14602 matches found
Product Enquiry for WooCommerce < 3.2 - Reflected XSS
Description The plugin does not sanitise and escape the name parameter before outputting it back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
Donations Made Easy - Smart Donations <= 4.0.12 - Stored XSS via CSRF
Description The plugin does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in Contributor add Stored XSS payloads via a CSRF attack...
Seo By 10Web <= 1.2.9 - Reflected XSS
Description The plugin does not sanitise and escape some parameters before outputting them back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
QR Code Tag <= 1.0 - Contributor+ Stored XSS
Description The plugin does not validate and escape some of its qrcodetag shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
Bitly's <= 2.7.1 - Contributor+ Stored XSS
Description The plugin does not validate and escape its wpbitly shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
Pre-Orders for WooCommerce < 1.2.14 - Contributor+ Stored XSS
Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
ImageMapper <= 1.2.6 - Subscriber+ Arbitrary Post Deletion
Description The plugin does not authoring in its imgmapdeleteareaajax AJAX action, allowing any authenticated users, such as subscriber to delete arbitrary posts and pages...
GD Security Headers < 1.7.1 - Admin+ SQLi
Description The plugin does not properly sanitise and escape the filter-vd and filter-ed parameters before using them in SQL statements, leading to SQL injections exploitable by high privilege users such as admin...
ShortCodes UI <= 1.9.8 - Contributor+ Stored XSS
Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
ImageMapper <= 1.2.6 - Settings Update via CSRF
Description The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
Elementor Addon Elements < 1.12.8 - Elementor Addon Element Enabling/Disabling via CSRF
Description The plugin does not have CSRF check in its eaesaveelements function, which could allow attackers to make logged in admins enable and disable Elementor add-on elements via a CSRF attack...
Product Enquiry for WooCommerce < 3.1 - Unauthenticated Stored XSS
Description The plugin does not sanitise and escape some parameters, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks...
Post Pay Counter < 2.790 - Reflected XSS
Description The plugin does not sanitise and escape the ppc-time-range parameter before outputting it back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
Plainview Protect Passwords <= 1.4 - Reflected XSS
Description The plugin does not sanitise and escape some parameters before outputting them back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
Elementor Addon Elements < 1.12.8 - Settings Update via CSRF
Description The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
Additional Order Filters for WooCommerce < 1.12 - Reflected XSS
Description The plugin does not sanitise and escape the PHPSELF variable before outputting it back in an attribute in an admin page, leading to Reflected Cross-Site Scripting...
WP MapIt < 3.0.0 - Contributor+ Stored XSS
Description The plugin does not validate and escape some of its wpmapit shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
Telephone Number Linker <= 1.2 - Contributor+ Stored XSS
Description The plugin does not validate and escape some of its telnumlink shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
Featured Image Caption < 0.8.11 - Contributor+ Stored XSS
Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
ImageLinks Interactive Image Builder < 1.6.0 - Admin+ SQLi
Description The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...
Essential Grid < 3.1.1 - Reflected XSS
Description The plugin does not sanitise and escape some parameters before outputting them back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
EazyDocs < 2.3.6 - Reflected XSS
Description The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
Elementor Addon Elements < 1.12.8 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
Interact: Embed A Quiz On Your Site < 3.1 - Contributor+ Stored XSS
Description The plugin does not validate and escape some of its interact-quiz shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
Elementor Addon Elements < 1.12.8 - Unauthenticated Post ID/Tile Disclosure
Description The plugin does not have authorisation in its ajaxeaepostdata function, allowing unauthenticated users to retrieve arbitrary posts/pages such as draft, private etc IDs and tiles...
Easy PayPal Shopping Cart < 1.1.11 - Contributor+ Stored XSS
Description The plugin does not validate and escape some parameters, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
WPDBSpringClean <= 1.6 - Reflected XSS
Description The plugin does not sanitise and escape the tab parameter before outputting it back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
Contact form 7 Custom validation <= 1.1.3 - Unauthenticated SQLi
Description The plugin does not properly sanitise and escape the post parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated uers...
ImageMapper <= 1.2.6 - Contributor+ Stored XSS
Description The plugin does not validate and escape some of its imagemap shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
Social Feed <= 1.5.4.6 - Author+ Stored XSS
Description The plugin does not validate and escape some of its socialfeed shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the Author role and above to perform Stored Cross-Site Scripting attacks...
ImageMapper <= 1.2.6 - Stored XSS via CSRF
Description The plugin does not have CSRF check in its imgmapsaveareatitle function, which could allow attackers to make logged in admins update arbitrary post titles with XSS payloads via a CSRF attack...
POWR < 2.2.0 - Contributor+ Stored XSS
Description The plugin does not validate and escape some of its powr-powr-pack shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
Auto Affiliate Links < 6.4.2.5 - Settings Update to Stored XSS via CSRF
Description The plugin does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...
Products, Order & Customers Export for WooCommerce <= 2.0.10 - Reflected XSS
Description The plugin does not sanitise and escape various parameters before outputting them back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
Responsive Column Widgets <= 1.2.7 - Reflected XSS
Description The plugin does not sanitise and escape the tab parameter before outputting it back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
Restrict Categories <= 2.6.4 - Reflected XSS
Description The plugin does not sanitise and escape the rc-search parameter before outputting it back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
Shortcodes Finder < 1.5.4 - Reflected XSS
Description The plugin does not sanitise and escape some parameters before outputting them back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
Custom My Account for Woocommerce <= 2.1 - Stored XSS via CSRF
Description The plugin does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...
Seriously Simple Stats < 1.5.1 - Podcast Manager+ SQLi
Description The plugin does not properly sanitise and escape the orderby parameter before using it in a SQL statement, leading to a SQL injection exploitable by podcast manager roles and above...
MStore API < 4.0.7 - Subscriber+ SQLi
Description The plugin does not properly sanitise and escape some parameters before using them in a SQL statement, leading to a SQL injection exploitable by any authenticated users, such as subscribers...
Auto Login New User After Registration <= 1.9.6 - Stored XSS via CSRF
Description The plugin does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...
Photo Feed <= 2.2.1 - Reflected XSS
Description The plugin does not sanitise and escape the pf-gid parameter before outputting it back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
WP Crowdfunding < 2.1.7 - Reflected XSS
Description The plugin does not sanitise and escape the postid parameter before outputting it back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
Atarim < 3.13 - Unauthenticated Stored XSS
Description The plugin does not validate and escape some parameters, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks...
Forminator < 1.28.0 - Admin+ Arbitrary File Upload
Description The plugin does not properly blacklist files via the forminatorallowedmimetypes function, which could allow administrator to upload arbitrary file. However, RCE can not be achieved due to htaccess configuration...
WP Project Manager < 2.6.1 - Subscriber+ SQLi
Description The plugin does not properly sanitise and escape the user task starting date parameter before using it in a SQL statement, leading to a SQL injection exploitable by any authenticated users, such as subscriber...
Category Post List Widget <= 2.0 - Settings Update to Stored XSS via CSRF
Description The plugin does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...
SendPress Newsletters < 1.23.11.6 - Contributor+ Stored XSS
Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
SendPress Newsletters <= 1.23.11.6 - Reflected XSS
Description The plugin does not sanitise and escape some parameters before outputting them back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
Video Gallery – YouTube Gallery <= 2.2.1 - Admin+ SQLi
Description The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...