CVE-2022-37407 – WordPress Gallery PhotoBlocks plugin <= 1.2.6 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities
https://notcve.org/view.php?id=CVE-2022-37407
Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities in WPChill Gallery PhotoBlocks plugin <= 1.2.6 at WordPress. Múltiples vulnerabilidades de tipo Cross-Site Scripting (XSS) Almacenado y Autenticado en el plugin WPChill Gallery PhotoBlocks versiones anteriores a 1.2.6 incluyéndola, en WordPress The Gallery PhotoBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.2.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://patchstack.com/database/vulnerability/photoblocks-grid-gallery/wordpress-gallery-photoblocks-plugin-1-2-6-multiple-authenticated-stored-cross-site-scripting-xss-vulnerabilities/_s_id=cve https://wordpress.org/plugins/photoblocks-grid-gallery • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2022-2222 – Download Monitor < 4.5.91 - Admin+ Arbitrary File Download
https://notcve.org/view.php?id=CVE-2022-2222
The Download Monitor WordPress plugin before 4.5.91 does not ensure that files to be downloaded are inside the blog folders, and not sensitive, allowing high privilege users such as admin to download the wp-config.php or /etc/passwd even in an hardened environment or multisite setup. El plugin Download Monitor de WordPress versiones anteriores a 4.5.91, no asegura que los archivos a descargar estén dentro de las carpetas del blog, y no sean confidenciales, permitiendo a usuarios con altos privilegios como el administrador descargar el archivo wp-config.php o /etc/passwd incluso en un entorno reforzado o una configuración multisitio • https://wpscan.com/vulnerability/dd48624a-1781-419c-a3c4-1e3eaf5e2c1b • CWE-552: Files or Directories Accessible to External Parties •
CVE-2022-1547 – Check & Log email < 1.0.6 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2022-1547
The Check & Log Email WordPress plugin before 1.0.6 does not sanitise and escape a parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting El plugin Check & Log Email de WordPress versiones anteriores a 1.0.6, no sanea y escapa de un parámetro antes de devolverlo en un atributo en una página de administración, conllevando a un ataue de tipo Cross-Site Scripting Reflejado • https://wpscan.com/vulnerability/83eca346-7045-414e-81fc-e0d9b735f0bd • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2022-27852 – WordPress KB Support plugin <= 1.5.5 - Multiple Unauth. Stored Cross-Site Scripting (XSS) vulnerabilities
https://notcve.org/view.php?id=CVE-2022-27852
Multiple Unauthenticated Stored Cross-Site Scripting (XSS) vulnerabilities in KB Support (WordPress plugin) <= 1.5.5 versions. Múltiples vulnerabilidades de tipo Cross-Site Scripting (XSS) almacenadas sin autenticación en KB Support (plugin de WordPress) versiones anteriores a 1.5.5 incluyéndola The plugin KB Support – WordPress Help Desk versions up to 1.5.5 are vulnerable to Cross-Site Scripting. The vulnerabilities allow unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://patchstack.com/database/vulnerability/kb-support/wordpress-kb-support-wordpress-help-desk-plugin-1-5-5-multiple-unauthenticated-stored-cross-site-scripting-xss-vulnerabilities?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2022-1054 – RSVP and Event Management < 2.7.8 - Unauthenticated Entries Export
https://notcve.org/view.php?id=CVE-2022-1054
The RSVP and Event Management Plugin WordPress plugin before 2.7.8 does not have any authorisation checks when exporting its entries, and has the export function hooked to the init action. As a result, unauthenticated attackers could call it and retrieve PII such as first name, last name and email address of user registered for events El plugin RSVP and Event Management Plugin de WordPress versiones anteriores a 2.7.8, no presenta ninguna comprobación de autorización cuando exporta sus entradas, y presenta la función de exportación enganchada a la acción init. Como resultado, los atacantes no autenticados podrían llamarlo y recuperar PII como el nombre, el apellido y la dirección de correo electrónico de los usuarios registrados en los eventos • https://wpscan.com/vulnerability/95a5fad1-e823-4571-8640-19bf5436578d • CWE-862: Missing Authorization •