U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): Wordpress
  • Search Type: Search All
There are 8,665 matching records.
Displaying matches 181 through 200.
Vuln ID Summary CVSS Severity
CVE-2024-2026

The Passster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's content_protector shortcode in all versions up to, and including, 4.2.6.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Published: April 09, 2024; 3:15:24 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-2018

The WP Activity Log Premium plugin for WordPress is vulnerable to SQL Injection via the entry->roles parameter in all versions up to, and including, 4.6.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with subscriber privileges to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. One demonstrated attack included the injection of a PHP Object.

Published: April 09, 2024; 3:15:24 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-1999

The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Testimonial Widget's anchor style parameter in all versions up to, and including, 3.2.25 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or higher, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Published: April 09, 2024; 3:15:22 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-1991

The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the update_users_role() function in all versions up to, and including, 5.3.0.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to escalate their privileges to that of an administrator

Published: April 09, 2024; 3:15:21 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-1990

The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to blind SQL Injection via the ‘id’ parameter of the RM_Form shortcode in all versions up to, and including, 5.3.1.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

Published: April 09, 2024; 3:15:21 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-1984

The Graphene theme for WordPress is vulnerable to unauthorized access of data via meta tag in all versions up to, and including, 2.9.2. This makes it possible for unauthenticated individuals to obtain post contents of password protected posts via the generated source.

Published: April 09, 2024; 3:15:21 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-1974

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.4.6 via the render function. This makes it possible for authenticated attackers, with contributor access or higher, to read the contents of arbitrary files on the server, which can contain sensitive information.

Published: April 09, 2024; 3:15:21 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-1960

The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Special Offer Day Widget Banner Link in all versions up to, and including, 2.8.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Published: April 09, 2024; 3:15:21 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-1948

The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the block content in all versions up to, and including, 2.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Published: April 09, 2024; 3:15:21 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-1934

The WP Compress – Image Optimizer plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wps_local_compress::__construct' function in all versions up to, and including, 6.11.10. This makes it possible for unauthenticated attackers to reset the CDN region and set a malicious URL to deliver images.

Published: April 09, 2024; 3:15:20 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-1904

The MasterStudy LMS plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the search_posts function in all versions up to, and including, 3.2.13. This makes it possible for authenticated attackers, with subscriber-level access and above, to expose draft post titles and excerpts.

Published: April 09, 2024; 3:15:20 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-1893

The Easy Property Listings plugin for WordPress is vulnerable to time-based SQL Injection via the ‘property_status’ shortcode attribute in all versions up to, and including, 3.5.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with contributor access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

Published: April 09, 2024; 3:15:20 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-1852

The WP-Members Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the X-Forwarded-For header in all versions up to, and including, 3.4.9.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page which is the edit users page. This vulnerability was partially patched in version 3.4.9.2, and was fully patched in 3.4.9.3.

Published: April 09, 2024; 3:15:20 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-1850

The AI Post Generator | AutoWriter plugin for WordPress is vulnerable to unauthorized access, modification or deletion of posts due to a missing capability check on functions hooked by AJAX actions in all versions up to, and including, 3.3. This makes it possible for authenticated attackers, with subscriber access or higher, to view all posts generated with this plugin (even in non-published status), create new posts (and publish them), publish unpublished post or perform post deletions.

Published: April 09, 2024; 3:15:20 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-1813

The Simple Job Board plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.11.0 via deserialization of untrusted input in the job_board_applicant_list_columns_value function. This makes it possible for unauthenticated attackers to inject a PHP Object. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code when a submitted job application is viewed.

Published: April 09, 2024; 3:15:19 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-1812

The Everest Forms plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.0.7 via the 'font_url' parameter. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.

Published: April 09, 2024; 3:15:19 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-1794

The Forminator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an uploaded file (e.g. 3gpp file) in all versions up to, and including, 1.29.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Published: April 09, 2024; 3:15:19 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-1792

The CMB2 plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.10.1 via deserialization of untrusted input from the text_datetime_timestamp_timezone field. This makes it possible for authenticated attackers, with contributor access or higher, to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. Please note that the plugin is a developer toolkit. For the vulnerability to become exploitable, the presence of a metabox activation in your code (via functions.php for example) is required.

Published: April 09, 2024; 3:15:19 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-1790

The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 7.0.1 via the 'type' parameter. This makes it possible for authenticated attackers, with administrator-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information. This is limited to Windows instances.

Published: April 09, 2024; 3:15:19 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-1774

The Customily Product Personalizer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via user cookies in all versions up to, and including, 1.23.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. We unfortunately could not get in touch with the vendor through various means to disclose this issue.

Published: April 09, 2024; 3:15:19 PM -0400
V3.x:(not available)
V2.0:(not available)