CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4787 – Cost Calculator Builder PRO <= 3.1.75 - Unauthenticated Arbitrary Email Sending
https://notcve.org/view.php?id=CVE-2024-4787
18 Jun 2024 — The Cost Calculator Builder PRO for WordPress is vulnerable to arbitrary email sending vulnerability in versions up to, and including, 3.1.75. This is due to insufficient limitations on the email recipient and the content in the 'send_pdf' and the 'send_pdf_front' functions which are reachable via AJAX. This makes it possible for unauthenticated attackers to send emails with any content to any recipient. Cost Calculator Builder PRO para WordPress es vulnerable a una vulnerabilidad de envío de correo electró... • https://docs.stylemixthemes.com/cost-calculator-builder/changelog-1/changelog-pro-version • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35677 – WordPress MegaMenu plugin <= 2.3.12 - Unauthenticated Local File Inclusion vulnerability
https://notcve.org/view.php?id=CVE-2024-35677
05 Jun 2024 — Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in StylemixThemes MegaMenu allows PHP Local File Inclusion.This issue affects MegaMenu: from n/a through 2.3.12. La limitación inadecuada de un nombre de ruta a una vulnerabilidad de directorio restringido ("Path Traversal") en StylemixThemes MegaMenu permite la inclusión de archivos locales PHP. Este problema afecta a MegaMenu: desde n/a hasta 2.3.12. The stm-megamenu plugin for WordPress is vulnerable to Local Fil... • https://patchstack.com/database/vulnerability/stm-megamenu/wordpress-megamenu-plugin-2-3-12-unauthenticated-local-file-inclusion-vulnerability?_s_id=cve • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4789 – Cost Calculator Builder Pro <= 3.1.72 - Authenticated (Subscriber+) Server-Side Request Forgery
https://notcve.org/view.php?id=CVE-2024-4789
16 May 2024 — Cost Calculator Builder Pro plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to 3.1.72, via the send_demo_webhook() function. This makes it possible for authenticated attackers, with subscriber-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. El complemento Cost Calculator Builder Pro para WordPress es vulnerable a Server-Side Request Forgery en ... • https://stylemixthemes.com/cost-calculator-plugin • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 7.2EPSS: 1%CPEs: 1EXPL: 0CVE-2024-4097 – Cost Calculator Builder Pro <= 3.1.67 - Unauthenticated Cross-Site Scripting via SVG Upload
https://notcve.org/view.php?id=CVE-2024-4097
30 Apr 2024 — The Cost Calculator Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the SVG upload feature in all versions up to, and including, 3.1.67 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. El complemento Cost Calculator Builder para WordPress es vulnerable a Cross-Site Scripting Almacenado a través de la función de car... • https://docs.stylemixthemes.com/cost-calculator-builder/changelog-1/changelog-pro-version • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50852 – WordPress BookIt Plugin <= 2.4.3 is vulnerable to SQL Injection
https://notcve.org/view.php?id=CVE-2023-50852
21 Dec 2023 — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in StylemixThemes Booking Calendar | Appointment Booking | BookIt.This issue affects Booking Calendar | Appointment Booking | BookIt: from n/a through 2.4.3. Neutralización incorrecta de elementos especiales utilizados en una vulnerabilidad de comando SQL ('inyección SQL') en StylemixThemes Booking Calendar | Appointment Booking | BookIt. Este problema afecta a Booking Calendar | Appointment Booking | BookIt: ... • https://patchstack.com/database/vulnerability/bookit/wordpress-bookit-plugin-2-4-3-sql-injection-vulnerability?_s_id=cve • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-46207 – WordPress Motors – Car Dealer & Classified Ads Plugin <= 1.4.6 is vulnerable to Server Side Request Forgery (SSRF)
https://notcve.org/view.php?id=CVE-2023-46207
19 Oct 2023 — Server-Side Request Forgery (SSRF) vulnerability in StylemixThemes Motors – Car Dealer, Classifieds & Listing.This issue affects Motors – Car Dealer, Classifieds & Listing: from n/a through 1.4.6. Vulnerabilidad de Server-Side Request Forgery (SSRF) en StylemixThemes Motors – Car Dealer, Classifieds & Listing. Este problema afecta a Motors – Car Dealer, Classifieds & Listing: desde n/a hasta 1.4.6. The Motors – Car Dealer, Classifieds & Listing plugin for WordPress is vulnerable to Server-Side Reque... • https://patchstack.com/database/vulnerability/motors-car-dealership-classified-listings/wordpress-motors-car-dealer-classifieds-listing-plugin-1-4-6-server-side-request-forgery-ssrf-vulnerability?_s_id=cve • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-46208 – WordPress Motors – Car Dealer & Classified Ads Plugin <= 1.4.6 is vulnerable to Cross Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2023-46208
19 Oct 2023 — Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in StylemixThemes Motors – Car Dealer, Classifieds & Listing plugin <= 1.4.6 versions. Vulnerabilidad de Cross-Site Scripting (XSS) Reflejado no autenticado en el complemento StylemixThemes Motors de Car Dealer, Classifieds & Listing en versiones <= 1.4.6. The Motors – Car Dealer & Classified Ads plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via an unknown parameter in versions up to, and including, 1.4.6 due to insuffi... • https://patchstack.com/database/vulnerability/motors-car-dealership-classified-listings/wordpress-motors-car-dealer-classifieds-listing-plugin-1-4-6-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 15%CPEs: 1EXPL: 4CVE-2023-4278 – MasterStudy LMS < 3.0.18 - Unauthenticated Instructor Account Creation
https://notcve.org/view.php?id=CVE-2023-4278
21 Aug 2023 — The MasterStudy LMS WordPress Plugin WordPress plugin before 3.0.18 does not have proper checks in place during registration allowing anyone to register on the site as an instructor. They can then add courses and/or posts. El complemento de WordPress MasterStudy LMS WordPress anterior a 3.0.18 no cuenta con controles adecuados durante el registro, lo que permite que cualquiera se registre en el sitio como instructor. Luego pueden agregar cursos y/o publicaciones. The MasterStudy LMS plugin for WordPress is ... • https://packetstorm.news/files/id/175007 • CWE-269: Improper Privilege Management •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 3CVE-2023-2834 – BookIt <= 2.3.7 - Authentication Bypass
https://notcve.org/view.php?id=CVE-2023-2834
20 Jun 2023 — The BookIt plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.3.7. This is due to insufficient verification on the user being supplied during booking an appointment through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email. WordPress BookIt plugin versions 2.3.7 and below suffer from an authentication bypass vulnerability. • https://packetstorm.news/files/id/173041 • CWE-288: Authentication Bypass Using an Alternate Path or Channel CWE-306: Missing Authentication for Critical Function •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-35090 – WordPress MasterStudy LMS Plugin <= 3.0.8 is vulnerable to Cross Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2023-35090
15 Jun 2023 — Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in StylemixThemes MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin <= 3.0.7 versions. The MasterStudy LMS plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 3.0.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will e... • https://patchstack.com/database/vulnerability/masterstudy-lms-learning-management-system/wordpress-masterstudy-lms-plugin-3-0-7-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •