CVSS: 10.0EPSS: 93%CPEs: 9EXPL: 7CVE-2023-28121 – WooCommerce Payments 4.8.0 - 5.6.1 Authentication Bypass and Privilege Escalation
https://notcve.org/view.php?id=CVE-2023-28121
23 Mar 2023 — An issue in WooCommerce Payments plugin for WordPress (versions 5.6.1 and lower) allows an unauthenticated attacker to send requests on behalf of an elevated user, like administrator. This allows a remote, unauthenticated attacker to gain admin access on a site that has the affected version of the plugin activated. The WooCommerce Payments plugin is vulnerable to authentication bypass via the determine_current_user_for_platform_checkout function. This allows unauthenticated attackers to impersonate arbitrar... • https://packetstorm.news/files/id/181061 • CWE-287: Improper Authentication CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27429 – WordPress Jetpack CRM Plugin <= 5.4.4 is vulnerable to Cross Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2023-27429
05 Mar 2023 — Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Automattic - Jetpack CRM team Jetpack CRM plugin <= 5.4.4 versions. The Jetpack CRM plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 5.4.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with administrator-level access, and above, to inject arbitrary web scripts in pages that will execute whenever a user accesse... • https://patchstack.com/database/vulnerability/zero-bs-crm/wordpress-jetpack-crm-clients-leads-invoices-billing-email-marketing-automation-plugin-5-4-4-cross-site-scripting-xss?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-4497 – Jetpack CRM < 5.5 - Contributor+ Stored XSS
https://notcve.org/view.php?id=CVE-2022-4497
19 Dec 2022 — The Jetpack CRM WordPress plugin before 5.5 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins The Jetpack CRM plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcode in versions up to, and including, 5.4.4 due to insufficient input sanitization and output escaping. ... • https://wpscan.com/vulnerability/3fa6c8b3-6b81-4fe3-b997-25c9e5fdec86 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-3919 – Jetpack CRM < 5.4.3 - Admin+ Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2022-3919
21 Nov 2022 — The Jetpack CRM WordPress plugin before 5.4.3 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. El complemento Jetpack CRM para WordPress anterior a 5.4.3 no sanitiza ni escapa de su configuración, lo que permite a usuarios con privilegios elevados, como el administrador, realizar ataques de Cross-Site Scripting incluso cuando la capacidad unfiltered_html no está permitida. Th... • https://wpscan.com/vulnerability/fe2f1d52-8421-4b46-b829-6953a0472dcb • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-45069 – WordPress Crowdsignal Dashboard plugin <= 3.0.9 - Privilege Escalation vulnerability
https://notcve.org/view.php?id=CVE-2022-45069
17 Nov 2022 — Auth. (contributor+) Privilege Escalation vulnerability in Crowdsignal Dashboard plugin <= 3.0.9 on WordPress. Vulnerabilidad de escalada de privilegios autenticada (con permisos de colaboradores o superiores) en el complemento Crowdsignal Dashboard de Wordpress en versiones <= 3.0.9. The Crowdsignal Dashboard plugin for WordPress is vulnerable to Authorization Bypass in versions up to, and including, 3.0.9. This is due to missing authorization checks on the settings page that made it possible for contri... • https://patchstack.com/database/vulnerability/polldaddy/wordpress-crowdsignal-dashboard-plugin-3-0-9-privilege-escalation-vulnerability?_s_id=cve • CWE-264: Permissions, Privileges, and Access Controls CWE-862: Missing Authorization •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2022-2080 – Sensei LMS < 4.5.2 - Arbitrary Private Message Sending via IDOR
https://notcve.org/view.php?id=CVE-2022-2080
04 Aug 2022 — The Sensei LMS WordPress plugin before 4.5.2 does not ensure that the sender of a private message is either the teacher or the original sender, allowing any authenticated user to send messages to arbitrary private conversation via a IDOR attack. Note: Attackers are not able to see responses/messages between the teacher and student El plugin Sensei LMS de WordPress versiones anteriores a 4.5.2, no asegura que el remitente de un mensaje privado sea el profesor o el remitente original, permitiendo que cualquie... • https://hackerone.com/reports/1592596 • CWE-639: Authorization Bypass Through User-Controlled Key CWE-862: Missing Authorization •
CVSS: 5.3EPSS: 48%CPEs: 1EXPL: 2CVE-2022-2034 – Sensei LMS < 4.5.0 - Unauthenticated Private Messages Disclosure via Rest API
https://notcve.org/view.php?id=CVE-2022-2034
04 Aug 2022 — The Sensei LMS WordPress plugin before 4.5.0 does not have proper permissions set in one of its REST endpoint, allowing unauthenticated users to access private messages sent to teachers El plugin Sensei LMS de WordPress versiones anteriores a 4.5.0, no presenta los permisos apropiados establecidos en uno de sus endpoints REST, lo que permite a usuarios no autenticados acceder a los mensajes privados enviados a los profesores The Sensei LMS plugin for WordPress is vulnerable to Sensitive Data Exposure in ver... • https://hackerone.com/reports/1590237 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-2386 – Crowdsignal Polls & Ratings < 3.0.8 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2022-2386
18 Jul 2022 — The Crowdsignal Dashboard WordPress plugin before 3.0.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting El plugin Crowdsignal Dashboard de WordPress versiones anteriores a 3.0.8, no sanea y escapa de un parámetro antes de devolverlo a la página, lo que conlleva a un ataque de tipo Cross-Site Scripting Reflejado The Crowdsignal Dashboard – Polls, Surveys & more plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via ... • https://wpscan.com/vulnerability/47855d4b-9f6a-4fc7-b231-4337f51c8886 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-20086 – VaultPress Plugin code injection
https://notcve.org/view.php?id=CVE-2017-20086
23 Jun 2022 — A vulnerability, which was classified as critical, was found in VaultPress Plugin 1.8.4. This affects an unknown part. The manipulation leads to code injection. It is possible to initiate the attack remotely. Se ha encontrado una vulnerabilidad, clasificada como crítica, en el plugin VaultPress versión 1.8.4. • http://seclists.org/fulldisclosure/2017/Feb/95 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 91%CPEs: 31EXPL: 2CVE-2021-32789 – Arbitrary SQL (SQL injection) possible via the Store API component.
https://notcve.org/view.php?id=CVE-2021-32789
03 Jul 2021 — woocommerce-gutenberg-products-block is a feature plugin for WooCommerce Gutenberg Blocks. An SQL injection vulnerability impacts all WooCommerce sites running the WooCommerce Blocks feature plugin between version 2.5.0 and prior to version 2.5.16. Via a carefully crafted URL, an exploit can be executed against the `wc/store/products/collection-data?calculate_attribute_counts[][taxonomy]` endpoint that allows the execution of a read only sql query. There are patches for many versions of this package, starti... • https://github.com/and0x00/CVE-2021-32789 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •