Unknown Security Vulnerabilities
The fetch_product_ajax functionality in the Product Feed on WooCommerce WordPress plugin before 3.3.1.0 uses a product_id POST parameter which is not properly sanitised, escaped or validated before inserting to a SQL statement, leading to SQL...
7.2CVSS
7.2AI Score
0.001EPSS
The Timetable and Event Schedule WordPress plugin before 2.4.0 outputs the Hashed Password, Username and Email Address (along other less sensitive data) of the user related to the Even Head of the Timeslot in the response when requesting the event Timeslot data with a user with the edit_posts...
6.5CVSS
6.4AI Score
0.001EPSS
The Availability Calendar WordPress plugin before 1.2.1 does not escape the category attribute from its shortcode before using it in a SQL statement, leading to a SQL Injection issue, which can be exploited by any user able to add shortcode to posts/pages, such as...
8.8CVSS
9.1AI Score
0.001EPSS
The Edit Role functionality in the Display Users WordPress plugin through 2.0.0 had an id parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL...
7.2CVSS
7.2AI Score
0.001EPSS
The Splash Header WordPress plugin before 1.20.8 doesn't sanitise and escape some of its settings while outputting them in the admin dashboard, leading to an authenticated Stored Cross-Site Scripting...
5.4CVSS
5.1AI Score
0.001EPSS
The Edit domain functionality in the WP Domain Redirect WordPress plugin through 1.0 has an editid parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL...
7.2CVSS
7.2AI Score
0.001EPSS
The Orders functionality in the WordPress Page Contact plugin through 1.0 has an order_id parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection. The feature is available to low privilege users such as...
7.2CVSS
7.2AI Score
0.001EPSS
The Alojapro Widget WordPress plugin through 1.1.15 doesn't properly sanitise its Custom CSS settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is...
4.8CVSS
4.8AI Score
0.001EPSS
The ThinkTwit WordPress plugin before 1.7.1 did not sanitise or escape its "Consumer key" setting before outputting it its settings page, leading to a Stored Cross-Site Scripting...
5.4CVSS
5.3AI Score
0.001EPSS
The youForms for WordPress plugin through 1.0.5 does not sanitise escape the Button Text field of its Templates, allowing high privilege users (editors and admins) to perform Cross-Site Scripting attacks even when the unfiltered_html capability is...
4.8CVSS
4.8AI Score
0.001EPSS
The You Shang WordPress plugin through 1.0.1 does not escape its qrcode links settings, which result into Stored Cross-Site Scripting issues in frontend posts and the plugins settings page depending on the payload...
5.4CVSS
5.3AI Score
0.001EPSS
The WP Dialog WordPress plugin through 1.2.5.5 does not sanitise and escape some of its settings before outputting them in pages, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is...
4.8CVSS
4.7AI Score
0.001EPSS
The Shortcodes Ultimate WordPress plugin before 5.10.2 allows users with Contributor roles to perform stored XSS via shortcode attributes. Note: the plugin is inconsistent in its handling of shortcode attributes; some do escape, most don't, and there are even some attributes that are insecure by...
5.4CVSS
5.2AI Score
0.001EPSS
The Availability Calendar WordPress plugin before 1.2.2 does not sanitise or escape its Category Names before outputting them in page/post where the associated shortcode is embed, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is...
4.8CVSS
5AI Score
0.001EPSS
The WP Mapa Politico Espana WordPress plugin before 3.7.0 does not sanitise or escape some of its settings before outputting them in attributes, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is...
4.8CVSS
4.8AI Score
0.001EPSS
The Add new scene functionality in the Responsive 3D Slider WordPress plugin through 1.2 uses an id parameter which is not sanitised, escaped or validated before being inserted to a SQL statement, leading to SQL injection. This is a time based SQLI and in the same function vulnerable parameter is.....
7.2CVSS
7.2AI Score
0.001EPSS
The edit functionality in the MicroCopy WordPress plugin through 1.1.0 makes a get request to fetch the related option. The id parameter used is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL...
7.2CVSS
7.2AI Score
0.001EPSS
The check_order function of The Sorter WordPress plugin through 1.0 uses an area_id parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL...
7.2CVSS
7.3AI Score
0.001EPSS
The Timetable and Event Schedule by MotoPress WordPress plugin before 2.3.19 does not sanitise some of its parameters, which could allow low privilege users such as author to perform XSS attacks against frontend and backend users when viewing the related...
5.4CVSS
5.2AI Score
0.001EPSS
The Comment Link Remove and Other Comment Tools WordPress plugin before 2.1.6 does not have CSRF check in its 'Delete comments easily', which could allow attackers to make logged in admin delete arbitrary...
4.3CVSS
4.7AI Score
0.001EPSS
The WP Simple Booking Calendar WordPress plugin before 2.0.6 did not escape, validate or sanitise the orderby parameter in its Search Calendars action, before using it in a SQL statement, leading to an authenticated SQL injection...
8.8CVSS
8.8AI Score
0.001EPSS
The StopBadBots WordPress plugin before 6.60 did not validate or escape the order and orderby GET parameter in some of its admin dashboard pages, leading to Authenticated SQL...
8.8CVSS
8.9AI Score
0.002EPSS
The WP Courses LMS WordPress plugin before 2.0.44 does not sanitise its Video Embed Code, allowing malicious code to be injected in it by high privilege users, even when the unfiltered_html capability is disallowed, which could lead to Stored Cross-Site Scripting...
4.8CVSS
4.8AI Score
0.001EPSS
The WordPress Advanced Ticket System, Elite Support Helpdesk WordPress plugin before 1.0.64 does not sanitize or escape form values before saving to the database or when outputting, which allows high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability...
4.8CVSS
4.7AI Score
0.001EPSS
The Book appointment online WordPress plugin before 1.39 does not sanitise or escape Service Prices before outputting it in the List, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is...
4.8CVSS
4.8AI Score
0.001EPSS
The Per page add to head WordPress plugin through 1.4.4 does not properly sanitise one of its setting, allowing malicious HTML to be inserted by high privilege users even when the unfiltered_html capability is disallowed, which could lead to Cross-Site Scripting...
4.8CVSS
4.8AI Score
0.001EPSS
The create_post_page AJAX action of the Custom Post View Generator WordPress plugin through 0.4.6 (available to authenticated user) does not sanitise or escape user input before outputting it back in the response, leading to a Reflected Cross-Site...
5.4CVSS
5.3AI Score
0.001EPSS
The Daily Prayer Time WordPress plugin before 2021.08.10 does not sanitise or escape some of its settings before outputting them in the page, leading to Authenticated Stored Cross-Site Scripting...
5.4CVSS
5.3AI Score
0.001EPSS
The Software License Manager WordPress plugin before 4.4.8 does not sanitise or escape the edit_record parameter before outputting it back in the page in the admin dashboard, leading to a Reflected Cross-Site Scripting...
6.1CVSS
6.1AI Score
0.001EPSS
The Smash Balloon Social Post Feed WordPress plugin before 2.19.2 does not sanitise or escape the feedID POST parameter in its feed_locator AJAX action (available to both authenticated and unauthenticated users) before outputting a truncated version of it in the admin dashboard, leading to an...
6.1CVSS
6AI Score
0.002EPSS
The shopp_upload_file AJAX action of the Shopp WordPress plugin through 1.4, available to both unauthenticated and authenticated user does not have any security measure in place to prevent upload of malicious files, such as PHP, allowing unauthenticated users to upload arbitrary files and leading.....
9.8CVSS
9.4AI Score
0.004EPSS
The Fileviewer WordPress plugin through 2.2 does not have CSRF checks in place when performing actions such as upload and delete files. As a result, attackers could make a logged in administrator delete and upload arbitrary files via a CSRF...
8.8CVSS
8.6AI Score
0.001EPSS
The Email Artillery (MASS EMAIL) WordPress plugin through 4.1 does not properly check the uploaded files from the Import Emails feature, allowing arbitrary files to be uploaded. Furthermore, the plugin is also lacking any CSRF check, allowing such issue to be exploited via a CSRF attack as well....
6.8CVSS
6.6AI Score
0.001EPSS
The Highlight WordPress plugin before 0.9.3 does not sanitise its CustomCSS setting, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is...
5.4CVSS
5.1AI Score
0.001EPSS
The Cookie Notice & Consent Banner for GDPR & CCPA Compliance WordPress plugin before 1.7.2 does not properly sanitize inputs to prevent injection of arbitrary HTML within the plugin's design customization...
5.4CVSS
5.7AI Score
0.001EPSS
An id GET parameter of the Easy Testimonial Manager WordPress plugin through 1.2.0 is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL...
7.2CVSS
7.2AI Score
0.001EPSS
The WPFront Notification Bar WordPress plugin before 2.1.0.08087 does not properly sanitise and escape its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is...
5.4CVSS
5.1AI Score
0.001EPSS
The Form Builder | Create Responsive Contact Forms WordPress plugin before 1.9.8.4 does not sanitise or escape its Form Title, allowing high privilege users such as admin to set Cross-Site Scripting payload in them, even when the unfiltered_html capability is...
5.4CVSS
5.1AI Score
0.001EPSS
The Site Reviews WordPress plugin before 5.13.1 does not sanitise some of its Review Details when adding a review as an admin, which could allow them to perform Cross-Site Scripting attacks when the unfiltered_html is...
5.4CVSS
5.2AI Score
0.001EPSS
The SMS Alert Order Notifications WordPress plugin before 3.4.7 is affected by a cross site scripting (XSS) vulnerability in the plugin's setting...
6.1CVSS
6AI Score
0.001EPSS
The editid GET parameter of the Embed Youtube Video WordPress plugin through 1.0 is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL...
7.2CVSS
7.2AI Score
0.001EPSS
The iframe-font-preview.php file of the titan-framework does not properly escape the font-weight and font-family GET parameters before outputting them back in an href attribute, leading to Reflected Cross-Site Scripting...
6.1CVSS
6AI Score
0.002EPSS
The Stop Spammers Security | Block Spam Users, Comments, Forms WordPress plugin before 2021.18 does not escape some of its settings, allowing high privilege users such as admin to set Cross-Site Scripting payloads in them even when the unfiltered_html capability is...
5.4CVSS
5.1AI Score
0.001EPSS
The Keyword Meta WordPress plugin through 3.0 does not sanitise of escape its settings before outputting them back in the page after they are saved, allowing for Cross-Site Scripting issues. Furthermore, it is also lacking any CSRF check, allowing attacker to make a logged in high privilege user...
5.4CVSS
5.3AI Score
0.001EPSS
The AddToAny Share Buttons WordPress plugin before 1.7.46 does not sanitise its Sharing Header setting when outputting it in frontend pages, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is...
5.4CVSS
5.1AI Score
0.001EPSS
A c GET parameter of the Comment Highlighter WordPress plugin through 0.13 is not properly sanitised, escaped or validated before inserting to a SQL statement, leading to SQL...
7.2CVSS
7.3AI Score
0.001EPSS
An editid GET parameter of the Cashtomer WordPress plugin through 1.0.0 is not properly sanitised, escaped or validated before inserting to a SQL statement, leading to SQL...
8.8CVSS
8.9AI Score
0.001EPSS
The JiangQie Official Website Mini Program WordPress plugin before 1.1.1 does not escape or validate the id GET parameter before using it in SQL statements, leading to SQL injection...
8.8CVSS
9AI Score
0.001EPSS
An id GET parameter of the WordPress Membership SwiftCloud.io WordPress plugin through 1.0 is not properly sanitised, escaped or validated before inserting to a SQL statement, leading to SQL...
7.2CVSS
7.3AI Score
0.001EPSS
The Favicon by RealFaviconGenerator WordPress plugin through 1.3.20 does not sanitise or escape one of its parameter before outputting it back in the response, leading to a Reflected Cross-Site Scripting (XSS) which is executed in the context of a logged...
6.1CVSS
6AI Score
0.001EPSS