CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-4260 – CoBlocks < 3.1.12 - Contributor+ SSRF
https://notcve.org/view.php?id=CVE-2024-4260
The Page Builder Gutenberg Blocks WordPress plugin before 3.1.12 does not prevent users from pinging arbitrary hosts via some of its shortcodes, which could allow high privilege users such as contributors to perform SSRF attacks. El complemento Page Builder Gutenberg Blocks de WordPress anterior a 3.1.12 no impide que los usuarios hagan ping a hosts arbitrarios a través de algunos de sus códigos cortos, lo que podría permitir a usuarios con altos privilegios, como los contribuyentes, realizar ataques SSRF. The Page Builder Gutenberg Blocks – CoBlocks plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.1.11. This makes it possible for authenticated attackers, with Contributor-level access and above, to make web requests to arbitrary locations originating from the web application which can be used to query and modify information from internal services. • https://wpscan.com/vulnerability/69f33e20-8ff4-491c-8f37-a4eadd4ea8cf • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 1CVE-2024-5604 – Bug Library < 2.1.2 - Admin+ Stored XSS
https://notcve.org/view.php?id=CVE-2024-5604
The Bug Library WordPress plugin before 2.1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) El complemento Bug Library de WordPress anterior a 2.1.2 no sanitiza ni escapa a algunas de sus configuraciones, lo que podría permitir a usuarios con privilegios elevados, como el administrador, realizar ataques de Cross-Site Scripting Almacenado incluso cuando la capacidad unfiltered_html no está permitida (por ejemplo, en una configuración multisitio). The Bug Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. • https://wpscan.com/vulnerability/29985150-8d49-4a3f-8411-5d7263b424d8 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-7269 – ArtPlacer Widget < 2.21.2 - Stored XSS via CSRF
https://notcve.org/view.php?id=CVE-2023-7269
The ArtPlacer Widget WordPress plugin before 2.21.2 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack El complemento ArtPlacer Widget de WordPress anterior a 2.21.2 no tiene verificación CSRF en algunos lugares y le falta desinfección y escape, lo que podría permitir a los atacantes hacer que el administrador registrado agregue payloads XSS almacenado a través de un ataque CSRF. The ArtPlacer Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.21.1. This is due to missing or incorrect nonce validation on the 'add-art-placer' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. • https://wpscan.com/vulnerability/1e8e1186-323b-473b-a0c4-580dc94020d7 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-7268 – ArtPlacer Widget < 2.21.2 - Subscriber+ Arbitrary Widget Deletion
https://notcve.org/view.php?id=CVE-2023-7268
The ArtPlacer Widget WordPress plugin before 2.21.2 does not have authorisation check in place when deleting widgets, allowing ay authenticated users, such as subscriber, to delete arbitrary widgets El complemento ArtPlacer Widget de WordPress anterior a 2.21.2 no cuenta con verificación de autorización al eliminar widgets, lo que permite a cualquier usuario autenticado, como el suscriptor, eliminar widgets arbitrarios. The ArtPlacer Widget plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the artplacer_del AJAX action in all versions up to, and including, 2.21.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary widgets. • https://wpscan.com/vulnerability/9ac233dd-e00d-4aee-a41c-0de6e8aaefd7 • CWE-862: Missing Authorization •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-6164 – Filter & Grids < 2.8.33 - Unauthenticated LFI
https://notcve.org/view.php?id=CVE-2024-6164
The Filter & Grids WordPress plugin before 2.8.33 is vulnerable to Local File Inclusion via the post_layout parameter. This makes it possible for an unauthenticated attacker to include and execute PHP files on the server, allowing the execution of any PHP code in those files. El complemento Filter & Grids de WordPress anterior a 2.8.33 es vulnerable a la inclusión de archivos locales a través del parámetro post_layout. Esto hace posible que un atacante no autenticado incluya y ejecute archivos PHP en el servidor, permitiendo la ejecución de cualquier código PHP en esos archivos. The Filter & Grids plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.8.32. • https://wpscan.com/vulnerability/40bd880e-67a1-4180-b197-8dcadaa0ace4 • CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') •