CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35726 – WordPress WooBuddy plugin <= 3.4.19 - Broken Access Control vulnerability
https://notcve.org/view.php?id=CVE-2024-35726
Missing Authorization vulnerability in ThemeKraft WooBuddy.This issue affects WooBuddy: from n/a through 3.4.19. Vulnerabilidad de autorización faltante en ThemeKraft WooBuddy. Este problema afecta a WooBuddy: desde n/a hasta 3.4.19. The BuddyPress WooCommerce My Account Integration. Create WooCommerce Member Pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wc4bp_shop_profile_sync_ajax() function in versions up to, and including, 3.4.19. • https://patchstack.com/database/vulnerability/wc4bp/wordpress-woobuddy-plugin-3-4-19-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5149 – BuddyForms <= 2.8.9 - Email Verification Bypass due to Insufficient Randomness
https://notcve.org/view.php?id=CVE-2024-5149
The BuddyForms plugin for WordPress is vulnerable to Email Verification Bypass in all versions up to, and including, 2.8.9 via the use of an insufficiently random activation code. This makes it possible for unauthenticated attackers to bypass the email verification. El complemento BuddyForms para WordPress es vulnerable a la omisión de verificación de correo electrónico en todas las versiones hasta la 2.8.9 incluida mediante el uso de un código de activación insuficientemente aleatorio. Esto hace posible que atacantes no autenticados omitan la verificación por correo electrónico. • https://plugins.trac.wordpress.org/browser/buddyforms/tags/2.8.9/includes/wp-insert-user.php#L334 https://www.wordfence.com/threat-intel/vulnerabilities/id/a5c8d361-698b-4abd-bcdd-0361d3fd10c5?source=cve • CWE-330: Use of Insufficiently Random Values •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-5823 – WordPress TK Google Fonts GDPR Compliant Plugin <= 2.2.11 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-5823
Cross-Site Request Forgery (CSRF) vulnerability in ThemeKraft TK Google Fonts GDPR Compliant plugin <= 2.2.11 versions. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento ThemeKraft TK Google Fonts GDPR Compliant en versiones <= 2.2.11. The TK Google Fonts GDPR Compliant plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tk_google_fonts_add_font function in all versions up to, and including, 2.2.11. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to add arbitrary Google fonts. We believe CVE-2023-5823 may be misreported as a CSRF as there is no nonce check that was added in 2.2.12, but instead a capability check. • https://patchstack.com/database/vulnerability/tk-google-fonts/wordpress-tk-google-fonts-gdpr-compliant-plugin-2-2-11-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) CWE-862: Missing Authorization •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25981 – WordPress BuddyForms Plugin <= 2.8.1 is vulnerable to Cross Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2023-25981
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ThemeKraft Post Form plugin <= 2.8.1 versions. Vulnerabilidad de Cross-Site Scripting (XSS) Almacenada en el plugin Post Form de ThemeKraft que afecta a las versiones versiones 2.8.1 e inferiores. Para explotar esta vulnerabilidad hace falta estar autenticado y tener permisos de colaborador o superior. The Post, Registration and Profile Form Builder – FrontEnd Editor BuddyForms – Easy WordPress Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in versions up to, and including, 2.8.1 due to insufficient input sanitization and output escaping on user supplied attributes. • https://patchstack.com/database/vulnerability/buddyforms/wordpress-buddyforms-plugin-2-8-1-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-26326 – BuddyForms <= 2.7.7 - PHAR Deserialization
https://notcve.org/view.php?id=CVE-2023-26326
The BuddyForms WordPress plugin, in versions prior to 2.7.8, was affected by an unauthenticated insecure deserialization issue. An unauthenticated attacker could leverage this issue to call files using a PHAR wrapper that will deserialize the data and call arbitrary PHP Objects that can be used to perform a variety of malicious actions granted a POP chain is also present. The BuddyForms plugin for WordPress is vulnerable to deserialization of untrusted input via the 'url' parameter in versions up to, and including 2.7.7. This makes it possible for authenticated attackers with minimal permissions, such as a subscriber, to call files using a PHAR wrapper that will deserialize the data and call arbitrary PHP Objects that can be used to perform a variety of malicious actions granted a POP chain is also present. It also requires that the attacker is successful in uploading a file with the serialized payload, however, this can easily be achieved by uploading a fake profile photo prior to launching an attack. • https://www.tenable.com/security/research/tra-2023-7 • CWE-502: Deserialization of Untrusted Data •