CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24243 – WPBakery Page Builder Clipboard < 4.5.6 - Subscriber+ Stored Cross-Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2021-24243
An AJAX action registered by the WPBakery Page Builder (Visual Composer) Clipboard WordPress plugin before 4.5.6 did not have capability checks nor sanitization, allowing low privilege users (subscriber+) to call it and set XSS payloads, which will be triggered in all backend pages. Una acción AJAX registrada por el plugin WPBakery Page Builder (Visual Composer) Clipboard WordPress versiones anteriores a 4.5.6, no tenía capacidad de comprobación ni saneamiento, permitiendo a usuarios con privilegios bajos (suscriptor+) llamarlo y configurar cargas útiles XSS, que serán activadas en todas las páginas backend • https://codecanyon.net/item/visual-composer-clipboard/8897711 https://wpscan.com/vulnerability/3bc0733a-b949-40c9-a5fb-f56814fc4af3 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24224 – Easy Form Builder <= 1.0 - Authenticated Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2021-24224
The EFBP_verify_upload_file AJAX action of the Easy Form Builder WordPress plugin through 1.0, available to authenticated users, does not have any security in place to verify uploaded files, allowing low privilege users to upload arbitrary files, leading to RCE. La acción AJAX EFBP_verify_upload_file del plugin Easy Form Builder WordPress versiones hasta 1.0, disponible para usuarios autenticados, no presenta ninguna seguridad para verificar los archivos cargados, permitiendo a usuarios poco privilegiados cargar archivos arbitrarios, conllevando a una vulnerabilidad de RCE • https://github.com/jinhuang1102/CVE-ID-Reports/blob/e4c33529b20fa70e3a764ff9b1125839fb9900b5/Easy%20Form%20Builder.md https://wpscan.com/vulnerability/ed0c054b-54bf-4df8-9015-c76704c93484 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.0EPSS: 0%CPEs: 3EXPL: 4CVE-2020-28169 – Fluentd TD-agent plugin 4.0.1 - Insecure Folder Permission
https://notcve.org/view.php?id=CVE-2020-28169
The td-agent-builder plugin before 2020-12-18 for Fluentd allows attackers to gain privileges because the bin directory is writable by a user account, but a file in bin is executed as NT AUTHORITY\SYSTEM. El plugin td-agent-builder antes del 18-12-2020 para Fluentd permite a atacantes alcanzar privilegios porque el directorio bin es escribible por una cuenta de usuario, pero un archivo en bin es ejecutado como NT AUTHORITY\SYSTEM Fluentd TD-agent plugin version 4.0.1 suffers from an insecure folder permission vulnerability. • https://www.exploit-db.com/exploits/49363 https://github.com/zubrahzz/FluentD-TD-agent-Exploit-CVE-2020-28169 http://packetstormsecurity.com/files/160791/Fluentd-TD-agent-4.0.1-Insecure-Folder-Permission.html https://docs.fluentd.org/installation/install-by-msi https://github.com/fluent-plugins-nursery/td-agent-builder/pull/247/commits/6f9cb6393392d62caa99907c0ebbcbab6b94a3f1 https://github.com/fluent/fluentd/issues/3201 https://github.com/kenhys/td-agent-builder/commit/eec6e2dedf12f2e0c01c2bbe7b8c15b639b3b938 https:& • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-13423
https://notcve.org/view.php?id=CVE-2020-13423
Form Builder 2.1.0 for Magento has multiple XSS issues that can be exploited against Magento 2 admin accounts via the Current_url or email field, or the User-Agent HTTP header. Form Builder versión 2.1.0, para Magento presenta múltiples problemas de tipo XSS, que pueden ser explotados en las cuentas de administrador de Magento 2 por medio del campo Current_url o email, o el encabezado HTTP User-Agent • https://anothernetsecblog.com https://anothernetsecblog.com/magento-2-extension-security https://landofcoder.com/magento-2-form-builder.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-15534
https://notcve.org/view.php?id=CVE-2019-15534
Raml-Module-Builder 26.4.0 allows SQL Injection in PostgresClient.update. Raml-Module-Builder versión 26.4.0, permite la inyección SQL en PostgresClient.update. • https://github.com/folio-org/raml-module-builder/pull/501 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •