Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): Wordpress
- Search Type: Search All
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-4776 |
The School Management System WordPress plugin before 2.2.5 uses the WordPress esc_sql() function on a field not delimited by quotes and did not first prepare the query, leading to a SQL injection exploitable by relatively low-privilege users like Teachers. Published: October 16, 2023; 4:15:16 PM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2023-4725 |
The Simple Posts Ticker WordPress plugin before 1.1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) Published: October 16, 2023; 4:15:16 PM -0400 |
V3.1: 4.8 MEDIUM V2.0:(not available) |
CVE-2023-4691 |
The WordPress Online Booking and Scheduling Plugin WordPress plugin before 22.4 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin Published: October 16, 2023; 4:15:16 PM -0400 |
V3.1: 7.2 HIGH V2.0:(not available) |
CVE-2023-4687 |
The Page Builder: Pagelayer WordPress plugin before 1.7.7 doesn't prevent unauthenticated attackers from updating a post's header or footer code on scheduled posts. Published: October 16, 2023; 4:15:16 PM -0400 |
V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2023-4666 |
The Form Maker by 10Web WordPress plugin before 1.15.20 does not validate signatures when creating them on the server from user input, allowing unauthenticated users to create arbitrary files and lead to RCE Published: October 16, 2023; 4:15:15 PM -0400 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-4646 |
The Simple Posts Ticker WordPress plugin before 1.1.6 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. Published: October 16, 2023; 4:15:15 PM -0400 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2023-4643 |
The Enable Media Replace WordPress plugin before 4.1.3 unserializes user input via the Remove Background feature, which could allow Author+ users to perform PHP Object Injection when a suitable gadget is present on the blog Published: October 16, 2023; 4:15:15 PM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2023-4388 |
The EventON WordPress plugin before 2.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) Published: October 16, 2023; 4:15:15 PM -0400 |
V3.1: 4.8 MEDIUM V2.0:(not available) |
CVE-2023-4290 |
The WP Matterport Shortcode WordPress plugin before 2.1.7 does not escape the PHP_SELF server variable when outputting it in attributes, leading to Reflected Cross-Site Scripting issues which could be used against high privilege users such as admin Published: October 16, 2023; 4:15:15 PM -0400 |
V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2023-4289 |
The WP Matterport Shortcode WordPress plugin before 2.1.8 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks Published: October 16, 2023; 4:15:15 PM -0400 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2023-3746 |
The ActivityPub WordPress plugin before 1.0.0 does not sanitize and escape some data from post content, which could allow contributor and above role to perform Stored Cross-Site Scripting attacks Published: October 16, 2023; 4:15:15 PM -0400 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2023-3707 |
The ActivityPub WordPress plugin before 1.0.0 does not ensure that post contents to be displayed are public and belong to the plugin, allowing any authenticated user, such as subscriber to retrieve the content of arbitrary post (such as draft and private) via an IDOR vector. Password protected posts are not affected by this issue. Published: October 16, 2023; 4:15:14 PM -0400 |
V3.1: 4.3 MEDIUM V2.0:(not available) |
CVE-2023-3706 |
The ActivityPub WordPress plugin before 1.0.0 does not ensure that post titles to be displayed are public and belong to the plugin, allowing any authenticated user, such as subscriber to retrieve the title of arbitrary post (such as draft and private) via an IDOR vector Published: October 16, 2023; 4:15:14 PM -0400 |
V3.1: 4.3 MEDIUM V2.0:(not available) |
CVE-2023-3279 |
The WordPress Gallery Plugin WordPress plugin before 3.39 does not validate some block attributes before using them to generate paths passed to include function/s, allowing Admin users to perform LFI attacks Published: October 16, 2023; 4:15:14 PM -0400 |
V3.1: 4.9 MEDIUM V2.0:(not available) |
CVE-2023-3155 |
The WordPress Gallery Plugin WordPress plugin before 3.39 is vulnerable to Arbitrary File Read and Delete due to a lack of input parameter validation in the `gallery_edit` function, allowing an attacker to access arbitrary resources on the server. Published: October 16, 2023; 4:15:14 PM -0400 |
V3.1: 7.2 HIGH V2.0:(not available) |
CVE-2023-3154 |
The WordPress Gallery Plugin WordPress plugin before 3.39 is vulnerable to PHAR Deserialization due to a lack of input parameter validation in the `gallery_edit` function, allowing an attacker to access arbitrary resources on the server. Published: October 16, 2023; 4:15:14 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-45831 |
Cross-Site Request Forgery (CSRF) vulnerability in Pixelative, Mohsin Rafique AMP WP – Google AMP For WordPress plugin <= 1.5.15 versions. Published: October 16, 2023; 7:15:45 AM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2023-4827 |
The File Manager Pro WordPress plugin before 1.8 does not properly check the CSRF nonce in the `fs_connector` AJAX action. This allows attackers to make highly privileged users perform unwanted file system actions via CSRF attacks by using GET requests, such as uploading a web shell. Published: October 16, 2023; 5:15:11 AM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2023-4620 |
The Booking Calendar WordPress plugin before 9.7.3.1 does not sanitize and escape some of its booking from data, allowing unauthenticated users to perform Stored Cross-Site Scripting attacks against administrators Published: October 16, 2023; 5:15:11 AM -0400 |
V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2023-3392 |
The Read More & Accordion WordPress plugin before 3.2.7 unserializes user input provided via the settings, which could allow high-privilege users such as admin to perform PHP Object Injection when a suitable gadget is present. Published: October 16, 2023; 5:15:10 AM -0400 |
V3.1: 7.2 HIGH V2.0:(not available) |