CVSS: 6.3EPSS: 0%CPEs: 425EXPL: 0CVE-2022-4974 – Freemius SDK <= 2.4.2 - Missing Authorization Checks
https://notcve.org/view.php?id=CVE-2022-4974
The Freemius SDK, as used by hundreds of WordPress plugin and theme developers, was vulnerable to Cross-Site Request Forgery and Information disclosure due to missing capability checks and nonce protection on the _get_debug_log, _get_db_option, and the _set_db_option functions in versions up to, and including 2.4.2. Any WordPress plugin or theme running a version of Freemius less than 2.4.3 is vulnerable. • https://www.wordfence.com/threat-intel/vulnerabilities/id/39fb0499-9ab4-4a2f-b0db-ece86bcf4d42?source=cve https://wpscan.com/vulnerability/6dae6dca-7474-4008-9fe5-4c62b9f12d0a https://freemius.com/blog/managing-security-issues-open-source-freemius-sdk-security-disclosure https://wpdirectory.net/search/01FWPVWA7BC5DYGZHNSZQ9QMN5 https://wpdirectory.net/search/01G02RSGMFS1TPT63FS16RWEYR https://web.archive.org/web/20220225174410/https%3A//www.pluginvulnerabilities.com/2022/02/25/our-security-review-of-wordpress-plugin-found-freemius-li • CWE-862: Missing Authorization •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24775 – Document Embedder < 1.7.5 - Unauthenticated Arbitrary Private/Draft Post Title Disclosure
https://notcve.org/view.php?id=CVE-2021-24775
The Document Embedder WordPress plugin before 1.7.5 contains a REST endpoint, which could allow unauthenticated users to enumerate the title of arbitrary private and draft posts. El plugin Document Embedder de WordPress versiones anteriores a 1.7.5, contiene un endpoint REST, que podría permitir a usuarios no autenticados enumerar el título de publicaciones privadas y borradores arbitrarios The Document Embedder WordPress plugin before 1.7.6 contains a REST endpoint, which could allow unauthenticated users to enumerate the title of arbitrary private and draft posts. • https://wpscan.com/vulnerability/c6f24afe-d273-4f87-83ca-a791a385b06b • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24868 – Document Embedder < 1.7.9 - Subscriber+ Arbitrary Private/Draft Post Title Disclosure
https://notcve.org/view.php?id=CVE-2021-24868
The Document Embedder WordPress plugin before 1.7.9 contains a AJAX action endpoint, which could allow any authenticated user, such as subscriber to enumerate the title of arbitrary private and draft posts. El plugin Document Embedder de WordPress versiones anteriores a 1.7.9, contiene un endpoint de acción AJAX, que podría permitir a cualquier usuario autenticado, como el suscriptor, enumerar el título de publicaciones privadas y borradores arbitrarios • https://wpscan.com/vulnerability/45a43927-a427-46bc-9c61-e0b8532c8138 • CWE-285: Improper Authorization CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2021-24416 – StreamCast < 2.1.1 - Contributor+ Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2021-24416
The StreamCast – Radio Player for WordPress plugin before 2.1.1 does not sanitise or validate the parameters from its shortcode, allowing users with a role as low as contributor to set Cross-Site Scripting payload in them which will be triggered in the page/s with the embed malicious shortcode El plugin StreamCast - Radio Player de WordPress versiones anteriores a 2.1.1, no sanea ni comprueba los parámetros de su shortcode, permitiendo a usuarios con un rol tan bajo como el de colaborador establecer en ellos cargas útiles de tipo Cross-Site Scripting que será desencadenada en la/s página/s con el shortcode malicioso insertado • https://wpscan.com/vulnerability/260c7e2d-d48c-42d6-ae05-bad3f3bac01d • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24412 – Html5 Audio Player < 2.1.3 - Contributor+ Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2021-24412
The Html5 Audio Player – Audio Player for WordPress plugin before 2.1.3 does not sanitise or validate the parameters from its shortcode, allowing users with a role as low as contributor to set Cross-Site Scripting payload in them which will be triggered in the page/s with the embed malicious shortcode El plugin Html5 Audio Player - Audio Player de WordPress versiones anteriores a 2.1.3 no sanea ni comprueba los parámetros de su shortcode, permitiendo a usuarios con un rol tan bajo como el de colaborador establecer en ellos una carga útil de tipo Cross-Site Scripting que será desencadenada en la/s página/s con el shortcode malicioso insertado • https://wpscan.com/vulnerability/c4ed3e52-cbe0-46dc-ab43-65de78cfb225 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •