CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2021-4370 – uListing <= 1.6.6 - Missing Authorization
https://notcve.org/view.php?id=CVE-2021-4370
28 Jan 2021 — The uListing plugin for WordPress is vulnerable to authorization bypass as most actions and endpoints are accessible to unauthenticated users, lack security nonces, and data is seldom validated. • https://blog.nintechnet.com/wordpress-ulisting-plugin-fixed-multiple-critical-vulnerabilities • CWE-862: Missing Authorization •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2021-4381 – uListing <= 1.6.6 - Unauthenticated Options Changes via wp_route
https://notcve.org/view.php?id=CVE-2021-4381
28 Jan 2021 — The uListing plugin for WordPress is vulnerable to authorization bypass via wp_route due to missing capability checks, and a missing security nonce, in the StmListingSingleLayout::import_new_layout method in versions up to, and including, 1.6.6. This makes it possible for unauthenticated attackers to change any WordPress option in the database. El plugin uListing para WordPress es vulnerable a la omisión de autorización a través de "wp_route" debido a la falta de comprobaciones de capac... • https://blog.nintechnet.com/wordpress-ulisting-plugin-fixed-multiple-critical-vulnerabilities • CWE-862: Missing Authorization •
CVSS: 10.0EPSS: 12%CPEs: 1EXPL: 1CVE-2021-3120 – YITH WooCommerce Gift Cards Premium <= 3.3.0 - Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2021-3120
27 Jan 2021 — An arbitrary file upload vulnerability in the YITH WooCommerce Gift Cards Premium plugin before 3.3.1 for WordPress allows remote attackers to achieve remote code execution on the operating system in the security context of the web server. ... Una vulnerabilidad de carga de archivos arbitraria en el plugin YITH WooCommerce Gift Cards Premium versiones anteriores a 3.3.1, para WordPress, permite a atacantes remotos lograr una ejecución de código remota en el sistema operativo en el contexto de ... • https://github.com/guy-liu/yith-giftdrop • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36727 – Newsletter Manager <= 1.5.1 - Insecure Deserialization
https://notcve.org/view.php?id=CVE-2020-36727
29 Dec 2020 — The Newsletter Manager plugin for WordPress is vulnerable to insecure deserialization in versions up to, and including, 1.5.1. • https://blog.nintechnet.com/insecure-deserialization-vulnerability-in-wordpress-newsletter-manager-plugin-unpatched • CWE-502: Deserialization of Untrusted Data •
CVSS: 10.0EPSS: 15%CPEs: 1EXPL: 6CVE-2020-35489 – Contact Form 7 <= 5.3.1 - Arbitrary File Upload via Bypass
https://notcve.org/view.php?id=CVE-2020-35489
17 Dec 2020 — The contact-form-7 (aka Contact Form 7) plugin before 5.3.2 for WordPress allows Unrestricted File Upload and remote code execution because a filename may contain special characters. El plugin contact-form-7 (también se conoce como Contact Form 7) versiones anteriores a 5.3.2 para WordPress, permite una Carga de Archivos Sin Restricciones y una ejecución de código remota porque un nombre de archivo puede contener caracteres especiales The Contact Form 7 plugin for WordPress is vulnerabl... • https://wordpress.org/plugins/contact-form-7/#developers • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36719 – ListingPro - WordPress Directory & Listing Theme < 2.6.1 - Arbitrary Plugin Installation, Activation and Deactivation
https://notcve.org/view.php?id=CVE-2020-36719
17 Dec 2020 — The ListingPro - WordPress Directory & Listing Theme for WordPress is vulnerable to Arbitrary Plugin Installation, Activation and Deactivation in versions before 2.6.1. • https://blog.nintechnet.com/wordpress-listingpro-theme-fixed-a-critical-vulnerability • CWE-862: Missing Authorization •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36726 – Ultimate Reviews < 2.1.33 - PHP Object Injection
https://notcve.org/view.php?id=CVE-2020-36726
10 Nov 2020 — The Ultimate Reviews plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.1.32 via deserialization of untrusted input in several vulnerable functions. • https://blog.nintechnet.com/wordpress-ultimate-reviews-plugin-fixed-insecure-deserialization-vulnerability • CWE-502: Deserialization of Untrusted Data •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 2CVE-2020-36157 – Ultimate Member <= 2.1.11 - Unauthenticated Privilege Escalation via User Roles
https://notcve.org/view.php?id=CVE-2020-36157
09 Nov 2020 — An issue was discovered in the Ultimate Member plugin before 2.1.12 for WordPress, aka Unauthenticated Privilege Escalation via User Roles. Due to the lack of filtering on the role parameter that could be supplied during the registration process, an attacker could supply the role parameter with a WordPress capability (or any custom Ultimate Member role) and effectively be granted those privileges. Se detectó un problema en el plugin Ultimate Member versiones anteriores a 2.1.12 para WordPre... • https://wordpress.org/plugins/ultimate-member/#developers • CWE-269: Improper Privilege Management •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 2CVE-2020-36155 – Ultimate Member <= 2.1.11 - Unauthenticated Privilege Escalation via User Meta
https://notcve.org/view.php?id=CVE-2020-36155
09 Nov 2020 — An issue was discovered in the Ultimate Member plugin before 2.1.12 for WordPress, aka Unauthenticated Privilege Escalation via User Meta. ... Se detectó un problema en el plugin Ultimate Member versiones anteriores a 2.1.12 para WordPress, también se conoce como una Escalada de Privilegios No Autenticada por medio de User Meta. • https://wordpress.org/plugins/ultimate-member/#developers • CWE-269: Improper Privilege Management •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 1CVE-2020-36718 – GDPR CCPA Compliance Support <= 2.3 - PHP Object Injection
https://notcve.org/view.php?id=CVE-2020-36718
03 Nov 2020 — The GDPR CCPA Compliance Support plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.3 via deserialization of untrusted input "njt_gdpr_allow_permissions" value. • https://wordpress.org/plugins/ninja-gdpr-compliance/#developers • CWE-502: Deserialization of Untrusted Data •