CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1946 – Gallery < 2.0.0 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2022-1946
The Gallery WordPress plugin before 2.0.0 does not sanitise and escape a parameter before outputting it back in the response of an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting issue El plugin Gallery de WordPress versiones anteriores a 2.0.0, no sanea y escapa de un parámetro antes de devolverlo en la respuesta de una acción AJAX (disponible tanto para usuarios no autentificados como autentificados), conlleva un problema de tipo Cross-Site Scripting Reflejado The Gallery – Image and Video Gallery with Thumbnails plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 1.9.9 due to insufficient input sanitization and output escaping on the gallery_current_index parameter supplied via the wp_ajax_wpda_gall_load_image_info AJAX action. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. • https://wpscan.com/vulnerability/0903920c-be2e-4515-901f-87253eb30940 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-0876 – Social comments by WpDevArt < 2.5.0 - Admin+ Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2022-0876
The Social comments by WpDevArt WordPress plugin before 2.5.0 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when unfiltered_html is disallowed El plugin Social comments by WpDevArt de WordPress versiones anteriores a 2.5.0 no sanea ni escapa de su configuración, permitiendo a usuarios con privilegios elevados, como los administradores, llevar a cabo ataques de tipo cross-Site Scripting incluso cuando unfiltered_html no está permitido • https://wpscan.com/vulnerability/73be6e92-ea37-4416-977d-52ee2afa022a • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-0640 – AP Pricing Tables Lite < 1.1.5 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2022-0640
The Pricing Table Builder WordPress plugin before 1.1.5 does not sanitize and escape the postid parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting. El plugin Pricing Table Builder de WordPress versiones anteriores a 1.1.5, no sanea y escapa del parámetro postid antes de devolverlo a una página de administración, conllevando a un problema de tipo Cross-Site Scripting Reflejado • https://plugins.trac.wordpress.org/changeset/2684253 https://wpscan.com/vulnerability/f8405e06-9cf3-4acb-aebb-e80fb402daa9 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2021-25075 – Duplicate Page or Post < 1.5.1 - Arbitrary Settings Update to Stored XSS
https://notcve.org/view.php?id=CVE-2021-25075
The Duplicate Page or Post WordPress plugin before 1.5.1 does not have any authorisation and has a flawed CSRF check in the wpdevart_duplicate_post_parametrs_save_in_db AJAX action, allowing any authenticated users, such as subscriber to call it and change the plugin's settings, or perform such attack via CSRF. Furthermore, due to the lack of escaping, this could lead to Stored Cross-Site Scripting issues El plugin Duplicate Page or Post de WordPress versiones anteriores a 1.5.1, no presenta ninguna autorización y presenta una comprobación de CSRF defectuosa en la acción wpdevart_duplicate_post_parametrs_save_in_db AJAX, permitiendo a cualquier usuario autenticado, como el suscriptor, llamarlo y cambiar la configuración del plugin, o llevar a cabo dicho ataque por medio de CSRF. Además, debido a una falta de escapes, esto podría conllevar a problemas de tipo Cross-Site Scripting Almacenado • https://wpscan.com/vulnerability/db5a0431-af4d-45b7-be4e-36b6c90a601b • CWE-862: Missing Authorization •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2022-0164 – Coming soon and Maintenance mode < 3.6.7 - Subscriber+ Arbitrary Email Sending to Subscribed Users
https://notcve.org/view.php?id=CVE-2022-0164
The Coming soon and Maintenance mode WordPress plugin before 3.5.3 does not have authorisation and CSRF checks in its coming_soon_send_mail AJAX action, allowing any authenticated users, with a role as low as subscriber to send arbitrary emails to all subscribed users El plugin Coming soon y Maintenance mode de WordPress versiones anteriores a 3.6.8, no presenta comprobaciones de autorización y CSRF en su acción coming_soon_send_mail AJAX, permitiendo a cualquier usuario autenticado, con un rol tan bajo como el de suscriptor, enviar correos electrónicos arbitrarios a todos los usuarios suscritos The Coming soon and Maintenance mode WordPress plugin before 3.6.8 does not have authorisation and CSRF checks in its coming_soon_send_mail AJAX action, allowing any authenticated users, with a role as low as subscriber to send arbitrary emails to all subscribed users. • https://plugins.trac.wordpress.org/changeset/2655973 https://wpscan.com/vulnerability/942535f9-73bf-4467-872a-20075f03bc51 • CWE-352: Cross-Site Request Forgery (CSRF) CWE-862: Missing Authorization CWE-863: Incorrect Authorization •