CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35746 – WordPress BuddyPress Cover plugin <= 2.1.4.2 - Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2024-35746
06 Jun 2024 — The BuddyPress Cover plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 2.1.4.2. • https://patchstack.com/database/vulnerability/bp-cover/wordpress-buddypress-cover-plugin-2-1-4-2-arbitrary-file-upload-vulnerability? • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5153 – Startklar Elementor Addons <= 1.7.15 - Unauthenticated Path Traversal to Arbitrary Directory Deletion
https://notcve.org/view.php?id=CVE-2024-5153
05 Jun 2024 — The Startklar Elementor Addons plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.7.15 via the 'dropzone_hash' parameter. This makes it possible for unauthenticated attackers to copy the contents of arbitrary files on the server, which can contain sensitive information, and to delete arbitrary directories, including the root WordPress directory. El complemento Startklar Elementor Addons para WordPress es vulnerable a Directory Traversal en ... • https://plugins.trac.wordpress.org/browser/startklar-elmentor-forms-extwidgets/trunk/widgets/dropzone_form_field.php#L334 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35677 – WordPress MegaMenu plugin <= 2.3.12 - Unauthenticated Local File Inclusion vulnerability
https://notcve.org/view.php?id=CVE-2024-35677
05 Jun 2024 — The stm-megamenu plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.3.12. • https://patchstack.com/database/vulnerability/stm-megamenu/wordpress-megamenu-plugin-2-3-12-unauthenticated-local-file-inclusion-vulnerability? • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 2CVE-2024-4295 – Email Subscribers by Icegram Express <= 5.7.20 - Unauthenticated SQL Injection via hash
https://notcve.org/view.php?id=CVE-2024-4295
04 Jun 2024 — The Email Subscribers by Icegram Express plugin for WordPress is vulnerable to SQL Injection via the ‘hash’ parameter in all versions up to, and including, 5.7.20 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. ... El complemento Email Subscribers by Icegram Express para WordPress es vulnerable a la inyección SQL a través del parámetro 'hash' en todas las versiones hasta la 5.7.20 incluida debido a un escape insuficiente... • https://github.com/truonghuuphuc/CVE-2024-4295-Poc • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35661 – WordPress Upload Fields for WPForms plugin <= 1.0.2 - Broken Access Control vulnerability
https://notcve.org/view.php?id=CVE-2024-35661
03 Jun 2024 — The Upload Fields for WPForms – Drag and Drop Multiple File Upload, Image Upload, and Google Drive Upload for WPForms plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 1.0.2. • https://patchstack.com/database/vulnerability/upload-fields-for-wpforms/wordpress-upload-fields-for-wpforms-plugin-1-0-2-broken-access-control-vulnerability? • CWE-862: Missing Authorization •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35670 – WordPress Integrate Google Drive plugin <= 1.3.93 - Broken Access Control vulnerability
https://notcve.org/view.php?id=CVE-2024-35670
03 Jun 2024 — The Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files into Your WordPress Site plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 1.3.93. • https://patchstack.com/database/vulnerability/integrate-google-drive/wordpress-integrate-google-drive-plugin-1-3-93-broken-access-control-vulnerability? • CWE-287: Improper Authentication CWE-862: Missing Authorization •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4552 – Social Login Lite For WooCommerce <= 1.6.0 - Authentication Bypass
https://notcve.org/view.php?id=CVE-2024-4552
03 Jun 2024 — The Social Login Lite For WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.6.0. ... El complemento Social Login Lite para WooCommerce para WordPress es vulnerable a la omisión de autenticación en versiones hasta la 1.6.0 incluida. • https://plugins.trac.wordpress.org/browser/social-login-lite-for-woocommerce/tags/1.6.0/woocommerce_social_login.php#L499 • CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3820 – wpDataTables - Tables & Table Charts (Premium) <= 6.3.1 - Unauthenticated SQL Injection
https://notcve.org/view.php?id=CVE-2024-3820
31 May 2024 — The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to SQL Injection via the 'id_key' parameter of the wdt_delete_table_row AJAX action in all versions up to, and including, 6.3.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. ... El complemento wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin para WordPress es vulner... • https://wpdatatables.com/help/whats-new-changelog • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 5CVE-2024-5522 – HTML5 Video Player < 2.5.27 - Unauthenticated SQLi
https://notcve.org/view.php?id=CVE-2024-5522
30 May 2024 — The HTML5 Video Player WordPress plugin before 2.5.27 does not sanitize and escape a parameter from a REST route before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks El complemento HTML5 Video Player de WordPress anterior a 2.5.27 no sanitiza ni escapa un parámetro de una ruta REST antes de usarlo en una declaración SQL, lo que permite a usuarios no autenticados realizar ataques de inyección SQL. The HTML5 Video Player – Best WordPress Vide... • https://github.com/truonghuuphuc/CVE-2024-5522-Poc • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5150 – Login with phone number <= 1.7.26 - Authentication Bypass due to Missing Empty Value Check
https://notcve.org/view.php?id=CVE-2024-5150
28 May 2024 — The Login with phone number plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.7.26. ... El complemento The Login with phone number para WordPress es vulnerable a la omisión de autenticación en versiones hasta la 1.7.26 incluida. • https://plugins.trac.wordpress.org/browser/login-with-phone-number/tags/1.7.25/login-with-phonenumber.php#L4183 • CWE-288: Authentication Bypass Using an Alternate Path or Channel •