CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-46841 – WordPress Oxygen Builder Plugin < 4.4 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2022-46841
Cross-Site Request Forgery (CSRF) vulnerability in Soflyy Oxygen Builder plugin <= 4.4 versions. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Soflyy Oxygen Builder en versiones <= 4.4. The Oxygen plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to 4.4. This is due to missing or incorrect nonce validation. This makes it possible for unauthenticated attackers to perform unauthorized actions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. • https://patchstack.com/database/vulnerability/oxygen/wordpress-oxygen-builder-plugin-4-6-2-cross-site-request-forgery-csrf?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2022-2711 – WP All Import < 3.6.9 - Admin+ Directory traversal via file upload
https://notcve.org/view.php?id=CVE-2022-2711
The Import any XML or CSV File to WordPress plugin before 3.6.9 is not validating the paths of files contained in uploaded zip archives, allowing highly privileged users, such as admins, to write arbitrary files to any part of the file system accessible by the web server via a path traversal vector. El complemento Importar cualquier archivo XML o CSV a WordPress anterior a 3.6.9 no valida las rutas de los archivos contenidos en los archivos zip cargados, lo que permite a usuarios con privilegios elevados, como administradores, escribir archivos arbitrarios en cualquier parte del sistema de archivos al que pueda acceder el servidor web a través de un vector de path traversal. The Import any XML or CSV File to WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file path validation in uploaded zip archives in versions up to, and including, 3.6.8. This makes it possible for authenticated attackers, with administrator-level permissions and above, to upload arbitrary files on the affected sites server which may make remote code execution possible. • https://wpscan.com/vulnerability/11e73c23-ff5f-42e5-a4b0-0971652dcea1 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2022-3418 – WP All Import < 3.6.9 - Admin+ Arbitrary File Upload to RCE
https://notcve.org/view.php?id=CVE-2022-3418
The Import any XML or CSV File to WordPress plugin before 3.6.9 is not properly filtering which file extensions are allowed to be imported on the server, which could allow administrators in multi-site WordPress installations to upload arbitrary files El complemento Importar cualquier archivo XML o CSV a WordPress anterior a 3.6.9 no filtra correctamente qué extensiones de archivo se pueden importar en el servidor, lo que podría permitir a los administradores de instalaciones de WordPress en varios sitios cargar archivos arbitrarios. The Import any XML or CSV File to WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to improper file extension validation when uploading files in versions up to, and including, 3.6.8. This makes it possible for authenticated attackers, with administrator-level permissions and above, to upload arbitrary files on the affected sites server which may make remote code execution possible. • https://wpscan.com/vulnerability/ccbb74f5-1b8f-4ea6-96bc-ddf62af7f94d • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-3395 – WP All Export Pro < 1.7.9 - Authenticated SQLi
https://notcve.org/view.php?id=CVE-2022-3395
The WP All Export Pro WordPress plugin before 1.7.9 uses the contents of the cc_sql POST parameter directly as a database query, allowing users which has been given permission to run exports to execute arbitrary SQL statements, leading to a SQL Injection vulnerability. By default only users with the Administrator role can perform exports, but this can be delegated to lower privileged users as well. El plugin WP All Export Pro de WordPress versiones anteriores a 1.7.9, usa el contenido del parámetro POST cc_sql directamente como una consulta a la base de datos, permitiendo a usuarios con permiso para ejecutar exportaciones ejecutar sentencias SQL arbitrarias, conllevando a una vulnerabilidad de inyección SQL. Por defecto, sólo los usuarios con el rol de Administrador pueden llevar a cabo exportaciones, pero esto puede ser delegado a usuarios con menos privilegios también The WP ALL Export Pro plugin for WordPress is vulnerable to SQL Injection via the cc_sql parameter in versions up to, and including, 1.7.8. This allows low-level attackers (depending on whether they have been given permission to perform SQL queries) to to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. • https://wpscan.com/vulnerability/10742154-368a-40be-a67d-80ea848493a0 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-3394 – WP All Export Pro < 1.7.9 - Authenticated Code Injection
https://notcve.org/view.php?id=CVE-2022-3394
The WP All Export Pro WordPress plugin before 1.7.9 does not limit some functionality during exports only to users with the Administrator role, allowing any logged in user which has been given privileges to perform exports to execute arbitrary code on the site. By default only administrators can run exports, but the privilege can be delegated to lower privileged users. El plugin WP All Export Pro de WordPress versiones anteriores a 1.7.9, no limita algunas funcionalidades durante las exportaciones sólo a usuarios con el rol de Administrador, permitiendo a cualquier usuario conectado al que le hayan dado privilegios para llevar a cabo exportaciones ejecutar código arbitrario en el sitio. Por defecto, sólo los administradores pueden ejecutar exportaciones, pero el privilegio puede ser delegado a usuarios con menos privilegios The WP ALL Export Pro plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 1.7.8. This allows low-level attackers (depending on whether they have been given permission to perform exports) to execute code on the server. • https://wpscan.com/vulnerability/3266eb59-a8b2-4a5a-ab48-01a9af631b2c • CWE-94: Improper Control of Generation of Code ('Code Injection') •