Page 102 of 531 results (0.007 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

CVE-2023-7165 – JetBackup < 2.0.9.9 - Directory Listing Exposing Backups

https://notcve.org/view.php?id=CVE-2023-7165

The JetBackup WordPress plugin before 2.0.9.9 doesn't use index files to prevent public directory listing of sensitive directories in certain configurations, which allows malicious actors to leak backup files. El complemento JetBackup de WordPress anterior a 2.0.9.9 no utiliza archivos de índice para evitar la lista pública de directorios confidenciales en ciertas configuraciones, lo que permite a actores malintencionados filtrar archivos de respaldo. The JetBackup – WP Backup, Migrate & Restore plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0.9.7 via directory listing. This makes it possible for unauthenticated attackers to obtain backups of the database as well as other sensitive data. • https://wpscan.com/vulnerability/ad1ef4c5-60c1-4729-81dd-f626aa0ce3fe • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

CVE-2023-7167 – Persian Fonts <= 1.6 - Admin+ Stored XSS

https://notcve.org/view.php?id=CVE-2023-7167

The Persian Fonts WordPress plugin through 1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). El complemento Persian Fonts de WordPress hasta la versión 1.6 no sanitiza ni escapa a algunas de sus configuraciones, lo que podría permitir a usuarios con privilegios elevados, como el administrador, realizar ataques de Cross-Site Scripting Almacenado incluso cuando la capacidad unfiltered_html no está permitida (por ejemplo, en una configuración multisitio). The Persian Fonts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. • https://wpscan.com/vulnerability/6a2eb871-6b6e-4dbb-99f0-dd74d6c61e83 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

CVE-2023-7202 – Fatal Error Notify < 1.5.3 - Subscriber+ Test Error Email Sending

https://notcve.org/view.php?id=CVE-2023-7202

The Fatal Error Notify WordPress plugin before 1.5.3 does not have authorisation and CSRF checks in its test_error AJAX action, allowing any authenticated users, such as subscriber to call it and spam the admin email address with error messages. The issue is also exploitable via CSRF El complemento Fatal Error Notify de WordPress anterior a 1.5.3 no tiene autorización y CSRF verifica su acción test_error AJAX, lo que permite a cualquier usuario autenticado, como un suscriptor, llamarlo y enviar spam a la dirección de correo electrónico del administrador con mensajes de error. El problema también se puede explotar a través de CSRF. The Fatal Error Notify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the test_error AJAX action in all versions up to, and including, 1.5.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to send test error emails to the administrator email address without restriction. • https://research.cleantalk.org/cve-2023-7202-fatal-error-notify-error-email-sending-csrf https://wpscan.com/vulnerability/d923ba5b-1c20-40ee-ac69-cd0bb65b375a • CWE-352: Cross-Site Request Forgery (CSRF) CWE-862: Missing Authorization •

CVSS: 6.6EPSS: 0%CPEs: 1EXPL: 1

CVE-2023-6591 – Popup Box Pro < 20.9.0 - Admin+ Stored XSS

https://notcve.org/view.php?id=CVE-2023-6591

The Popup Box WordPress plugin before 20.9.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed El complemento Popup Box de WordPress anterior a 20.9.0 no sanitiza ni escapa a algunas de sus configuraciones, lo que podría permitir a usuarios con altos privilegios, como el administrador, realizar ataques de Cross-Site Scripting incluso cuando unfiltered_html no está permitido. The Popup Box Business and Developer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions 20.0.0 to 20.9.0 (Developer) and versions 7.0.0 to 7.9.0 (Business) due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. Please note this affects the premium version of the plugin despite the shared slug. • https://wpscan.com/vulnerability/f296de1c-b70b-4829-aba7-4afa24f64c51 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 1

CVE-2023-7233 – GigPress <= 2.3.29 - Admin+ Stored Cross Site Scripting

https://notcve.org/view.php?id=CVE-2023-7233

The GigPress WordPress plugin through 2.3.29 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) El complemento GigPress de WordPress hasta la versión 2.3.29 no sanitiza ni escapa a algunas de sus configuraciones, lo que podría permitir a usuarios con privilegios elevados, como el administrador, realizar ataques de Cross-Site Scripting Almacenado incluso cuando la capacidad unfiltered_html no está permitida (por ejemplo, en una configuración multisitio). The GigPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.3.29 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. • https://wpscan.com/vulnerability/585cb2f2-7adc-431f-89d4-4e947f16af18 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •