U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): Wordpress
  • Search Type: Search All
There are 8,315 matching records.
Displaying matches 3,561 through 3,580.
Vuln ID Summary CVSS Severity
CVE-2022-2433

The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to deserialization of untrusted input via the 'alm_repeaters_export' parameter in versions up to, and including 5.5.3. This makes it possible for unauthenticated users to call files using a PHAR wrapper, granted they can trick a site administrator into performing an action such as clicking on a link, that will deserialize and call arbitrary PHP Objects that can be used to perform a variety of malicious actions granted a POP chain is also present. It also requires that the attacker is successful in uploading a file with the serialized payload.

Published: September 06, 2022; 2:15:13 PM -0400
V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-2432

The Ecwid Ecommerce Shopping Cart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.10.23. This is due to missing or incorrect nonce validation on the ecwid_update_plugin_params function. This makes it possible for unauthenticated attackers to update plugin options granted they can trick a site administrator into performing an action such as clicking on a link.

Published: September 06, 2022; 2:15:13 PM -0400
V3.1: 4.3 MEDIUM
V2.0:(not available)
CVE-2022-2431

The Download Manager plugin for WordPress is vulnerable to arbitrary file deletion in versions up to, and including 3.2.50. This is due to insufficient file type and path validation on the deleteFiles() function found in the ~/Admin/Menu/Packages.php file that triggers upon download post deletion. This makes it possible for contributor level users and above to supply an arbitrary file path via the 'file[files]' parameter when creating a download post and once the user deletes the post the supplied arbitrary file will be deleted. This can be used by attackers to delete the /wp-config.php file which will reset the installation and make it possible for an attacker to achieve remote code execution on the server.

Published: September 06, 2022; 2:15:13 PM -0400
V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-2430

The Visual Composer Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Text Block' feature in versions up to, and including, 45.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with access to the visual composer editor to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Published: September 06, 2022; 2:15:13 PM -0400
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2022-2429

The Ultimate SMS Notifications for WooCommerce plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.4.1 via the 'Export Utility' functionality. This makes it possible for authenticated attackers, such as a subscriber, to add untrusted input into billing information like their First Name that will embed into the exported CSV file triggered by an administrator and can result in code execution when these files are downloaded and opened on a local system with a vulnerable configuration.

Published: September 06, 2022; 2:15:13 PM -0400
V3.1: 8.0 HIGH
V2.0:(not available)
CVE-2022-2233

The Banner Cycler plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.4. This is due to missing nonce protection on the pabc_admin_slides_postback() function found in the ~/admin/admin.php file. This makes it possible for unauthenticated attackers to inject malicious web scripts into the page, granted they can trick a site’s administrator into performing an action such as clicking on a link

Published: September 06, 2022; 2:15:13 PM -0400
V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-1628

The Simple SEO plugin for WordPress is vulnerable to attribute-based stored Cross-Site Scripting in versions up to, and including 1.7.91, due to insufficient sanitization or escaping on the SEO social and standard title parameters. This can be exploited by authenticated users with Contributor and above permissions to inject arbitrary web scripts into posts/pages that execute whenever an administrator access the page.

Published: September 06, 2022; 2:15:10 PM -0400
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2021-36829

Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in MyThemeShop Launcher: Coming Soon & Maintenance Mode plugin <= 1.0.11 at WordPress.

Published: September 06, 2022; 2:15:10 PM -0400
V3.1: 4.8 MEDIUM
V2.0:(not available)
CVE-2022-2775

The Fast Flow WordPress plugin before 1.2.13 does not sanitise and escape some of its Widget settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

Published: September 05, 2022; 9:15:08 AM -0400
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-2657

The Multivendor Marketplace Solution for WooCommerce WordPress plugin before 3.8.12 is lacking authorisation and CSRF in multiple AJAX actions, which could allow any authenticated users, such as subscriber to call them and suspend vendors (reporter by the submitter) or update arbitrary order status (identified by WPScan when verifying the issue) for example. Other unauthenticated attacks are also possible, either directly or via CSRF

Published: September 05, 2022; 9:15:08 AM -0400
V3.1: 4.3 MEDIUM
V2.0:(not available)
CVE-2022-2597

The Visual Portfolio, Photo Gallery & Post Grid WordPress plugin before 2.19.0 does not have proper authorisation checks in some of its REST endpoints, allowing users with a role as low as contributor to call them and inject arbitrary CSS in arbitrary saved layouts

Published: September 05, 2022; 9:15:08 AM -0400
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2022-2565

The Simple Payment Donations & Subscriptions WordPress plugin before 4.2.1 does not sanitise and escape user input given in its forms, which could allow unauthenticated attackers to perform Cross-Site Scripting attacks against admins

Published: September 05, 2022; 9:15:08 AM -0400
V3.1: 7.2 HIGH
V2.0:(not available)
CVE-2022-2543

The Visual Portfolio, Photo Gallery & Post Grid WordPress plugin before 2.18.0 does not have proper authorisation checks in some of its REST endpoints, allowing unauthenticated users to call them and inject arbitrary CSS in arbitrary saved layouts

Published: September 05, 2022; 9:15:08 AM -0400
V3.1: 6.1 MEDIUM
V2.0:(not available)
CVE-2022-2376

The Directorist WordPress plugin before 7.3.1 discloses the email address of all users in an AJAX action available to both unauthenticated and any authenticated users

Published: September 05, 2022; 9:15:08 AM -0400
V3.1: 5.3 MEDIUM
V2.0:(not available)
CVE-2022-2271

The WP Database Backup WordPress plugin before 5.9 does not escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup)

Published: September 05, 2022; 9:15:08 AM -0400
V3.1: 4.8 MEDIUM
V2.0:(not available)
CVE-2022-2083

The Simple Single Sign On WordPress plugin through 4.1.0 leaks its OAuth client_secret, which could be used by attackers to gain unauthorized access to the site.

Published: September 05, 2022; 9:15:08 AM -0400
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2022-36796

Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS) in CallRail, Inc. CallRail Phone Call Tracking plugin <= 0.4.9 at WordPress.

Published: September 01, 2022; 1:15:08 PM -0400
V3.1: 6.1 MEDIUM
V2.0:(not available)
CVE-2022-36373

Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Simon Ward MP3 jPlayer plugin <= 2.7.3 at WordPress.

Published: September 01, 2022; 1:15:08 PM -0400
V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-36355

Authenticated (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in PluginlySpeaking Easy Org Chart plugin <= 3.1 at WordPress.

Published: September 01, 2022; 1:15:08 PM -0400
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2022-2638

The Export All URLs WordPress plugin before 4.4 does not validate the path of the file to be removed on the system which is supposed to be the CSV file. This could allow high privilege users to delete arbitrary file from the server

Published: August 29, 2022; 2:15:09 PM -0400
V3.1: 6.5 MEDIUM
V2.0:(not available)