CVE-2023-3371 – EmbedPress <= 3.7.3 - Sensitive Information Exposure
https://notcve.org/view.php?id=CVE-2023-3371
The User Registration plugin for WordPress is vulnerable to Sensitive Information Exposure due to hardcoded encryption key on the 'lock_content_form_handler' and 'display_password_form' function in versions up to, and including, 3.7.3. This makes it possible for unauthenticated attackers to decrypt and view the password protected content. El plugin User Registration para WordPress es vulnerable a la exposición de información confidencial debido a la clave de cifrado embebida en las funciones "lock_content_form_handler" y "display_password_form" en versiones hasta la 3.7.3 inclusive. Esto hace posible que atacantes no autenticados descifren y vean el contenido protegido por contraseña. The EmbedPress plugin for WordPress is vulnerable to Sensitive Information Exposure due to hardcoded encryption key on the 'lock_content_form_handler' and 'display_password_form' function in versions up to, and including, 3.7.3. • https://plugins.trac.wordpress.org/browser/embedpress/tags/3.7.3/EmbedPress/Includes/Classes/Helper.php#L231 https://plugins.trac.wordpress.org/browser/embedpress/tags/3.7.3/EmbedPress/Includes/Classes/Helper.php#L278 https://plugins.trac.wordpress.org/browser/embedpress/tags/3.7.3/Gutenberg/block-backend/block-embedpress.php#L30 https://plugins.trac.wordpress.org/changeset/2930523/embedpress#file10 https://plugins.trac.wordpress.org/changeset/2930523/embedpress#file28 https://www.wordfence.com/threat-int • CWE-321: Use of Hard-coded Cryptographic Key •
CVE-2023-2833 – ReviewX <= 1.6.13 - Arbitrary Usermeta Update to Authenticated (Subscriber+) Privilege Escalation
https://notcve.org/view.php?id=CVE-2023-2833
The ReviewX plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.6.13 due to insufficient restriction on the 'rx_set_screen_options' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify their user role by supplying the 'wp_screen_options[option]' and 'wp_screen_options[value]' parameters during a screen option update. WordPress ReviewX plugin versions 1.6.13 and below suffer from a privilege escalation vulnerability. • https://github.com/Alucard0x1/CVE-2023-2833 https://lana.codes/lanavdb/a889c3ff-5df0-4d7e-951f-0b0406468efa https://plugins.trac.wordpress.org/browser/reviewx/tags/1.6.13/includes/rx-functions.php#L972 https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2916148%40reviewx&old=2912114%40reviewx&sfp_email=&sfph_mail=#file472 https://www.wordfence.com/blog/2023/05/wpdeveloper-addresses-privilege-escalation-vulnerability-in-reviewx-wordpress-plugin https://www.wordfence.com/threa • CWE-269: Improper Privilege Management •
CVE-2023-32241 – WordPress Essential Addons for Elementor Pro Plugin <= 5.4.8 is vulnerable to Cross Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2023-32241
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPDeveloper Essential Addons for Elementor Pro plugin <= 5.4.8 versions. The Essential Addons for Elementor Pro plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 5.4.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. • https://patchstack.com/database/vulnerability/essential-addons-elementor/wordpress-essential-addons-for-elementor-pro-plugin-5-4-8-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-32245 – WordPress Essential Addons for Elementor Pro Plugin <= 5.4.8 is vulnerable to Server Side Request Forgery (SSRF)
https://notcve.org/view.php?id=CVE-2023-32245
Cross-Site Request Forgery (CSRF) vulnerability in WPDeveloper Essential Addons for Elementor Pro.This issue affects Essential Addons for Elementor Pro: from n/a through 5.4.8. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en WPDeveloper Essential Addons para Elementor Pro. Este problema afecta a Essential Addons para Elementor Pro: desde n/a hasta 5.4.8. The Essential Addons for Elementor Pro plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 5.4.8. This can allow unauthenticated attackers to make web requests to arbitrary locations originating from the web application which can be used to query and modify information from internal services. • https://patchstack.com/database/vulnerability/essential-addons-elementor/wordpress-essential-addons-for-elementor-pro-plugin-5-4-8-unauthenticated-server-side-request-forgery-ssrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) CWE-918: Server-Side Request Forgery (SSRF) •
CVE-2023-32243 – WordPress Essential Addons for Elementor Plugin 5.4.0-5.7.1 is vulnerable to Privilege Escalation
https://notcve.org/view.php?id=CVE-2023-32243
Improper Authentication vulnerability in WPDeveloper Essential Addons for Elementor allows Privilege Escalation. This issue affects Essential Addons for Elementor: from 5.4.0 through 5.7.1. The Essential Addons for Elementor plugin for WordPress is vulnerable to Unauthenticated Arbitrary Password Resets to Privilege Escalation in versions up to, and including, 5.7.1. This is due to a lack of validation of a password reset key in the reset_password function. This makes it possible for unauthenticated attackers to reset the password of any user on a vulnerable site, including an administrator, if they have the email or username of the targeted account. • https://github.com/gbrsh/CVE-2023-32243 https://github.com/RandomRobbieBF/CVE-2023-32243 https://github.com/Jenderal92/WP-CVE-2023-32243 https://github.com/shaoyu521/Mass-CVE-2023-32243 https://github.com/YouGina/CVE-2023-32243 http://packetstormsecurity.com/files/172457/WordPress-Elementor-Lite-5.7.1-Arbitrary-Password-Reset.html https://patchstack.com/articles/critical-privilege-escalation-in-essential-addons-for-elementor-plugin-affecting-1-million-sites?_s_id=cve https://patchstack.com/datab • CWE-287: Improper Authentication CWE-620: Unverified Password Change •