Export limit exceeded: 363576 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363576 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-24509 | 1 A3rev | 1 Page View Count | 2024-11-21 | 5.4 Medium |
| The Page View Count WordPress plugin before 2.4.9 does not escape the postid parameter of pvc_stats shortcode, allowing users with a role as low as Contributor to perform Stored XSS attacks. A post made by a contributor would still have to be approved by an admin to have the XSS triggered in the frontend, however, higher privilege users, such as editor could exploit this without the need of approval, and even when the blog disallows the unfiltered_html capability. | ||||
| CVE-2021-24508 | 1 Smashballoon | 1 Smash Balloon Social Post Feed | 2024-11-21 | 6.1 Medium |
| The Smash Balloon Social Post Feed WordPress plugin before 2.19.2 does not sanitise or escape the feedID POST parameter in its feed_locator AJAX action (available to both authenticated and unauthenticated users) before outputting a truncated version of it in the admin dashboard, leading to an unauthenticated Stored Cross-Site Scripting issue which will be executed in the context of a logged in administrator. | ||||
| CVE-2021-24507 | 1 Brainstormforce | 1 Astra | 2024-11-21 | 9.8 Critical |
| The Astra Pro Addon WordPress plugin before 3.5.2 did not properly sanitise or escape some of the POST parameters from the astra_pagination_infinite and astra_shop_pagination_infinite AJAX action (available to both unauthenticated and authenticated user) before using them in SQL statement, leading to an SQL Injection issues | ||||
| CVE-2021-24506 | 1 Quantumcloud | 1 Slider Hero | 2024-11-21 | 8.8 High |
| The Slider Hero with Animation, Video Background & Intro Maker WordPress plugin before 8.2.7 does not sanitise or escape the id attribute of its hero-button shortcode before using it in a SQL statement, allowing users with a role as low as Contributor to perform SQL injection. | ||||
| CVE-2021-24505 | 1 Madeit | 1 Forms | 2024-11-21 | 5.4 Medium |
| The Forms WordPress plugin before 1.12.3 did not sanitise its input fields, leading to Stored Cross-Site scripting issues. The plugin was vulnerable to an Authenticated Stored Cross-Site Scripting (XSS) vulnerability within the Forms "Add new" field. | ||||
| CVE-2021-24504 | 1 Wplearnmanager | 1 Wp Learn Manager | 2024-11-21 | 6.1 Medium |
| The WP LMS – Best WordPress LMS Plugin WordPress plugin through 1.1.2 does not properly sanitise or validate its User Field Titles, allowing XSS payload to be used in them. Furthermore, no CSRF and capability checks were in place, allowing such attack to be performed either via CSRF or as any user (including unauthenticated) | ||||
| CVE-2021-24503 | 1 Thememason | 1 Popular Brand Icons - Simple Icons | 2024-11-21 | 5.4 Medium |
| The Popular Brand Icons – Simple Icons WordPress plugin before 2.7.8 does not sanitise or validate some of its shortcode parameters, such as "color", "size" or "class", allowing users with a role as low as Contributor to set Cross-Site payload in them. A post made by a contributor would still have to be approved by an admin to have the XSS triggered in the frontend, however, higher privilege users, such as editor could exploit this without the need of approval, and even when the blog disallows the unfiltered_html capability. | ||||
| CVE-2021-24501 | 1 Amentotech | 1 Workreap | 2024-11-21 | 8.1 High |
| The Workreap WordPress theme before 2.2.2 had several AJAX actions missing authorization checks to verify that a user was authorized to perform critical operations such as modifying or deleting objects. This allowed a logged in user to modify or delete objects belonging to other users on the site. | ||||
| CVE-2021-24500 | 1 Amentotech | 1 Workreap | 2024-11-21 | 8.1 High |
| Several AJAX actions available in the Workreap WordPress theme before 2.2.2 lacked CSRF protections, as well as allowing insecure direct object references that were not validated. This allows an attacker to trick a logged in user to submit a POST request to the vulnerable site, potentially modifying or deleting arbitrary objects on the target site. | ||||
| CVE-2021-24499 | 1 Amentotech | 1 Workreap | 2024-11-21 | 9.8 Critical |
| The Workreap WordPress theme before 2.2.2 AJAX actions workreap_award_temp_file_uploader and workreap_temp_file_uploader did not perform nonce checks, or validate that the request is from a valid user in any other way. The endpoints allowed for uploading arbitrary files to the uploads/workreap-temp directory. Uploaded files were neither sanitized nor validated, allowing an unauthenticated visitor to upload executable code such as php scripts. | ||||
| CVE-2021-24498 | 1 Dwbooster | 1 Calendar Event Multi View | 2024-11-21 | 6.1 Medium |
| The Calendar Event Multi View WordPress plugin before 1.4.01 does not sanitise or escape the 'start' and 'end' GET parameters before outputting them in the page (via php/edit.php), leading to a reflected Cross-Site Scripting issue. | ||||
| CVE-2021-24497 | 1 Satollo | 1 Giveaway | 2024-11-21 | 7.2 High |
| The Giveaway WordPress plugin through 1.2.2 is vulnerable to an SQL Injection issue which allows an administrative user to execute arbitrary SQL commands via the $post_id on the options.php page. | ||||
| CVE-2021-24496 | 1 Community Events Project | 1 Community Events | 2024-11-21 | 6.1 Medium |
| The Community Events WordPress plugin before 1.4.8 does not sanitise, validate or escape its importrowscount and successimportcount GET parameters before outputting them back in an admin page, leading to a reflected Cross-Site Scripting issue which will be executed in the context of a logged in administrator | ||||
| CVE-2021-24495 | 1 Marmoset | 1 Marmoset Viewer | 2024-11-21 | 6.1 Medium |
| The Marmoset Viewer WordPress plugin before 1.9.3 does not property sanitize, validate or escape the 'id' parameter before outputting back in the page, leading to a reflected Cross-Site Scripting issue. | ||||
| CVE-2021-24494 | 1 Deliciousbrains | 1 Wp Offload Ses Lite | 2024-11-21 | 5.4 Medium |
| The WP Offload SES Lite WordPress plugin before 1.4.5 did not escape some of the fields in the Activity page of the admin dashboard, such as the email's id, subject and recipient, which could lead to Stored Cross-Site Scripting issues when an attacker can control any of these fields, like the subject when filling a contact form for example. The XSS will be executed in the context of a logged in admin viewing the Activity tab of the plugin. | ||||
| CVE-2021-24493 | 1 Ingenesis | 1 Shopp | 2024-11-21 | 9.8 Critical |
| The shopp_upload_file AJAX action of the Shopp WordPress plugin through 1.4, available to both unauthenticated and authenticated user does not have any security measure in place to prevent upload of malicious files, such as PHP, allowing unauthenticated users to upload arbitrary files and leading to RCE | ||||
| CVE-2021-24492 | 1 Handsome Testimonials \& Reviews Project | 1 Handsome Testimonials \& Reviews | 2024-11-21 | 8.8 High |
| The hndtst_action_instance_callback AJAX call of the Handsome Testimonials & Reviews WordPress plugin before 2.1.1, available to any authenticated users, does not sanitise, validate or escape the hndtst_previewShortcodeInstanceId POST parameter before using it in a SQL statement, leading to an SQL Injection issue. | ||||
| CVE-2021-24491 | 1 Fileviewer Project | 1 Fileviewer | 2024-11-21 | 8.8 High |
| The Fileviewer WordPress plugin through 2.2 does not have CSRF checks in place when performing actions such as upload and delete files. As a result, attackers could make a logged in administrator delete and upload arbitrary files via a CSRF attack | ||||
| CVE-2021-24490 | 1 Email Artillery Project | 1 Email Artillery | 2024-11-21 | 6.8 Medium |
| The Email Artillery (MASS EMAIL) WordPress plugin through 4.1 does not properly check the uploaded files from the Import Emails feature, allowing arbitrary files to be uploaded. Furthermore, the plugin is also lacking any CSRF check, allowing such issue to be exploited via a CSRF attack as well. However, due to the presence of a .htaccess, denying access to everything in the folder the file is uploaded to, the malicious uploaded file will only be accessible on Web Servers such as Nginx/IIS | ||||
| CVE-2021-24489 | 1 Emarketdesign | 1 Request A Quote | 2024-11-21 | 4.8 Medium |
| The Request a Quote WordPress plugin before 2.3.9 does not sanitise, validate or escape some of its settings in the admin dashboard, leading to authenticated Stored Cross-Site Scripting issues even when the unfiltered_html capability is disallowed. | ||||