CVE-2023-30488 – Featured Post Creative <= 1.2.7 - Missing Authorization via wpfp_update_featured_post
https://notcve.org/view.php?id=CVE-2023-30488
The Featured Post Creative plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpfp_update_featured_post function called via a nopriv AJAX action in versions up to, and including, 1.2.7. This makes it possible for unauthenticated attackers to change what post is featured. • CWE-862: Missing Authorization •
CVE-2022-1562 – Enable SVG < 1.4.0 - Author+ Stored Cross Site Scripting via SVG
https://notcve.org/view.php?id=CVE-2022-1562
The Enable SVG WordPress plugin before 1.4.0 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads El plugin Enable SVG de WordPress versiones anteriores a 1.4.0 no sanea los archivos SVG subidos, lo que podría permitir a usuarios con un rol tan bajo como el de Autor subir un SVG malicioso que contenga cargas útiles de tipo XSS • https://wpscan.com/vulnerability/8e5b1e4f-c132-42ee-b2d0-7306ab4ab615 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-38546
https://notcve.org/view.php?id=CVE-2021-38546
CREATIVE Pebble devices through 2021-08-09 allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attack. The power indicator LED of the speakers is connected directly to the power line, as a result, the intensity of a device's power indicator LED is correlative to the power consumption. The sound played by the speakers affects their power consumption and as a result is also correlative to the light intensity of the LEDs. By analyzing measurements obtained from an electro-optical sensor directed at the power indicator LEDs of the speakers, we can recover the sound played by them. Los dispositivos CREATIVE Pebble hasta 09-08-2021, permiten a atacantes remotos recuperar las señales de voz de un LED del dispositivo, por medio de un telescopio y un sensor electro-óptico, también se conoce como un ataque "Glowworm". • https://www.nassiben.com/glowworm-attack •
CVE-2020-9364 – Creative Contact Form 4.6.2 Directory Traversal
https://notcve.org/view.php?id=CVE-2020-9364
An issue was discovered in helpers/mailer.php in the Creative Contact Form extension 4.6.2 before 2019-12-03 for Joomla!. A directory traversal vulnerability resides in the filename field for uploaded attachments via the creativecontactform_upload parameter. An attacker could exploit this vulnerability with the "Send me a copy" option to receive any files of the filesystem via email. Se detectó un problema en el archivo helpers/mailer.php en la extension Creative Contact Form versiones anteriores a 4.6.2 hasta el 2019-12-03 para Joomla!. Una vulnerabilidad de salto de directorio reside en el campo filename para los archivos adjuntos cargados por medio del parámetro creativecontactform_upload. • http://packetstormsecurity.com/files/156655/Creative-Contact-Form-4.6.2-Directory-Traversal.html http://seclists.org/fulldisclosure/2020/Mar/13 https://extensions.joomla.org/extension/creative-contact-form https://www.ait.ac.at/themen/cyber-security/pentesting/security-advisories/ait-sa-20200301-01 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2015-6965 – Contact Form Generator : Creative form builder for WordPress <= 2.1.86 - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2015-6965
Multiple cross-site request forgery (CSRF) vulnerabilities in the Contact Form Generator plugin 2.0.1 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) create a field, (2) update a field, (3) delete a field, (4) create a form, (5) update a form, (6) delete a form, (7) create a template, (8) update a template, (9) delete a template, or (10) conduct cross-site scripting (XSS) attacks via a crafted request to the cfg_forms page in wp-admin/admin.php. Múltiples vulnerabilidades de CSRF en el plugin Contact Form Generator 2.0.1 y versiones anteriores para WordPress, permite a atacantes remotos secuestrar la autenticación de los administradores para peticiones que (1) crean un campo, (2) actualizan un campo, (3) borran un campo, (4) crean un formulario, (5) actualizan un formulario, (6) borran un formulario, (7) crean una plantilla, (8) actualizan una plantilla, (9) eliminan una plantilla o (10) realizan ataques de XSS a través de una petición manipulada a la página cfg_forms en wp-admin/admin.php. The Contact Form Generator : Creative form builder for WordPress for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1.86. This is due to missing or incorrect nonce validation on cfg_forms page. This makes it possible for unauthenticated attackers to modify and create contact form fields, create and delete forms, create and modify templates, and inject Cross-Site Scripting payloads via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. • https://www.exploit-db.com/exploits/38086 http://packetstormsecurity.com/files/133463/WordPress-Contact-Form-Generator-2.0.1-CSRF.html https://wpvulndb.com/vulnerabilities/8176 • CWE-352: Cross-Site Request Forgery (CSRF) •