CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-28612 – WordPress Custom Popup Builder plugin <= 1.3.1 - Improper Access Control vulnerability leading to multiple Authenticated Stored XSS
https://notcve.org/view.php?id=CVE-2022-28612
Improper Access Control vulnerability leading to multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Muneeb's Custom Popup Builder plugin <= 1.3.1 at WordPress. Una vulnerabilidad de control de acceso inapropiado que conlleva a múltiples vulnerabilidades de tipo Cross-Site Scripting (XSS) almacenado y autenticado (rol de contribuyente o superior) en el plugin Custom Popup Builder de Muneeb versiones anteriores a 1.3.1 incluyéndola, en WordPress • https://patchstack.com/database/vulnerability/m-wp-popup/wordpress-custom-popup-builder-plugin-1-3-1-improper-access-control-vulnerability-leading-to-multiple-authenticated-stored-xss https://wordpress.org/plugins/m-wp-popup • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 22%CPEs: 2EXPL: 5CVE-2022-1386 – Fusion Builder < 3.6.2 - Unauthenticated SSRF
https://notcve.org/view.php?id=CVE-2022-1386
The Fusion Builder WordPress plugin before 3.6.2, used in the Avada theme, does not validate a parameter in its forms which could be used to initiate arbitrary HTTP requests. The data returned is then reflected back in the application's response. This could be used to interact with hosts on the server's local network bypassing firewalls and access control measures. El plugin Fusion Builder de WordPress versiones anteriores a 3.6.2, usado en el tema Avada, no comprueba un parámetro en sus formularios que podría ser usado para iniciar peticiones HTTP arbitrarias. Los datos devueltos son reflejados en la respuesta de la aplicación. • https://github.com/ardzz/CVE-2022-1386 https://github.com/imhunterand/CVE-2022-1386 https://github.com/satyasai1460/CVE-2022-1386 https://github.com/zycoder0day/CVE-2022-1386-Mass_Vulnerability https://theme-fusion.com/version-7-6-2-security-update https://wpscan.com/vulnerability/bf7034ab-24c4-461f-a709-3f73988b536b https://www.rootshellsecurity.net/rootshell-discovered-a-critical-vulnerability-in-top-wordpress-theme • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1182 – Visual Slide Box Builder <= 3.2.9 - Subscriber+ SQLi
https://notcve.org/view.php?id=CVE-2022-1182
The Visual Slide Box Builder WordPress plugin through 3.2.9 does not sanitise and escape various parameters before using them in SQL statements via some of its AJAX actions available to any authenticated users (such as subscriber), leading to SQL Injections El plugin Visual Slide Box Builder de WordPress versiones hasta 3.2.9, no sanea y escapa de varios parámetros antes de usarlos en sentencias SQL por medio de algunas de sus acciones AJAX disponibles para cualquier usuario autenticado (como el suscriptor), lo que conlleva a inyecciones SQL • https://wpscan.com/vulnerability/01d108bb-d134-4651-9c74-babcc88da177 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-0214 – Popup | Custom Popup Builder < 1.3.1 - Unauthenticated Denial of Service
https://notcve.org/view.php?id=CVE-2022-0214
The Custom Popup Builder WordPress plugin before 1.3.1 autoload data from its popup on every pages, as such data can be sent by unauthenticated user, and is not validated in length, this could cause a denial of service on the blog El plugin Popup | Custom Popup Builder de WordPress versiones anteriores a 1.3.1, autocarga los datos de su popup en todas las páginas, ya que dichos datos pueden ser enviados por usuarios no autenticados, y no es comprobada su longitud, esto podría causar una denegación de servicio en el blog The Popup | Custom Popup Builder WordPress plugin before 1.3.1 autoload data from its popup on every pages, as such data can be sent by unauthenticated user, and is not validated in length, this could cause a denial of service on the blog • https://wpscan.com/vulnerability/ca2e8feb-15d6-4965-ad9c-8da1bc01e0f4 • CWE-400: Uncontrolled Resource Consumption CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24244 – WPBakery Page Builder Clipboard < 4.5.8 - Unauthorised Arbitrary License Options Update
https://notcve.org/view.php?id=CVE-2021-24244
An AJAX action registered by the WPBakery Page Builder (Visual Composer) Clipboard WordPress plugin before 4.5.8 did not have capability checks, allowing low privilege users, such as subscribers, to update the license options (key, email). Una acción AJAX registrada por el plugin WPBakery Page Builder (Visual Composer) Clipboard WordPress versiones anteriores a 4.5.8, no tenía verificaciones de capacidad, permitiendo a usuarios con privilegios bajos, como los suscriptores, actualizar las opciones de licencia (clave, correo electrónico) • https://codecanyon.net/item/visual-composer-clipboard/8897711 https://wpscan.com/vulnerability/354b98d8-46a1-4189-b347-198701ea59b9 • CWE-863: Incorrect Authorization •