CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 8CVE-2022-0739 – BookingPress < 1.0.11 - Unauthenticated SQL Injection
https://notcve.org/view.php?id=CVE-2022-0739
The BookingPress WordPress plugin before 1.0.11 fails to properly sanitize user supplied POST data before it is used in a dynamically constructed SQL query via the bookingpress_front_get_category_services AJAX action (available to unauthenticated users), leading to an unauthenticated SQL Injection El plugin BookingPress de WordPress versiones anteriores a 1.0.11, no sanea correctamente los datos POST proporcionados por el usuario antes de que sean usados en una consulta SQL construida dinámicamente por medio de la acción AJAX bookingpress_front_get_category_services (disponible para usuarios no autenticados), conllevando a una inyección SQL no autenticada The BookingPress WordPress plugin before 1.0.11 fails to properly sanitize user supplied POST data before it is used in a dynamically constructed SQL query via the bookingpress_front_get_category_services AJAX action (available to unauthenticated users), leading to an unauthenticated SQL Injection. • https://github.com/destr4ct/CVE-2022-0739 https://github.com/BKreisel/CVE-2022-0739 https://github.com/Chris01s/CVE-2022-0739 https://github.com/viardant/CVE-2022-0739 https://github.com/G01d3nW01f/CVE-2022-0739 https://github.com/ElGanz0/CVE-2022-0739 https://github.com/lhamouche/Bash-exploit-for-CVE-2022-0739 https://plugins.trac.wordpress.org/changeset/2684789 https://wpscan.com/vulnerability/388cd42d-b61a-42a4-8604-99b812db2357 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24718 – ARForms Form Builder < 1.5 - Admin+ Stored Cross Site Scripting
https://notcve.org/view.php?id=CVE-2021-24718
The Contact Form, Survey & Popup Form Plugin for WordPress plugin before 1.5 does not properly sanitize some of its settings allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed El plugin Contact Form, Survey & Popup Form para WordPress versiones anteriores a 1.5, no sanea correctamente algunos de sus ajustes, permitiendo a usuarios con altos privilegios llevar a cabo ataques de tipo Cross-Site Scripting incluso cuando la capacidad unfiltered_html está deshabilitada The Contact Form, Survey & Popup Form Plugin for WordPress plugin before 1.5 does not properly sanitize some of its settings allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. • https://wpscan.com/vulnerability/60c9d78f-ae2c-49e0-aca3-6dce1bd8f697 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 1CVE-2019-16902 – ARforms <= 3.7.1 - Unauthenticated Arbitrary File Deletion
https://notcve.org/view.php?id=CVE-2019-16902
In the ARforms plugin 3.7.1 for WordPress, arf_delete_file in arformcontroller.php allows unauthenticated deletion of an arbitrary file by supplying the full pathname. En el plugin Arforms versión 3.7.1 para WordPress, la función arf_delete_file en el archivo arformcontroller.php permite la eliminación no autenticada de un archivo arbitrario mediante el suministro del nombre de ruta completo. • https://www.exploit-db.com/exploits/47443 http://almorabea.net/cve-2019-16902.txt https://www.arformsplugin.com/documentation/changelog • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2019-14679 – Pricing Table Plugin - < 2.3 - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2019-14679
core/views/arprice_import_export.php in the ARPrice Lite plugin 2.2 for WordPress allows wp-admin/admin.php?page=arplite_import_export CSRF. core / views / arprice_import_export.php en el complemento ARPrice Lite versión 2.2 para WordPress permite wp-admin / admin.php? page = arplite_import_export CSRF. WordPress Pricing Table Plugin Plugin 2.2 has a Cross-Site Request Forgery vulnerability via in the core/views/arprice_import_export.php in the plugin's Import/Export admin page. • https://wordpress.org/plugins/arprice-responsive-pricing-table/#developers https://www.pluginvulnerabilities.com/2019/07/11/cross-site-request-forgery-csrf-vulnerability-in-arprice-lite • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-15818 – Repute ARForms <= 3.5.1 - Unauthenticated Arbitrary File Deletion via Path Traversal
https://notcve.org/view.php?id=CVE-2018-15818
An issue was discovered in Repute ARForms 3.5.1 and prior. An attacker is able to delete any file on the server with web server privileges by sending a malicious request to admin-ajax.php. Se ha descubierto un problema en Repute ARForms, en versiones 3.5.1 y anteriores. Un atacante puede eliminar cualquier archivo en el servidor con privilegios del servidor web mediante el envío de una petición maliciosa a admin-ajax.php. WordPress Arforms plugin versions 3.5.1 and below suffer from an arbitrary file deletion vulnerability. • http://packetstormsecurity.com/files/149981/WordPress-Arforms-3.5.1-Arbitrary-File-Delete.html https://wpvulndb.com/vulnerabilities/9139 • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •