CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-4946 – Frontend Post WordPress Plugin <= 2.8.4 - Contributor+ Arbitrary Redirect
https://notcve.org/view.php?id=CVE-2022-4946
The Frontend Post WordPress Plugin WordPress plugin through 2.8.4 does not validate an attribute of one of its shortcode, which could allow users with a role as low as contributor to add a malicious shortcode to a page/post, which will redirect users to an arbitrary domain. The AccessPress Anonymous Post plugin for WordPress is vulnerable to Arbitrary Redirect in versions up to, and including, 2.8.4. This is due to insufficient validation on one of the attributes for one of its shortcodes. This makes it possible for authenticated attackers, with contributor-level access, to redirect users to potentially malicious sites. • https://wpscan.com/vulnerability/6e222018-a3e0-4af0-846c-6f00b67dfbc0 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 8.8EPSS: 0%CPEs: 25EXPL: 1CVE-2023-28661 – WP Popup Banners <= 1.2.5 - Authenticated (Subscriber+) SQL Injection via 'value'
https://notcve.org/view.php?id=CVE-2023-28661
The WP Popup Banners WordPress Plugin, version <= 1.2.5, is affected by an authenticated SQL injection vulnerability in the 'value' parameter in the get_popup_data action. The WP Popup Banners plugin for WordPress is vulnerable to a time-based SQL Injection via the 'value' parameter of the get_popup_data AJAX action in versions up to, and including, 1.2.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. • https://www.tenable.com/security/research/tra-2023-2 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-26532 – WordPress Social Auto Poster Plugin <= 2.1.4 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-26532
Cross-Site Request Forgery (CSRF) vulnerability in AccessPress Themes Social Auto Poster plugin <= 2.1.4 versions. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento AccessPress Themes Social Auto Poster en versiones <=2.1.4. The Social Auto Poster plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1.4. This is due to missing or incorrect nonce validation on the 'restore_settings' function. This makes it possible for unauthenticated attackers to reset (and thus destroy) the current plugin settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. • https://patchstack.com/database/vulnerability/accesspress-facebook-auto-post/wordpress-social-auto-poster-plugin-2-1-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-26518 – WordPress WP TFeed Plugin <= 1.6.9 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-26518
Cross-Site Request Forgery (CSRF) vulnerability in AccessPress Themes WP TFeed plugin <= 1.6.9 versions. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento WP TFeed de AccessPress Themes en versiones <= 1.6.9. The WP TFeed plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.6.9. This is due to missing or incorrect nonce validation on the aptf_delete_cache function. This makes it possible for unauthenticated attackers to delete the plugin's tweet cache via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. • https://patchstack.com/database/vulnerability/accesspress-twitter-feed/wordpress-wp-tfeed-plugin-1-6-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.4EPSS: 0%CPEs: 20EXPL: 1CVE-2023-0175 – Smart Logo Showcase Lite <= 1.1.9 - Contributor+ Stored XSS
https://notcve.org/view.php?id=CVE-2023-0175
The Responsive Clients Logo Gallery Plugin for WordPress plugin through 1.1.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. The Smart Logo Showcase Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in versions up to, and including, 1.1.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://wpscan.com/vulnerability/cdcd3c2c-cb29-4b21-8d3d-7eafbc1d3098 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •