CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38513 – WordPress Photo Engine Plugin <= 6.2.5 is vulnerable to Insecure Direct Object References (IDOR)
https://notcve.org/view.php?id=CVE-2023-38513
Authorization Bypass Through User-Controlled Key vulnerability in Jordy Meow Photo Engine (Media Organizer & Lightroom).This issue affects Photo Engine (Media Organizer & Lightroom): from n/a through 6.2.5. Vulnerabilidad de omisión de autorización a través de clave controlada por el usuario en Jordy Meow Photo Engine (Media Organizer & Lightroom). Este problema afecta a Photo Engine (Media Organizer & Lightroom): desde n/a hasta 6.2.5. The Photo Engine plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 6.2.5. This is due to missing validation on a user controlled key within the ajax_generate_auth_token function. • https://patchstack.com/database/vulnerability/wplr-sync/wordpress-photo-engine-plugin-6-2-5-insecure-direct-object-references-idor?_s_id=cve • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2580 – AI-Engine < 1.6.83 - Admin+ Stored XSS
https://notcve.org/view.php?id=CVE-2023-2580
The AI Engine WordPress plugin before 1.6.83 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example, in multisite setup). The AI Engine: ChatGPT Chatbot, Content Generator, GPT 3 & 4, Ultra-Customizable plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's settings in versions up to, and including, 1.6.82 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. • https://wpscan.com/vulnerability/7ee1efb1-9969-40b2-8ab2-ea427091bbd8 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24465 – Meow Gallery < 4.1.9 - Contributor+ SQL Injection
https://notcve.org/view.php?id=CVE-2021-24465
The Meow Gallery WordPress plugin before 4.1.9 does not sanitise, validate or escape the ids attribute of its gallery shortcode (available for users as low as Contributor) before using it in an SQL statement, leading to an authenticated SQL Injection issue. The injection also allows the returned values to be manipulated in a way that could lead to data disclosure and arbitrary objects to be deserialized. El plugin Meow Gallery de WordPress versiones anteriores a 4.1.9, no sanea, ni comprueba, ni escapa del atributo ids de su shortcode gallery (disponible para usuarios desde Contributor) antes de usarlo en una sentencia SQL, conllevando a un problema de inyección SQL autenticada. La inyección también permite manipular los valores devueltos de una manera que podría conllevar la divulgación de datos y la deserialización de objetos arbitrarios • https://wpscan.com/vulnerability/08dbe202-0136-4502-87e7-5e984dc27b16 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2021-34652 – Media Usage <= 0.0.4 Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2021-34652
The Media Usage WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the id parameter in the ~/mmu_admin.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.0.4. El plugin Media Usage de WordPress, es vulnerable a un ataque de tipo Cross-Site Scripting Reflejado por medio del parámetro id en el archivo ~/mmu_admin.php que permite a atacantes inyectar scripts web arbitrario, en versiones hasta 0.0.4 incluyéndola. • https://plugins.trac.wordpress.org/browser/media-usage/trunk/mmu_admin.php#L91 https://www.wordfence.com/vulnerability-advisories/#CVE-2021-34652 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-36850 – WordPress Media File Renamer – Auto & Manual Rename plugin <= 5.1.9 - Cross-Site Request Forgery (CSRF) vulnerability
https://notcve.org/view.php?id=CVE-2021-36850
Cross-Site Request Forgery (CSRF) vulnerability in WordPress Media File Renamer – Auto & Manual Rename plugin (versions <= 5.1.9). Affected parameters "post_title", "filename", "lock". This allows changing the uploaded media title, media file name, and media locking state. Una vulnerabilidad de tipo Cross-Site Request Forgery (CSRF) en el plugin Media File Renamer - Auto & Manual Rename de WordPress (versiones versions anteriores a 5.1.9 incluyéndola). Parámetros afectados "post_title", "filename", "lock". • https://patchstack.com/database/vulnerability/media-file-renamer/wordpress-media-file-renamer-plugin-5-1-9-multiple-cross-site-request-forgery-csrf-vulnerabilities https://wordpress.org/plugins/media-file-renamer/#developers • CWE-352: Cross-Site Request Forgery (CSRF) •