CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10593 – WPForms – Easy Form Builder for WordPress <= 1.9.1.6 - Cross-Site Request Forgery (CSRF) to Plugin's Log Deletion
https://notcve.org/view.php?id=CVE-2024-10593
The WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.9.1.6. This is due to missing or incorrect nonce validation on the process_admin_ui function. This makes it possible for unauthenticated attackers to delete WPForm logs via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. • https://plugins.trac.wordpress.org/browser/wpforms-lite/tags/1.9.1.6/src/Admin/Tools/Views/Logs.php#L269 https://plugins.trac.wordpress.org/browser/wpforms-lite/tags/1.9.1.6/src/Logger/ListTable.php#L394 https://www.wordfence.com/threat-intel/vulnerabilities/id/6d1ea80a-a1ce-4964-8dde-f3ed2df5537c?source=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10876 – Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More <= 1.8.3 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2024-10876
The Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.8.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. • https://plugins.trac.wordpress.org/browser/charitable/tags/1.8.2/includes/admin/donations/class-charitable-donation-list-table.php#L318 https://plugins.trac.wordpress.org/changeset/3183944/charitable/trunk/includes/admin/donations/class-charitable-donation-list-table.php https://www.wordfence.com/threat-intel/vulnerabilities/id/68014bb5-b2ef-4e2f-9c47-85e555ded5a7?source=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10045 – Transients Manager <= 2.0.6 - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2024-10045
The Transients Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.6. This is due to missing or incorrect nonce validation on the process_actions function. This makes it possible for unauthenticated attackers to delete transients via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. • https://plugins.trac.wordpress.org/browser/transients-manager/trunk/src/TransientsManager.php#L993 https://plugins.trac.wordpress.org/changeset/3171619/transients-manager/trunk/src/TransientsManager.php https://www.wordfence.com/threat-intel/vulnerabilities/id/03b8b5a2-979d-42d0-86f5-48ee73162d22?source=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8791 – Donation Forms by Charitable – Donations Plugin & Fundraising Platform for WordPress <= 1.8.1.14 - Insecure Direct Object Reference to Account Takeover and Privilege Escalation
https://notcve.org/view.php?id=CVE-2024-8791
The Donation Forms by Charitable – Donations Plugin & Fundraising Platform for WordPress plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.8.1.14. This is due to the plugin not properly verifying a user's identity when the ID parameter is supplied through the update_core_user() function. This makes it possible for unauthenticated attackers to update the email address and password of arbitrary user accounts, including administrators, which can then be used to log in to those user accounts. • https://plugins.trac.wordpress.org/browser/charitable/tags/1.8.1.14/includes/users/class-charitable-user.php#L872 https://plugins.trac.wordpress.org/changeset/3154009/charitable/trunk/includes/users/class-charitable-user.php https://www.wordfence.com/threat-intel/vulnerabilities/id/0ee60943-b583-4a99-8e62-846b380c98aa?source=cve • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2022-2439 – Easy Digital Downloads – Simple eCommerce for Selling Digital Files <= 3.3.3 - Authenticated (Admin+) PHAR Deserialization
https://notcve.org/view.php?id=CVE-2022-2439
The Easy Digital Downloads – Simple eCommerce for Selling Digital Files plugin for WordPress is vulnerable to deserialization of untrusted input via the 'upload[file]' parameter in versions up to, and including 3.3.3. This makes it possible for authenticated administrative users to call files using a PHAR wrapper, that will deserialize and call arbitrary PHP Objects that can be used to perform a variety of malicious actions granted a POP chain is also present. • https://plugins.trac.wordpress.org/changeset/3154854/easy-digital-downloads/tags/3.3.4/includes/admin/import/import-functions.php https://plugins.trac.wordpress.org/changeset/3154854/easy-digital-downloads/tags/3.3.4/src/Utils/FileSystem.php https://www.wordfence.com/threat-intel/vulnerabilities/id/644c8702-08ad-4048-ae91-041f1771f1dc?source=cve • CWE-502: Deserialization of Untrusted Data •