NotCVE - vendor:"Wpeverest"

Page 2 of 17 results (0.004 seconds)

CVSS: 9.0EPSS: 2%CPEs: 1EXPL: 0

CVE-2023-3343 – User Registration <= 3.0.1 - Authenticated (Subscriber+) PHP Object Injection

https://notcve.org/view.php?id=CVE-2023-3343

29 Jun 2023 — The User Registration plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 3.0.1 via deserialization of untrusted input from the 'profile-pic-url' parameter. This allows authenticated attackers, with subscriber-level permissions and above, to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve se... • https://plugins.trac.wordpress.org/browser/user-registration/tags/3.0.1/includes/functions-ur-core.php#L3156 • CWE-502: Deserialization of Untrusted Data •

CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-23987 – WordPress User Registration Plugin <= 2.3.0 is vulnerable to Cross Site Scripting (XSS)

https://notcve.org/view.php?id=CVE-2023-23987

20 Jan 2023 — Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPEverest User Registration plugin <= 2.3.0 versions. The User Registration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via field settings in versions up to, and including, 2.3.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrative-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses ... • https://patchstack.com/database/vulnerability/user-registration/wordpress-user-registration-custom-registration-form-login-form-and-user-profile-for-wordpress-plugin-2-3-0-cross-site-scripting-xss?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

CVE-2022-3912 – User Registration < 2.2.4.1 - Subscriber+ Arbitrary File Upload

https://notcve.org/view.php?id=CVE-2022-3912

21 Nov 2022 — The User Registration WordPress plugin before 2.2.4.1 does not properly restrict the files to be uploaded via an AJAX action available to both unauthenticated and authenticated users, which could allow unauthenticated users to upload PHP files for example. El complemento User Registration de WordPress anterior a 2.2.4.1 no restringe adecuadamente los archivos que se cargarán mediante una acción AJAX disponible para usuarios autenticados y no autenticados, lo que podría permitir a los usuarios no autenticado... • https://wpscan.com/vulnerability/968c677c-1beb-459b-8fd1-7f70bcaa4f74 • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

CVE-2021-24907 – Everest Forms < 1.8.0 - Reflected Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2021-24907

22 Nov 2021 — The Contact Form, Drag and Drop Form Builder for WordPress plugin before 1.8.0 does not escape the status parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting issue El plugin Contact Form, Drag and Drop Form Builder para WordPress versiones anteriores a 1.8.0, no escapa del parámetro status antes de devolverlo en un atributo, conllevando a un problema de tipo Cross-Site Scripting Reflejado • https://wpscan.com/vulnerability/56dae1ae-d5d2-45d3-8991-db69cc47ddb7 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.9EPSS: 1%CPEs: 1EXPL: 1

CVE-2021-24689 – Contact Forms - Drag & Drop Contact Form Builder <= 1.0.5 - Admin+ Arbitrary System File Read

https://notcve.org/view.php?id=CVE-2021-24689

27 Sep 2021 — The Contact Forms - Drag & Drop Contact Form Builder WordPress plugin through 1.0.5 allows high privilege users to download arbitrary files from the web server via a path traversal attack El plugin Contact Forms - Drag & Drop Contact Form Builder de WordPress versiones hasta 1.0.5, permite a usuarios con altos privilegios descargar archivos arbitrarios del servidor web por medio de un ataque de salto de ruta. • https://wpscan.com/vulnerability/31824250-e0d4-4285-97fa-9880b363e075 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1

CVE-2021-24654 – User Registration < 2.0.2 - Low Privilege Stored Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2021-24654

06 Sep 2021 — The User Registration WordPress plugin before 2.0.2 does not properly sanitise the user_registration_profile_pic_url value when submitted directly via the user_registration_update_profile_details AJAX action. This could allow any authenticated user, such as subscriber, to perform Stored Cross-Site attacks when their profile is viewed El plugin User Registration de WordPress versiones anteriores a 2.0.2 no sanea correctamente el valor user_registration_profile_pic_url cuando se envía directamente por medio d... • https://wpscan.com/vulnerability/5c7a9473-d32e-47d6-9f8e-15b96fe758f2 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0

CVE-2019-13575 – Contact Form, Drag and Drop Form Builder for WordPress – Everest Forms <= 1.4.9 - SQL Injection

https://notcve.org/view.php?id=CVE-2019-13575

18 Jul 2019 — A SQL injection vulnerability exists in WPEverest Everest Forms plugin for WordPress through 1.4.9. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via includes/evf-entry-functions.php Existe una vulnerabilidad de inyección de SQL en el plugin WPEverest Everest Forms para WordPress hasta 1.4.9. La explotación con éxito de esta vulnerabilidad permitiría a un atacante remoto ejecutar comandos SQL arbitrarios en el sistema afe... • https://fortiguard.com/zeroday/FG-VD-19-096 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

1 2