CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0386 – weForms <= 1.6.21 - Unauthenticated Stored Cross-Site Scripting via Referer
https://notcve.org/view.php?id=CVE-2024-0386
The weForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Referer' HTTP header in all versions up to, and including, 1.6.21 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. El complemento weForms para WordPress es vulnerable a Cross-Site Scripting Almacenado a través del encabezado HTTP 'Referer' en todas las versiones hasta la 1.6.21 incluida debido a una sanitización de entrada y un escape de salida insuficientes. Esto hace posible que atacantes no autenticados inyecten scripts web arbitrarios en páginas que se ejecutarán cada vez que un usuario acceda a una página inyectada. • https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3047406%40weforms&new=3047406%40weforms&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/f436ab65-a59c-4b2a-abc8-a7fc038678dd?source=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24869 – WordPress Total Upkeep plugin <= 1.15.8 - Arbitrary File Download vulnerability
https://notcve.org/view.php?id=CVE-2024-24869
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in BoldGrid Total Upkeep allows Relative Path Traversal.This issue affects Total Upkeep: from n/a through 1.15.8. La limitación incorrecta de un nombre de ruta a una vulnerabilidad de directorio restringido ("Path Traversal") en BoldGrid Total Upkeep permite el path traversal relativo. Este problema afecta a Total Upkeep: desde n/a hasta 1.15.8. The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to unauthorized access of data due to an improper authorization check in all versions up to, and including, 1.15.8. This makes it possible for unauthenticated attackers to download arbitrary files using the plugin's CLI functionality. • https://patchstack.com/database/vulnerability/boldgrid-backup/wordpress-total-upkeep-plugin-1-15-8-arbitrary-file-download-vulnerability?_s_id=cve • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-285: Improper Authorization •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25480 – WordPress Post and Page Builder by BoldGrid – Visual Drag and Drop Editor Plugin <= 1.24.1 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-25480
Cross-Site Request Forgery (CSRF) vulnerability in BoldGrid Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin <= 1.24.1 versions. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en BoldGrid Post y Page Builder por BoldGrid – complemento Visual Drag and Drop Editor en versiones <= 1.24.1. The Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.24.1. This is due to missing or incorrect nonce validation on the submitDefaultEditor function. This makes it possible for unauthenticated attackers to change the plugin's preferred editor settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. • https://patchstack.com/database/vulnerability/post-and-page-builder/wordpress-post-and-page-builder-by-boldgrid-plugin-1-24-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-4932 – Total Upkeep <= 1.14.13 - Missing Authorization to Authenticated (Subscriber+) Information Disclosure
https://notcve.org/view.php?id=CVE-2022-4932
The Total Upkeep plugin for WordPress is vulnerable to information disclosure in versions up to, and including 1.14.13. This is due to missing authorization on the heartbeat_received() function that triggers on WordPress heartbeat. This makes it possible for authenticated attackers, with subscriber-level permissions and above to retrieve back-up paths that can subsequently be used to download the back-up. • https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2684462%40boldgrid-backup&new=2684462%40boldgrid-backup&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/0e346146-1c00-4e03-a6c7-372566d7ffc9 • CWE-862: Missing Authorization •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24436 – W3 Total Cache < 2.1.4 - Reflected XSS in Extensions Page (Attribute Context)
https://notcve.org/view.php?id=CVE-2021-24436
The W3 Total Cache WordPress plugin before 2.1.4 was vulnerable to a reflected Cross-Site Scripting (XSS) security vulnerability within the "extension" parameter in the Extensions dashboard, which is output in an attribute without being escaped first. This could allow an attacker, who can convince an authenticated admin into clicking a link, to run malicious JavaScript within the user's web browser, which could lead to full site compromise. El plugin W3 Total Cache WordPress versiones anteriores a 2.1.4, era susceptible a una vulnerabilidad de seguridad de tipo Cross-Site Scripting (XSS) reflejado en el parámetro "extension" en el panel de control Extensions que se emite en un atributo sin ser escapado primero. Esto podría permitir a un atacante, que puede convencer a un administrador autenticado para que haga clic en un enlace, ejecutar JavaScript malicioso dentro del navegador web del usuario, lo que podría conllevar a un compromiso total del sitio • https://wpscan.com/vulnerability/05988ebb-7378-4a3a-9d2d-30f8f58fe9ef • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •