CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-40211 – WordPress Post Grid Plugin <= 2.2.50 is vulnerable to Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2023-40211
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PickPlugins Post Grid Combo – 36+ Gutenberg Blocks.This issue affects Post Grid Combo – 36+ Gutenberg Blocks: from n/a through 2.2.50. Exposición de información confidencial a una vulnerabilidad de actor no autorizado en PPickPlugins Post Grid Combo – 36+ Gutenberg Blocks. Este problema afecta a Post Grid Combo – 36+ Gutenberg Blocks: desde n/a hasta 2.2.50. The Post Grid plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on multiple REST API endpoints in versions up to, and including, 2.2.50. This makes it possible for unauthenticated attackers to expose sensitive inforamtion. • https://patchstack.com/database/vulnerability/post-grid/wordpress-post-grid-combo-plugin-2-2-50-sensitive-data-exposure-vulnerability?_s_id=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-862: Missing Authorization •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2023-0166 – PickPlugins Product Slider for WooCommerce < 1.13.42 - Contributor+ Stored XSS
https://notcve.org/view.php?id=CVE-2023-0166
The Product Slider for WooCommerce by PickPlugins WordPress plugin before 1.13.42 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. The PickPlugins Product Slider for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in versions up to, and including, 1.13.41 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page • https://wpscan.com/vulnerability/f5d43062-4ef3-4dd1-b916-0127f0016f5c • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-4836 – Breadcrumb < 1.5.33 - Contributor+ Stored XSS via Shortcode
https://notcve.org/view.php?id=CVE-2022-4836
The Breadcrumb WordPress plugin before 1.5.33 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. The Breadcrumb plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'breadcrumb_themes' (within in the 'breadcrumb_display' function) in versions up to, and including, 1.5.32 due to insufficient input sanitization and output escaping. This makes it possible for contributor-level attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://wpscan.com/vulnerability/e9a228dc-d32e-4918-898d-4d7af4662a14 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2CVE-2022-4693 – User Verification < 1.0.94 - Authentication Bypass
https://notcve.org/view.php?id=CVE-2022-4693
The User Verification WordPress plugin before 1.0.94 was affected by an Auth Bypass security vulnerability. To bypass authentication, we only need to know the user’s username. Depending on whose username we know, which can be easily queried because it is usually public data, we may even be given an administrative role on the website. El complemento User Verification de WordPress anterior a la versión 1.0.94 se vio afectado por una vulnerabilidad de seguridad de Auth Bypass. Para evitar la autenticación, sólo necesitamos saber el nombre de usuario del usuario. • https://lana.codes/lanavdb/eeabe1d3-6f64-400a-8fb2-0865efdf6957 https://wpscan.com/vulnerability/1eee10a8-135f-4b76-8289-c381ff1f51ea • CWE-287: Improper Authentication CWE-522: Insufficiently Protected Credentials •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-0447 – Post Grid < 2.1.16 - Reflected Cross-Site Scripting via post_types
https://notcve.org/view.php?id=CVE-2022-0447
The Post Grid WordPress plugin before 2.1.16 does not sanitise and escape the post_types parameter before outputting it back in the response of the post_grid_update_taxonomies_terms_by_posttypes AJAX action, available to any authenticated users, leading to a Reflected Cross-Site Scripting El plugin Post Grid de WordPress versiones anteriores a 2.1.16, no sanea ni escapa del parámetro post_types antes de devolverlo en la respuesta de la acción AJAX post_grid_update_taxonomies_terms_by_posttypes, disponible para cualquier usuario autenticado, conllevando a un problema de tipo Cross-Site Scripting Reflejado • https://wpscan.com/vulnerability/91ca2cc9-951e-4e96-96ff-3bf131209dbe • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •