Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): wordpress
  • Search Type: Search All
There are 3,346 matching records.
Displaying matches 221 through 240.
Vuln ID Summary CVSS Severity
CVE-2021-24163

The AJAX action, wp_ajax_ninja_forms_sendwp_remote_install_handler, did not have a capability check on it, nor did it have any nonce protection, therefore making it possible for low-level users, such as subscribers, to install and activate the SendWP Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin before 3.4.34 and retrieve the client_secret key needed to establish the SendWP connection while also installing the SendWP plugin.

Published: April 05, 2021; 3:15:15 PM -0400
V3.1: 8.8 HIGH
V2.0: 6.5 MEDIUM
CVE-2021-24162

In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, attackers could craft a request and trick an administrator into importing all new settings. These settings could be modified to include malicious JavaScript, therefore allowing an attacker to inject payloads that could aid in further infection of the site.

Published: April 05, 2021; 3:15:15 PM -0400
V3.1: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2021-24161

In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, attackers could craft a request and trick an administrator into uploading a zip archive containing malicious PHP files. The attacker could then access those files to achieve remote code execution and further infect the targeted site.

Published: April 05, 2021; 3:15:15 PM -0400
V3.1: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2021-24160

In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, subscribers could upload zip archives containing malicious PHP files that would get extracted to the /rmp-menu/ directory. These files could then be accessed via the front end of the site to trigger remote code execution and ultimately allow an attacker to execute commands to further infect a WordPress site.

Published: April 05, 2021; 3:15:15 PM -0400
V3.1: 8.8 HIGH
V2.0: 6.5 MEDIUM
CVE-2021-24159

Due to the lack of sanitization and lack of nonce protection on the custom CSS feature, an attacker could craft a request to inject malicious JavaScript on a site using the Contact Form 7 Style WordPress plugin through 3.1.9. If an attacker successfully tricked a site’s administrator into clicking a link or attachment, then the request could be sent and the CSS settings would be successfully updated to include malicious JavaScript.

Published: April 05, 2021; 3:15:15 PM -0400
V3.1: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2021-24155

The WordPress Backup and Migrate Plugin – Backup Guard WordPress plugin before 1.6.0 did not ensure that the imported files are of the SGBP format and extension, allowing high privilege users (admin+) to upload arbitrary files, including PHP ones, leading to RCE.

Published: April 05, 2021; 3:15:14 PM -0400
V3.1: 7.2 HIGH
V2.0: 6.5 MEDIUM
CVE-2021-24154

The Theme Editor WordPress plugin before 2.6 did not validate the GET file parameter before passing it to the download_file() function, allowing administrators to download arbitrary files on the web server, such as /etc/passwd

Published: April 05, 2021; 3:15:14 PM -0400
V3.1: 4.9 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2021-24153

A Stored Cross-Site Scripting vulnerability was discovered in the Yoast SEO WordPress plugin before 3.4.1, which had built-in blacklist filters which were blacklisting Parenthesis as well as several functions such as alert but bypasses were found.

Published: April 05, 2021; 3:15:14 PM -0400
V3.1: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2021-24150

The LikeBtn WordPress Like Button Rating ♥ LikeBtn WordPress plugin before 2.6.32 was vulnerable to Unauthenticated Full-Read Server-Side Request Forgery (SSRF).

Published: April 05, 2021; 3:15:14 PM -0400
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2021-27349

Advanced Order Export before 3.1.8 for WooCommerce allows XSS, a different vulnerability than CVE-2020-11727.

Published: March 31, 2021; 6:15:14 PM -0400
V3.1: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2021-21389

BuddyPress is an open source WordPress plugin to build a community site. In releases of BuddyPress from 5.0.0 before 7.2.1 it's possible for a non-privileged, regular user to obtain administrator rights by exploiting an issue in the REST API members endpoint. The vulnerability has been fixed in BuddyPress 7.2.1. Existing installations of the plugin should be updated to this version to mitigate the issue.

Published: March 26, 2021; 5:15:13 PM -0400
V3.1: 8.8 HIGH
V2.0: 9.0 HIGH
CVE-2021-24149

Unvalidated input in the Modern Events Calendar Lite WordPress plugin, versions before 5.16.6, did not sanitise the mec[post_id] POST parameter in the mec_fes_form AJAX action when logged in as an author+, leading to an authenticated SQL Injection issue.

Published: March 18, 2021; 11:15:15 AM -0400
V3.1: 8.8 HIGH
V2.0: 6.5 MEDIUM
CVE-2021-24148

A business logic issue in the MStore API WordPress plugin, versions before 3.2.0, had an authentication bypass with Sign In With Apple allowing unauthenticated users to recover an authentication cookie with only an email address.

Published: March 18, 2021; 11:15:15 AM -0400
V3.1: 9.8 CRITICAL
V2.0: 10.0 HIGH
CVE-2021-24147

Unvalidated input and lack of output encoding in the Modern Events Calendar Lite WordPress plugin, versions before 5.16.5, did not sanitise the mic_comment field (Notes on time) when adding/editing an event, allowing users with privilege as low as author to add events with a Cross-Site Scripting payload in them, which will be triggered in the frontend when viewing the event.

Published: March 18, 2021; 11:15:15 AM -0400
V3.1: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2021-24146

Lack of authorisation checks in the Modern Events Calendar Lite WordPress plugin, versions before 5.16.5, did not properly restrict access to the export files, allowing unauthenticated users to exports all events data in CSV or XML format for example.

Published: March 18, 2021; 11:15:15 AM -0400
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2021-24145

Arbitrary file upload in the Modern Events Calendar Lite WordPress plugin, versions before 5.16.5, did not properly check the imported file, allowing PHP ones to be uploaded by administrator by using the 'text/csv' content-type in the request.

Published: March 18, 2021; 11:15:15 AM -0400
V3.1: 7.2 HIGH
V2.0: 6.5 MEDIUM
CVE-2021-24142

Unvaludated input in the 301 Redirects - Easy Redirect Manager WordPress plugin, versions before 2.51, did not sanitise its "Redirect From" column when importing a CSV file, allowing high privilege users to perform SQL injections.

Published: March 18, 2021; 11:15:15 AM -0400
V3.1: 7.2 HIGH
V2.0: 6.5 MEDIUM
CVE-2021-24140

Unvalidated input in the Ajax Load More WordPress plugin, versions before 5.3.2, lead to SQL Injection in POST /wp-admin/admin-ajax.php with param repeater=' or sleep(5)#&type=test.

Published: March 18, 2021; 11:15:14 AM -0400
V3.1: 7.2 HIGH
V2.0: 6.5 MEDIUM
CVE-2021-24139

Unvalidated input in the Photo Gallery (10Web Photo Gallery) WordPress plugin, versions before 1.5.55, leads to SQL injection via the frontend/models/model.php bwg_search_x parameter.

Published: March 18, 2021; 11:15:14 AM -0400
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2021-24138

Unvalidated input in the AdRotate WordPress plugin, versions before 5.8.4, leads to Authenticated SQL injection via param "id". This requires an admin privileged user.

Published: March 18, 2021; 11:15:14 AM -0400
V3.1: 5.5 MEDIUM
V2.0: 5.5 MEDIUM