Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): wordpress
- Search Type: Search All
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-0865 |
The WooCommerce Multiple Customer Addresses & Shipping WordPress plugin before 21.7 does not ensure that the address to add/update/retrieve/delete and duplicate belong to the user making the request, or is from a high privilege users, allowing any authenticated users, such as subscriber to add/update/duplicate/delete as well as retrieve addresses of other users. Published: March 20, 2023; 12:15:12 PM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2023-0631 |
The Paid Memberships Pro WordPress plugin before 2.9.12 does not prevent subscribers from rendering shortcodes that concatenate attributes directly into an SQL query. Published: March 20, 2023; 12:15:12 PM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2023-0630 |
The Slimstat Analytics WordPress plugin before 4.9.3.3 does not prevent subscribers from rendering shortcodes that concatenates attributes directly into an SQL query. Published: March 20, 2023; 12:15:12 PM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2023-0370 |
The WPB Advanced FAQ WordPress plugin through 1.0.6 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. Published: March 20, 2023; 12:15:12 PM -0400 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2023-0369 |
The GoToWP WordPress plugin through 5.1.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. Published: March 20, 2023; 12:15:12 PM -0400 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2023-0365 |
The React Webcam WordPress plugin through 1.2.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. Published: March 20, 2023; 12:15:12 PM -0400 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2023-0364 |
The real.Kit WordPress plugin before 5.1.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. Published: March 20, 2023; 12:15:12 PM -0400 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2023-0340 |
The Custom Content Shortcode WordPress plugin through 4.0.2 does not validate one of its shortcode attribute, which could allow users with a contributor role and above to include arbitrary files via a traversal attack. This could also allow them to read non PHP files and retrieve their content. RCE could also be achieved if the attacker manage to upload a malicious image containing PHP code, and then include it via the affected attribute, on a default WP install, authors could easily achieve that given that they have the upload_file capability. Published: March 20, 2023; 12:15:12 PM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2023-0273 |
The Custom Content Shortcode WordPress plugin through 4.0.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks Published: March 20, 2023; 12:15:11 PM -0400 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2023-0175 |
The Responsive Clients Logo Gallery Plugin for WordPress plugin through 1.1.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. Published: March 20, 2023; 12:15:11 PM -0400 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2023-0167 |
The GetResponse for WordPress plugin through 5.5.31 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. Published: March 20, 2023; 12:15:11 PM -0400 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2023-0145 |
The Saan World Clock WordPress plugin through 1.8 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. Published: March 20, 2023; 12:15:11 PM -0400 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2022-4148 |
The WP OAuth Server (OAuth Authentication) WordPress plugin before 4.3.0 has a flawed CSRF and authorisation check when deleting a client, which could allow any authenticated users, such as subscriber to delete arbitrary client. Published: March 20, 2023; 12:15:11 PM -0400 |
V3.1: 4.3 MEDIUM V2.0:(not available) |
CVE-2022-3894 |
The WP OAuth Server (OAuth Authentication) WordPress plugin before 4.2.5 does not have CSRF check when deleting a client, and does not ensure that the object to be deleted is actually a client, which could allow attackers to make a logged in admin delete arbitrary client and post via a CSRF attack. Published: March 20, 2023; 12:15:11 PM -0400 |
V3.1: 4.3 MEDIUM V2.0:(not available) |
CVE-2023-1472 |
The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.1. This is due to missing or incorrect nonce validation on its AJAX actions. This makes it possible for unauthenticated attackers to invoke those functions, via forged request granted they can trick a site administrator into performing an action such as clicking on a link. Actions include resetting the API key, accessing or deleting log files, and deleting cache among others. Published: March 17, 2023; 11:15:11 AM -0400 |
V3.1: 6.3 MEDIUM V2.0:(not available) |
CVE-2023-1471 |
The WP Popup Banners plugin for WordPress is vulnerable to SQL Injection via the 'banner_id' parameter in versions up to, and including, 1.2.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with minimal permissions, such as a subscrber, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Published: March 17, 2023; 10:15:12 AM -0400 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2023-1470 |
The eCommerce Product Catalog plugin for WordPress is vulnerable to Stored Cross-Site Scripting via some of its settings parameters in versions up to, and including, 3.3.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. Published: March 17, 2023; 10:15:12 AM -0400 |
V3.1: 4.8 MEDIUM V2.0:(not available) |
CVE-2023-1469 |
The WP Express Checkout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘pec_coupon[code]’ parameter in versions up to, and including, 2.2.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with administrator-level access to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Note: This can potentially be exploited by lower-privileged users if the `Admin Dashboard Access Permission` setting it set for those users to access the dashboard. Published: March 17, 2023; 9:15:10 AM -0400 |
V3.1: 4.8 MEDIUM V2.0:(not available) |
CVE-2023-1172 |
The Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the full name value in versions up to, and including, 21.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Published: March 17, 2023; 9:15:10 AM -0400 |
V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2023-1431 |
The WP Simple Shopping Cart plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 4.6.3 due to the plugin saving shopping cart data exports in a publicly accessible location (/wp-content/plugins/wordpress-simple-paypal-shopping-cart/includes/admin/). This makes it possible for unauthenticated attackers to view information that should be limited to administrators only and can include data like first name, last name, email, address, IP Address, and more. Published: March 16, 2023; 9:15:10 AM -0400 |
V3.1: 5.3 MEDIUM V2.0:(not available) |