Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): wordpress
  • Search Type: Search All
There are 3,265 matching records.
Displaying matches 101 through 120.
Vuln ID Summary CVSS Severity
CVE-2021-24213

The GiveWP – Donation Plugin and Fundraising Platform WordPress plugin before 2.10.0 was affected by a reflected Cross-Site Scripting vulnerability inside of the administration panel, via the 's' GET parameter on the Donors page.

Published: April 12, 2021; 10:15:15 AM -0400
V3.1: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2021-24200

The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the endpoint /wp-admin/admin-ajax.php?action=get_wdtable&table_id=1, on the 'length' HTTP POST parameter. This allows an attacker to access all the data in the database and obtain access to the WordPress application.

Published: April 12, 2021; 10:15:15 AM -0400
V3.1: 6.5 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2021-24199

The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the endpoint /wp-admin/admin-ajax.php?action=get_wdtable&table_id=1, on the 'start' HTTP POST parameter. This allows an attacker to access all the data in the database and obtain access to the WordPress application.

Published: April 12, 2021; 10:15:14 AM -0400
V3.1: 6.5 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2021-24198

The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can tamper the parameters to delete the data of another user that are present in the same table through id_key and id_val parameters. By exploiting this issue an attacker is able to delete the data of all users in the same table.

Published: April 12, 2021; 10:15:14 AM -0400
V3.1: 8.1 HIGH
V2.0: 5.5 MEDIUM
CVE-2021-24197

The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can tamper the parameters to access the data of another user that are present in the same table by taking over the user permissions on the table through formdata[wdt_ID] parameter. By exploiting this issue an attacker is able to access and manage the data of all users in the same table.

Published: April 12, 2021; 10:15:14 AM -0400
V3.1: 8.1 HIGH
V2.0: 5.5 MEDIUM
CVE-2020-23762

Cross Site Scripting (XSS) vulnerability in the Larsens Calender plugin Version <= 1.2 for WordPress allows remote attackers to execute arbitrary web script via the "titel" column on the "Eintrage hinzufugen" tab.

Published: April 09, 2021; 2:15:13 PM -0400
V3.1: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2021-24212

The WooCommerce Help Scout WordPress plugin before 2.9.1 (https://woocommerce.com/products/woocommerce-help-scout/) allows unauthenticated users to upload any files to the site which by default will end up in wp-content/uploads/hstmp.

Published: April 05, 2021; 3:15:17 PM -0400
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2021-24211

The WordPress Related Posts plugin through 3.6.4 contains an authenticated (admin+) stored XSS vulnerability in the title field on the settings page. By exploiting that an attacker will be able to execute JavaScript code in the user's browser.

Published: April 05, 2021; 3:15:17 PM -0400
V3.1: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2021-24210

There is an open redirect in the PhastPress WordPress plugin before 1.111 that allows an attacker to malform a request to a page with the plugin and then redirect the victim to a malicious page. There is also a support comment from another user one year ago (https://wordpress.org/support/topic/phast-php-used-for-remote-fetch/) that says that the php involved in the request only go to whitelisted pages but it's possible to redirect the victim to any domain.

Published: April 05, 2021; 3:15:17 PM -0400
V3.1: 6.1 MEDIUM
V2.0: 5.8 MEDIUM
CVE-2021-24209

The WP Super Cache WordPress plugin before 1.7.2 was affected by an authenticated (admin+) RCE in the settings page due to input validation failure and weak $cache_path check in the WP Super Cache Settings -> Cache Location option. Direct access to the wp-cache-config.php file is not prohibited, so this vulnerability can be exploited for a web shell injection.

Published: April 05, 2021; 3:15:17 PM -0400
V3.1: 7.2 HIGH
V2.0: 9.0 HIGH
CVE-2021-24208

The editor of the WP Page Builder WordPress plugin before 1.2.4 allows lower-privileged users to insert unfiltered HTML, including JavaScript, into pages via the “Raw HTML” widget and the “Custom HTML” widgets (though the custom HTML widget requires sending a crafted request - it appears that this widget uses some form of client side validation but not server side validation), all of which are added via the “page_builder_data” parameter when performing the “wppb_page_save” AJAX action. It is also possible to insert malicious JavaScript via the “wppb_page_css” parameter (this can be done by closing out the style tag and opening a script tag) when performing the “wppb_page_save” AJAX action.

Published: April 05, 2021; 3:15:17 PM -0400
V3.1: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2021-24207

By default, the WP Page Builder WordPress plugin before 1.2.4 allows subscriber-level users to edit and make changes to any and all posts pages - user roles must be specifically blocked from editing posts and pages.

Published: April 05, 2021; 3:15:17 PM -0400
V3.1: 4.3 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2021-24206

In the Elementor Website Builder WordPress plugin before 3.1.4, the image box widget (includes/widgets/image-box.php) accepts a ‘title_size’ parameter. Although the element control lists a fixed set of possible html tags, it is possible for a user with Contributor or above permissions to send a modified ‘save_builder’ request containing JavaScript in the ‘title_size’ parameter, which is not filtered and is output without escaping. This JavaScript will then be executed when the saved page is viewed or previewed.

Published: April 05, 2021; 3:15:17 PM -0400
V3.1: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2021-24205

In the Elementor Website Builder WordPress plugin before 3.1.4, the icon box widget (includes/widgets/icon-box.php) accepts a ‘title_size’ parameter. Although the element control lists a fixed set of possible html tags, it is possible for a user with Contributor or above permissions to send a modified ‘save_builder’ request containing JavaScript in the ‘title_size’ parameter, which is not filtered and is output without escaping. This JavaScript will then be executed when the saved page is viewed or previewed.

Published: April 05, 2021; 3:15:17 PM -0400
V3.1: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2021-24204

In the Elementor Website Builder WordPress plugin before 3.1.4, the accordion widget (includes/widgets/accordion.php) accepts a ‘title_html_tag’ parameter. Although the element control lists a fixed set of possible html tags, it is possible for a user with Contributor or above permissions to send a modified ‘save_builder’ request containing JavaScript in the ‘title_html_tag’ parameter, which is not filtered and is output without escaping. This JavaScript will then be executed when the saved page is viewed or previewed.

Published: April 05, 2021; 3:15:17 PM -0400
V3.1: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2021-24203

In the Elementor Website Builder WordPress plugin before 3.1.4, the divider widget (includes/widgets/divider.php) accepts an ‘html_tag’ parameter. Although the element control lists a fixed set of possible html tags, it is possible for a user with Contributor or above permissions to send a modified ‘save_builder’ request with this parameter set to ‘script’ and combined with a ‘text’ parameter containing JavaScript, which will then be executed when the saved page is viewed or previewed.

Published: April 05, 2021; 3:15:17 PM -0400
V3.1: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2021-24202

In the Elementor Website Builder WordPress plugin before 3.1.4, the heading widget (includes/widgets/heading.php) accepts a ‘header_size’ parameter. Although the element control lists a fixed set of possible html tags, it is possible for a user with Contributor or above permissions to send a modified ‘save_builder’ request with this parameter set to ‘script’ and combined with a ‘title’ parameter containing JavaScript, which will then be executed when the saved page is viewed or previewed.

Published: April 05, 2021; 3:15:16 PM -0400
V3.1: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2021-24201

In the Elementor Website Builder WordPress plugin before 3.1.4, the column element (includes/elements/column.php) accepts an ‘html_tag’ parameter. Although the element control lists a fixed set of possible html tags, it is possible for a user with Contributor or above permissions to send a modified ‘save_builder’ request containing JavaScript in the ‘html_tag’ parameter, which is not filtered and is output without escaping. This JavaScript will then be executed when the saved page is viewed or previewed.

Published: April 05, 2021; 3:15:16 PM -0400
V3.1: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2021-24196

The Social Slider Widget WordPress plugin before 1.8.5 allowed Authenticated Reflected XSS in the plugin settings page as the ‘token_error’ parameter can be controlled by users and it is directly echoed without being sanitized

Published: April 05, 2021; 3:15:16 PM -0400
V3.1: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2021-24187

The setting page of the SEO Redirection Plugin - 301 Redirect Manager WordPress plugin before 6.4 is vulnerable to reflected Cross-Site Scripting (XSS) as user input is not properly sanitised before being output in an attribute.

Published: April 05, 2021; 3:15:16 PM -0400
V3.1: 5.4 MEDIUM
V2.0: 3.5 LOW