The WP User WordPress plugin before 7.0 does not sanitise and escape some parameters in pages where the [wp_user] shortcode is used, leading to Reflected Cross-Site Scripting issues Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 5.5 does not have authorisation and CSRF checks in the updateIpAddress AJAX action, allowing any authenticated user to call it, or make a logged in user do it via a CSRF attack and add an arbitrary IP address to exclude. Furthermore, due to the lack…
The Maps Plugin using Google Maps for WordPress plugin before 1.8.4 does not have CSRF checks in most of its AJAX actions, which could allow attackers to make logged in admins delete arbitrary posts and update the plugin’s settings via a CSRF attack Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak:…
The WHMCS Bridge WordPress plugin before 6.4b does not sanitise and escape the error parameter before outputting it back in admin dashboard, leading to a Reflected Cross-Site Scripting Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
The Yoast SEO WordPress plugin before 17.3 discloses the full internal path of featured images in posts via the wp/v2/posts REST endpoints which could help an attacker identify other vulnerabilities or help during the exploitation of other identified vulnerabilities. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
The 15Zine WordPress theme before 3.3.0 does not sanitise and escape the cbi parameter before outputing it back in the response via the cb_s_a AJAX action, leading to a Reflected Cross-Site Scripting Devamını Oku Kaynak: NIST
The Orange Form WordPress plugin through 1.0.1 does not have any authorisation and CSRF checks in all of its AJAX calls, for example the or_delete_filed one which is available to both unauthenticated and authenticated users could allow attackers to delete arbitrary posts.The AJAX calls performing actions on posts also do not ensure that the post…
The Contact Forms – Drag & Drop Contact Form Builder WordPress plugin through 1.0.5 allows high privilege users to download arbitrary files from the web server via a path traversal attack Devamını Oku Kaynak: NIST
In the Orange Form WordPress plugin through 1.0, the process_bulk_action() function in "admin/orange-form-email.php" performs an unprepared SQL query with an unsanitized parameter ($id). Only admin can access the page that invokes the function, but because of lack of CSRF protection, it is actually exploitable and could allow attackers to make a logged in admin delete…
The Logo Showcase with Slick Slider WordPress plugin before 1.2.5 does not have CSRF and authorisation checks in the lswss_save_attachment_data AJAX action, allowing any authenticated users, such as Subscriber, to change title, description, alt text, and URL of arbitrary uploaded media. Devamını Oku Kaynak: NIST
The Core Tweaks WP Setup WordPress plugin through 4.1 allows to bulk-set many settings in WordPress, including the admin email, as well as creating a new admin account. There is no CSRF protection in place, allowing an attacker to arbitrary change the admin email or create another admin account and takeover the website via CSRF…
The Cost Calculator WordPress plugin through 1.4 allows users with a role as low as Contributor to perform path traversal and local PHP file inclusion on Windows Web Servers via the Cost Calculator post's Layout Devamını Oku Kaynak: NIST