CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-2346 – FileBird – WordPress Media Library Folders & File Manager <= 5.6.3 - Authenticated (Author+) Insecure Direct Object Reference
https://notcve.org/view.php?id=CVE-2024-2346
The FileBird – WordPress Media Library Folders & File Manager plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.6.3 via folder deletion due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with author access or higher, to delete folders created by other users and make their file uploads visible. El complemento FileBird – WordPress Media Library Folders & File Manager para WordPress es vulnerable a la referencia directa de objetos inseguros en todas las versiones hasta la 5.6.3 incluida a través de la eliminación de carpetas debido a la falta de validación en una clave controlada por el usuario. Esto hace posible que atacantes autenticados, con acceso de autor o superior, eliminen carpetas creadas por otros usuarios y hagan visibles sus archivos cargados. The FileBird – WordPress Media Library Folders & File Manager plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.6.3 via folder deletion due to missing validation on a user controlled key. • https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3060898%40filebird%2Ftrunk&old=3049188%40filebird%2Ftrunk&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/82cde234-ae87-438f-911e-bdd0e3ac1132?source=cve • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-2513 – WP Chat App <= 3.6.2 - Authenticated(Contributor+) Stored Cross-Site Scripting via Block Image Attribute
https://notcve.org/view.php?id=CVE-2024-2513
The WP Chat App plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'imageAlt' block attribute in all versions up to, and including, 3.6.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. El complemento WP Chat App para WordPress es vulnerable a Cross-Site Scripting Almacenado a través del atributo de bloque 'imageAlt' en todas las versiones hasta la 3.6.2 incluida debido a una sanitización de entrada insuficiente y a un escape de salida en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten scripts web arbitrarios en páginas que se ejecutarán cada vez que un usuario acceda a una página inyectada. • https://plugins.trac.wordpress.org/changeset?old_path=/wp-whatsapp/tags/3.6.2&old=3061150&new_path=/wp-whatsapp/tags/3.6.3&new=3061150&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/3bba2901-55a7-4ef1-ab3c-1415aa99c729?source=cve • CWE-20: Improper Input Validation •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-1761 – WP Chat App <= 3.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Block Attributes
https://notcve.org/view.php?id=CVE-2024-1761
The WP Chat App plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widget/block in all versions up to, and including, 3.6.1 due to insufficient input sanitization and output escaping on user supplied attributes such as 'buttonColor' and 'phoneNumber'. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. El complemento WP Chat App para WordPress es vulnerable a las Cross-Site Scripting Almacenado a través del widget/bloque del complemento en todas las versiones hasta la 3.6.1 incluida debido a una sanitización de entrada insuficiente y a un escape de salida en atributos proporcionados por el usuario como 'buttonColor'. y 'número de teléfono'. Esto hace posible que atacantes autenticados con permisos de nivel de colaborador y superiores inyecten scripts web arbitrarios en páginas que se ejecutarán cada vez que un usuario acceda a una página inyectada. • https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3044368%40wp-whatsapp%2Ftrunk&old=3029885%40wp-whatsapp%2Ftrunk&sfp_email=&sfph_mail=#file4 https://www.wordfence.com/threat-intel/vulnerabilities/id/85a94f32-e1e5-48ea-822e-c54d0592da28?source=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0691 – FileBird <= 5.6.0 - Authenticated(Administrator+) Stored Cross-Site Scripting via Folder Import
https://notcve.org/view.php?id=CVE-2024-0691
The FileBird plugin for WordPress is vulnerable to Stored Cross-Site Scripting via imported folder titles in all versions up to, and including, 5.5.8.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. It may also be possible to socially engineer an administrator into uploading a malicious folder import. El complemento FileBird para WordPress es vulnerable a Cross-Site Scripting Almacenado a través de títulos de carpetas importados en todas las versiones hasta la 5.5.8.1 incluida, debido a una sanitización de entrada y un escape de salida insuficientes. Esto hace posible que atacantes autenticados, con acceso de administrador, inyecten scripts web arbitrarios en páginas que se ejecutarán cada vez que un usuario acceda a una página inyectada. • https://plugins.trac.wordpress.org/changeset/3023924/filebird https://www.wordfence.com/threat-intel/vulnerabilities/id/47f04985-dd9b-449f-8b4c-9811fe7e4a96?source=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-6592 – FastDup – Fastest WordPress Migration & Duplicator < 2.2 - Directory Listing to Account Takeover and Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2023-6592
The FastDup WordPress plugin before 2.2 does not prevent directory listing in sensitive directories containing export files. El complemento FastDup de WordPress anterior a 2.2 no impide el listado de directorios en directorios confidenciales que contienen archivos de exportación. The FastDup – Fastest WordPress Migration & Duplicator plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.1.9. This makes it possible for unauthenticated attackers to obtain exports that include sensitive information such as user password hashes. • https://research.cleantalk.org/cve-2023-6592-fastdup-database-users-password-leak-poc-exploit https://wpscan.com/vulnerability/a39bb807-b143-4863-88ff-1783e407d7d4 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •