CVE-2024-8379 – Cost Calculator Builder < 3.2.29 - Admin+ SQL Injection
https://notcve.org/view.php?id=CVE-2024-8379
The Cost Calculator Builder WordPress plugin before 3.2.29 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Admin. The Cost Calculator Builder plugin for WordPress is vulnerable to SQL Injection via the discount[direction] parameter in all versions up to, and including, 3.2.28 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. • https://wpscan.com/vulnerability/a3463d5a-8215-4958-a6c0-039681c35a50 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-8239 – Starbox < 3.5.3 - Contributor+ Stored XSS
https://notcve.org/view.php?id=CVE-2024-8239
The Starbox WordPress plugin before 3.5.3 does not properly render social media profiles URLs in certain contexts, like the malicious user's profile or pages where the starbox shortcode is used, which may be abused by users with at least the contributor role to conduct Stored XSS attacks. The Starbox – the Author Box for Humans plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Twitter URL field in all versions up to, and including, 3.5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://wpscan.com/vulnerability/02796da0-218d-4cbb-98ca-49eeea83cac5 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2024-7714 – AI Assistant with ChatGPT by AYS <= 2.0.9 - Unauthenticated AJAX Calls
https://notcve.org/view.php?id=CVE-2024-7714
The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 lacks sufficient access controls allowing an unauthenticated user to disconnect the AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 from OpenAI, thereby disabling the AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0. Multiple actions are accessible: 'ays_chatgpt_disconnect', 'ays_chatgpt_connect', and 'ays_chatgpt_save_feedback' The AI ChatBot with ChatGPT and Content Generator by AYS plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions like 'ays_chatgpt_disconnect' hooked via an AJAX action ays_chatgpt_admin_ajax in versions up to, and including, 2.0.9. This makes it possible for unauthenticated attackers to to perform unauthorized actions like disconnecting the plugin. • https://wpscan.com/vulnerability/04447c76-a61b-4091-a510-c76fc8ca5664 • CWE-862: Missing Authorization •
CVE-2024-7713 – AI Chatbot with ChatGPT by AYS <= 2.0.9 - Unauthenticated OpenAI Key Disclosure
https://notcve.org/view.php?id=CVE-2024-7713
The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 discloses the Open AI API Key, allowing unauthenticated users to obtain it The AI ChatBot with ChatGPT and Content Generator by AYS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0.9 via the ays_chatgpt_admin_ajax AJAX action. This makes it possible for unauthenticated attackers to retrieve the OpenAI key connected to the site. • https://wpscan.com/vulnerability/061eab97-4a84-4738-a1e8-ef9a1261ff73 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2024-6517 – Contact Form 7 Math Captcha <= 2.0.1 - Reflected XSS
https://notcve.org/view.php?id=CVE-2024-6517
The Contact Form 7 Math Captcha WordPress plugin through 2.0.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users. The Contact Form 7 Math Captcha plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tagname' parameter in all versions up to, and including, 3.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. • https://wpscan.com/vulnerability/d04bab9c-7cb4-4d21-b70b-a4a7fabc3c20 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •