CVE-2018-18069 – WPML <= 3.6.3 - Unauthenticated Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2018-18069
process_forms in the WPML (aka sitepress-multilingual-cms) plugin through 3.6.3 for WordPress has XSS via any locale_file_name_ parameter (such as locale_file_name_en) in an authenticated theme-localization.php request to wp-admin/admin.php. process_forms en el plugin WPML (también conocido como sitepress-multilingual-cms) hasta la versión 3.6.3 para WordPress tiene Cross-Site Scripting (XSS) mediante cualquier parámetro locale_file_name_ (como locale_file_name_en) en una petición theme-localization.php autenticada a wp-admin/admin.php. process_forms in the WPML (aka sitepress-multilingual-cms) plugin through 3.6.3 for WordPress has XSS via any locale_file_name_ parameter (such as locale_file_name_en) in an unauthenticated theme-localization.php request to wp-admin/admin.php. • https://0x62626262.wordpress.com/2018/10/08/sitepress-multilingual-cms-plugin-unauthenticated-stored-xss • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2015-2315 – WPML < 3.1.9 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2015-2315
Cross-site scripting (XSS) vulnerability in the WPML plugin before 3.1.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the target parameter in a reminder_popup action to the default URI. Vulnerabilidad XSS en el plugin WPML 3.1.9 de WordPress permite a atacantes remotos inyectar secuencias de comandos secuencias de comandos web arbitrarios o HTML a través del parámetro targer en la acción reminder_popup a la URI por defecto. • https://www.exploit-db.com/exploits/36414 http://klikki.fi/adv/wpml.html http://packetstormsecurity.com/files/130810/WordPress-WPML-XSS-Deletion-SQL-Injection.html http://seclists.org/fulldisclosure/2015/Mar/71 http://wpml.org/2015/03/wpml-security-update-bug-and-fix http://www.securityfocus.com/archive/1/534862/100/0/threaded • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2015-2791 – WPML <= 3.1.9 - Arbitrary Deletion of Content
https://notcve.org/view.php?id=CVE-2015-2791
The "menu sync" function in the WPML plugin before 3.1.9 for WordPress allows remote attackers to delete arbitrary posts, pages, and menus via a crafted request to sitepress-multilingual-cms/menu/menus-sync.php. La función 'menu sync' en el plugin WPML anterior a 3.1.9 para WordPress permite a atacantes remotos eliminar mensajes, páginas y menús arbitrarios a través de una solicitud manipulada a sitepress-multilingual-cms/menu/menus-sync.php. • https://www.exploit-db.com/exploits/36414 http://klikki.fi/adv/wpml.html http://packetstormsecurity.com/files/130810/WordPress-WPML-XSS-Deletion-SQL-Injection.html http://seclists.org/fulldisclosure/2015/Mar/71 http://www.securityfocus.com/archive/1/534862/100/0/threaded https://wpml.org/2015/03/wpml-security-update-bug-and-fix • CWE-264: Permissions, Privileges, and Access Controls CWE-284: Improper Access Control •
CVE-2015-2314 – WPML <= 3.1.9 - SQL Injection via lang Parameter
https://notcve.org/view.php?id=CVE-2015-2314
SQL injection vulnerability in the WPML plugin before 3.1.9 for WordPress allows remote attackers to execute arbitrary SQL commands via the lang parameter in the HTTP Referer header in a wp-link-ajax action to comments/feed. Vulnerabilidad de inyección SQL en el plugin WPML anterior a 3.1.9 de WordPress permite a atacantes remotos ejecutar comandos arbitrarios SQL a través del parámetro lang en la cabecera Referer HTTP en la acción wp-link-ajax a comments/feed. SQL injection vulnerability in the WPML plugin before 3.1.9.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the lang parameter in the HTTP Referer header in a wp-link-ajax action to comments/feed. • https://www.exploit-db.com/exploits/36414 http://klikki.fi/adv/wpml.html http://packetstormsecurity.com/files/130810/WordPress-WPML-XSS-Deletion-SQL-Injection.html http://seclists.org/fulldisclosure/2015/Mar/71 http://wpml.org/2015/03/wpml-security-update-bug-and-fix http://www.osvdb.org/119541 http://www.securityfocus.com/archive/1/534862/100/0/threaded • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2015-2792 – WPML < 3.1.8 - Authorization Bypass
https://notcve.org/view.php?id=CVE-2015-2792
The WPML plugin before 3.1.9 for WordPress does not properly handle multiple actions in a request, which allows remote attackers to bypass nonce checks and perform arbitrary actions via a request containing an action POST parameter, an action GET parameter, and a valid nonce for the action GET parameter. El plugin WPML anterior a 3.1.9 para WordPress no maneja correctamente las acciones múltiples en una solicitud, lo que permite a atacantes remotos evadir las comprobaciones nonce y realizar acciones arbitrarias a través de una solicitud que contiene un parámetro action POST, un parámetro action GET y un nonce válido para el parámetro action GET. • http://klikki.fi/adv/wpml.html http://packetstormsecurity.com/files/130839/WordPress-WPML-Missing-Authentication.html http://seclists.org/fulldisclosure/2015/Mar/79 http://wpml.org/2015/03/wpml-security-update-bug-and-fix • CWE-284: Improper Access Control •