Export limit exceeded: 363801 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363801 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-24204 | 1 Elementor | 1 Website Builder | 2024-11-21 | 5.4 Medium |
| In the Elementor Website Builder WordPress plugin before 3.1.4, the accordion widget (includes/widgets/accordion.php) accepts a ‘title_html_tag’ parameter. Although the element control lists a fixed set of possible html tags, it is possible for a user with Contributor or above permissions to send a modified ‘save_builder’ request containing JavaScript in the ‘title_html_tag’ parameter, which is not filtered and is output without escaping. This JavaScript will then be executed when the saved page is viewed or previewed. | ||||
| CVE-2021-24203 | 1 Elementor | 1 Website Builder | 2024-11-21 | 5.4 Medium |
| In the Elementor Website Builder WordPress plugin before 3.1.4, the divider widget (includes/widgets/divider.php) accepts an ‘html_tag’ parameter. Although the element control lists a fixed set of possible html tags, it is possible for a user with Contributor or above permissions to send a modified ‘save_builder’ request with this parameter set to ‘script’ and combined with a ‘text’ parameter containing JavaScript, which will then be executed when the saved page is viewed or previewed. | ||||
| CVE-2021-24202 | 1 Elementor | 1 Website Builder | 2024-11-21 | 5.4 Medium |
| In the Elementor Website Builder WordPress plugin before 3.1.4, the heading widget (includes/widgets/heading.php) accepts a ‘header_size’ parameter. Although the element control lists a fixed set of possible html tags, it is possible for a user with Contributor or above permissions to send a modified ‘save_builder’ request with this parameter set to ‘script’ and combined with a ‘title’ parameter containing JavaScript, which will then be executed when the saved page is viewed or previewed. | ||||
| CVE-2021-24201 | 1 Elementor | 1 Website Builder | 2024-11-21 | 5.4 Medium |
| In the Elementor Website Builder WordPress plugin before 3.1.4, the column element (includes/elements/column.php) accepts an ‘html_tag’ parameter. Although the element control lists a fixed set of possible html tags, it is possible for a user with Contributor or above permissions to send a modified ‘save_builder’ request containing JavaScript in the ‘html_tag’ parameter, which is not filtered and is output without escaping. This JavaScript will then be executed when the saved page is viewed or previewed. | ||||
| CVE-2021-24200 | 1 Tms-outsource | 1 Wpdatatables | 2024-11-21 | 6.5 Medium |
| The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the endpoint /wp-admin/admin-ajax.php?action=get_wdtable&table_id=1, on the 'length' HTTP POST parameter. This allows an attacker to access all the data in the database and obtain access to the WordPress application. | ||||
| CVE-2021-24199 | 1 Tms-outsource | 1 Wpdatatables | 2024-11-21 | 6.5 Medium |
| The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the endpoint /wp-admin/admin-ajax.php?action=get_wdtable&table_id=1, on the 'start' HTTP POST parameter. This allows an attacker to access all the data in the database and obtain access to the WordPress application. | ||||
| CVE-2021-24198 | 1 Tms-outsource | 1 Wpdatatables | 2024-11-21 | 8.1 High |
| The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can tamper the parameters to delete the data of another user that are present in the same table through id_key and id_val parameters. By exploiting this issue an attacker is able to delete the data of all users in the same table. | ||||
| CVE-2021-24197 | 1 Tms-outsource | 1 Wpdatatables | 2024-11-21 | 8.1 High |
| The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can tamper the parameters to access the data of another user that are present in the same table by taking over the user permissions on the table through formdata[wdt_ID] parameter. By exploiting this issue an attacker is able to access and manage the data of all users in the same table. | ||||
| CVE-2021-24196 | 1 Cm-wp | 1 Social Slider Widget | 2024-11-21 | 5.4 Medium |
| The Social Slider Widget WordPress plugin before 1.8.5 allowed Authenticated Reflected XSS in the plugin settings page as the ‘token_error’ parameter can be controlled by users and it is directly echoed without being sanitized | ||||
| CVE-2021-24195 | 1 Wp-buy | 1 Login As User Or Customer \(user Switching\) | 2024-11-21 | 8.8 High |
| Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Login as User or Customer (User Switching) WordPress plugin before 1.8, to install any plugin (including a specific version) from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install vulnerable plugins and could lead to more critical vulnerabilities like RCE. | ||||
| CVE-2021-24194 | 1 Wp-buy | 1 Login Protection - Limit Failed Login Attempts | 2024-11-21 | 8.8 High |
| Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Login Protection - Limit Failed Login Attempts WordPress plugin before 2.9, to install any plugin (including a specific version) from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install vulnerable plugins and could lead to more critical vulnerabilities like RCE. | ||||
| CVE-2021-24193 | 1 Wp-buy | 1 Visitor Traffic Real Time Statistics | 2024-11-21 | 8.8 High |
| Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Visitor Traffic Real Time Statistics WordPress plugin before 2.12, to install any plugin (including a specific version) from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install vulnerable plugins and could lead to more critical vulnerabilities like RCE. | ||||
| CVE-2021-24192 | 1 Sitemap Project | 1 Sitemap | 2024-11-21 | 8.8 High |
| Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Tree Sitemap WordPress plugin before 2.9, to install any plugin (including a specific version) from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install vulnerable plugins and could lead to more critical vulnerabilities like RCE. | ||||
| CVE-2021-24191 | 1 Wpshopmart | 1 Coming Soon Page \& Maintenance Mode | 2024-11-21 | 8.8 High |
| Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WP Maintenance Mode & Site Under Construction WordPress plugin before 1.8.2, to install any plugin (including a specific version) from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install vulnerable plugins and could lead to more critical vulnerabilities like RCE. | ||||
| CVE-2021-24190 | 1 Wp-buy | 1 Conditional Marketing Mailer | 2024-11-21 | 8.8 High |
| Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WooCommerce Conditional Marketing Mailer WordPress plugin before 1.5.2, to install any plugin (including a specific version) from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install vulnerable plugins and could lead to more critical vulnerabilities like RCE. | ||||
| CVE-2021-24189 | 1 Wp-buy | 1 Captchinoo | 2024-11-21 | 8.8 High |
| Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Captchinoo, Google recaptcha for admin login page WordPress plugin before 2.4, to install any plugin (including a specific version) from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install vulnerable plugins and could lead to more critical vulnerabilities like RCE. | ||||
| CVE-2021-24188 | 1 Wp-buy | 1 Wp Content Copy Protection \& No Right Click | 2024-11-21 | 8.8 High |
| Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WP Content Copy Protection & No Right Click WordPress plugin before 3.1.5, to install any plugin (including a specific version) from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install vulnerable plugins and could lead to more critical vulnerabilities like RCE. | ||||
| CVE-2021-24187 | 1 Clogica | 1 Seo Redirection | 2024-11-21 | 5.4 Medium |
| The setting page of the SEO Redirection Plugin - 301 Redirect Manager WordPress plugin before 6.4 is vulnerable to reflected Cross-Site Scripting (XSS) as user input is not properly sanitised before being output in an attribute. | ||||
| CVE-2021-24186 | 1 Themeum | 1 Tutor Lms | 2024-11-21 | 6.5 Medium |
| The tutor_answering_quiz_question/get_answer_by_id function pair from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.3 was vulnerable to UNION based SQL injection that could be exploited by students. | ||||
| CVE-2021-24185 | 1 Themeum | 1 Tutor Lms | 2024-11-21 | 6.5 Medium |
| The tutor_place_rating AJAX action from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.7.7 was vulnerable to blind and time based SQL injections that could be exploited by students. | ||||