 2.0.3 - Cross-Site Request Forgery via gen_set_page
Description The WP Category Post List Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0.3. This is due to missing or incorrect nonce validation on the 'gensetpage' function. This makes it possible for unauthenticated attackers to modify...
WP User Frontend < 3.6.6 - Authenticated (Author+) Privilege Escalation
Description The WP User Frontend – Registration, User Profile, Membership, Content Restriction, User Directory, and Frontend Post Submission Plugin plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.6.5. This is due to the plugin not providing...
ANAC XML Viewer <= 1.7 - Authenticated (Administrator+) Stored Cross-Site Scripting
Description The ANAC XML Viewer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...
E2Pdf < 1.20.19 - Authenticated (Administrator+) PHP Object Injection
Description The E2Pdf plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.20.18 via deserialization of untrusted input within the importaction and ajaxupload functions. This makes it possible for authenticated attackers, with administrative-level...
SAHU TikTok Pixel for E-Commerce <= 1.2.2 - Authenticated (Administrator+) Stored Cross-Site Scripting
Description The SAHU TikTok Pixel for E-Commerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
Left right image slideshow gallery < 12.1 - Authenticated (Subscriber+) SQL Injection via Shortcode
Description The Left right image slideshow gallery plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...
Permalinks Customizer <= 2.8.2 - Reflected Cross-Site Scripting
Description The Permalinks Customizer plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via an unknown parameter in all versions up to, and including, 2.8.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to injec...
Message ticker < 9.3 - Authenticated (Subscriber+) SQL Injection via Shortcode
Description The Message ticker plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 9.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
Comments Ratings <= 1.1.7 - Authenticated (Administrator+) Stored Cross-Site Scripting
Description The Comments Ratings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-leve...
Admin Bar & Dashboard Control < 1.2.9 - Authenticated (Administrator+) Stored Cross-Site Scripting
Description The Admin Bar & Dashboard Access Control plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to 1.2.9 exclusive due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
Copy Anything to Clipboard < 2.6.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Description The Copy Anything to Clipboard plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'copy' shortcode in versions up to, and including, 2.6.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...
WooCommerce EAN Payment Gateway < 6.1.0 - Missing Authorization to Authenticated (Contributor+) EAN Update
Description The WooCommerce EAN Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the refreshordereandata AJAX action in versions up to 6.1.0. This makes it possible for authenticated attackers with contributor-level acces...
Thumbnail carousel slider < 1.0.1 - Cross-Site Request Forgery to Mass Slider Deletion
Description The Thumbnail carousel slider plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 1.0. This is due to missing nonce validation on the deleteselected function. This makes it possible for unauthenticated attackers to delete sliders in bulk via a forged request...
Funnelforms Free < 3.4.2 - Missing Authorization to Arbitrary Post Deletion
Description The Funnelforms Free plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the fnsfdeleteposts function in versions up to, and including, 3.4. This makes it possible for authenticated attackers, with subscriber-level permissions a...
UserPro < 5.1.2 - Missing Authorization via multiple functions
Description The UserPro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on multiple functions in all versions up to, and including, 5.1.1. This makes it possible for unauthenticated attackers to add, modify, o...
Audio Merchant <= 5.0.4 - Cross-Site Request Forgery to Arbitrary File Upload
Description The Audio Merchant plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.0.4. This is due to missing or incorrect nonce validation on the function audiomerchantaddaudiofile function. This makes it possible for unauthenticated attacker...
WP Ultimate Exporter < 2.4.2 - Unauthenticated Information Disclosure
Description The WP Ultimate Exporter plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.4.1 due to insufficient protection on the directory in which exported files are stored in. This can allow unauthenticated attackers to extract sensitive da...
Thrive Theme Builder < 3.24.0 - Missing Authorization
Description The theme is vulnerable to unauthorized use of functionality due to missing capability check in one of its functions. This makes it possible for authenticated attackers, with subscriber-level access and above, to invoke this function intended for higher-privileged users. The exact...
Slick Popup: Contact Form 7 Popup Plugin < 1.7.15 - Authenticated (Admin+) Stored Cross-Site Scripting
Description The Slick Popup: Contact Form 7 Popup Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the main heading parameter in all versions up to 1.7.15 exclusive due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
User Submitted Posts < 20230902 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Description The User Submitted Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in versions up to, and including, 20230901 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
Add Local Avatar <= 12.1 - Cross-Site Request Forgery via manage_avatar_cache
Description The Add Local Avatar plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 12.1. This is due to missing or incorrect nonce validation on the manageavatarcache function. This makes it possible for unauthenticated attackers to manage avatars ...
MainWP Dashboard < 4.5.1.3 - Authenticated(Administrator+) CSS Injection
Description The MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance plugin for WordPress is vulnerable to CSS Injection via the ‘newColor’ parameter in all versions up to, and including, 4.5.1.2 due to insufficient input sanitization. This makes it possible for authenticated...
WP EXtra < 6.3 - Missing Authorization to Arbitrary Email Sending
Description The WP EXtra plugin for WordPress is vulnerable to unauthorized access to restricted functionality due to a missing capability check on the 'test-email' section of the register function in versions up to, and including, 6.2. This makes it possible for authenticated attackers, with...
Super Testimonials < 3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Description The Super Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'tpsscode' shortcode in all versions up to, and including, 2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
Patreon WordPress < 1.8.8 - Cross-Site Request Forgery
Description The Patreon WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.8.7. This is due to missing or incorrect nonce validation on several functions in the /classes/patreonwordpress.php file. This makes it possible for unauthenticat...
WP Full Stripe Free <= 1.6.1 - Cross-Site Request Forgery
Description The WP Full Stripe Free plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.6.1. This is due to missing or incorrect nonce validation via several functions in the /include/wp-full-stripe-admin-menu.php file. This makes it possible for...
TCD Google Maps <= 1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Description The TCD Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'map' shortcode in versions up to, and including, 1.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers wi...