CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2024-1316 – Event Tickets and Registration < 5.8.1 - Contributor+ Arbitrary Events Access
https://notcve.org/view.php?id=CVE-2024-1316
The Event Tickets and Registration WordPress plugin before 5.8.1, Events Tickets Plus WordPress plugin before 5.9.1 does not prevent users with at least the contributor role from leaking the existence of certain events they shouldn't have access to. (e.g. draft, private, pending review, pw-protected, and trashed events). El complemento Event Tickets and Registration de WordPress anterior a 5.8.1, el complemento Events Tickets Plus de WordPress anterior a 5.9.1 no impide que los usuarios con al menos el rol de colaborador filtren la existencia de ciertos eventos a los que no deberían tener acceso. (por ejemplo, eventos borrador, privados, pendientes de revisión, protegidos por contraseña y eliminados). The Event Tickets and Registration plugin for WordPress is vulnerable to Information Exposure in all versions up to 5.8.0 (free) & 5.9.1 (premium). • https://wpscan.com/vulnerability/d80dfe2f-207d-4cdf-8c71-27936c6318e5 • CWE-862: Missing Authorization •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2024-1106 – Shariff Wrapper < 4.6.10 - Admin+ Stored XSS
https://notcve.org/view.php?id=CVE-2024-1106
The Shariff Wrapper WordPress plugin before 4.6.10 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) El complemento Shariff Wrapper de WordPress anterior a 4.6.10 no sanitiza ni escapa a algunas de sus configuraciones, lo que podría permitir a usuarios con privilegios elevados, como el administrador, realizar ataques de Cross-Site Scripting Almacenado incluso cuando la capacidad unfiltered_html no está permitida (por ejemplo, en una configuración multisitio). The Shariff Wrapper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 4.6.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. • https://wpscan.com/vulnerability/0672f8af-33e2-459c-ac8a-7351247a8a26 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-7203 – Smart Forms < 2.6.87 - Subscriber+ Arbitrary Entry Deletion
https://notcve.org/view.php?id=CVE-2023-7203
The Smart Forms WordPress plugin before 2.6.87 does not have authorisation in various AJAX actions, which could allow users with a role as low as subscriber to call them and perform unauthorised actions such as deleting entries. The plugin also lacks CSRF checks in some places which could allow attackers to make logged in users perform unwanted actions via CSRF attacks such as deleting entries. El complemento Smart Forms de WordPress anterior a 2.6.87 no tiene autorización en varias acciones AJAX, lo que podría permitir a usuarios con un rol tan bajo como suscriptor llamarlos y realizar acciones no autorizadas, como eliminar entradas. El complemento también carece de comprobaciones CSRF en algunos lugares, lo que podría permitir a los atacantes hacer que los usuarios que han iniciado sesión realicen acciones no deseadas a través de ataques CSRF, como eliminar entradas. The Smart Forms – when you need more than just a contact form plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the rednao_smart_form_delete_entries() AJAX action in all versions up to, and including, 2.6.86. • https://wpscan.com/vulnerability/b514b631-c3e3-4793-ab5d-35ed0c38b011 • CWE-352: Cross-Site Request Forgery (CSRF) CWE-862: Missing Authorization •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-7165 – JetBackup < 2.0.9.9 - Directory Listing Exposing Backups
https://notcve.org/view.php?id=CVE-2023-7165
The JetBackup WordPress plugin before 2.0.9.9 doesn't use index files to prevent public directory listing of sensitive directories in certain configurations, which allows malicious actors to leak backup files. El complemento JetBackup de WordPress anterior a 2.0.9.9 no utiliza archivos de índice para evitar la lista pública de directorios confidenciales en ciertas configuraciones, lo que permite a actores malintencionados filtrar archivos de respaldo. The JetBackup – WP Backup, Migrate & Restore plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0.9.7 via directory listing. This makes it possible for unauthenticated attackers to obtain backups of the database as well as other sensitive data. • https://wpscan.com/vulnerability/ad1ef4c5-60c1-4729-81dd-f626aa0ce3fe • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-7167 – Persian Fonts <= 1.6 - Admin+ Stored XSS
https://notcve.org/view.php?id=CVE-2023-7167
The Persian Fonts WordPress plugin through 1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). El complemento Persian Fonts de WordPress hasta la versión 1.6 no sanitiza ni escapa a algunas de sus configuraciones, lo que podría permitir a usuarios con privilegios elevados, como el administrador, realizar ataques de Cross-Site Scripting Almacenado incluso cuando la capacidad unfiltered_html no está permitida (por ejemplo, en una configuración multisitio). The Persian Fonts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. • https://wpscan.com/vulnerability/6a2eb871-6b6e-4dbb-99f0-dd74d6c61e83 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •