CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-3635 – The Post Grid < 7.5.0 - Editor+ Stored XSS via Grid Creation
https://notcve.org/view.php?id=CVE-2024-3635
The Post Grid WordPress plugin before 7.5.0 does not sanitise and escape some of its Grid settings, which could allow high privilege users such as Editor and above to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). The The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 7.4.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. • https://wpscan.com/vulnerability/63cbe5f4-fe0f-499f-a964-cf4fbedcfa25 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2024-8379 – Cost Calculator Builder < 3.2.29 - Admin+ SQL Injection
https://notcve.org/view.php?id=CVE-2024-8379
The Cost Calculator Builder WordPress plugin before 3.2.29 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Admin. The Cost Calculator Builder plugin for WordPress is vulnerable to SQL Injection via the discount[direction] parameter in all versions up to, and including, 3.2.28 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. • https://wpscan.com/vulnerability/a3463d5a-8215-4958-a6c0-039681c35a50 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2024-8239 – Starbox < 3.5.3 - Contributor+ Stored XSS
https://notcve.org/view.php?id=CVE-2024-8239
The Starbox WordPress plugin before 3.5.3 does not properly render social media profiles URLs in certain contexts, like the malicious user's profile or pages where the starbox shortcode is used, which may be abused by users with at least the contributor role to conduct Stored XSS attacks. The Starbox – the Author Box for Humans plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Twitter URL field in all versions up to, and including, 3.5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://wpscan.com/vulnerability/02796da0-218d-4cbb-98ca-49eeea83cac5 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-7714 – AI Assistant with ChatGPT by AYS <= 2.0.9 - Unauthenticated AJAX Calls
https://notcve.org/view.php?id=CVE-2024-7714
The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 lacks sufficient access controls allowing an unauthenticated user to disconnect the AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 from OpenAI, thereby disabling the AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0. Multiple actions are accessible: 'ays_chatgpt_disconnect', 'ays_chatgpt_connect', and 'ays_chatgpt_save_feedback' The AI ChatBot with ChatGPT and Content Generator by AYS plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions like 'ays_chatgpt_disconnect' hooked via an AJAX action ays_chatgpt_admin_ajax in versions up to, and including, 2.0.9. This makes it possible for unauthenticated attackers to to perform unauthorized actions like disconnecting the plugin. • https://wpscan.com/vulnerability/04447c76-a61b-4091-a510-c76fc8ca5664 • CWE-862: Missing Authorization •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2024-6517 – Contact Form 7 Math Captcha <= 2.0.1 - Reflected XSS
https://notcve.org/view.php?id=CVE-2024-6517
The Contact Form 7 Math Captcha WordPress plugin through 2.0.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users. The Contact Form 7 Math Captcha plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tagname' parameter in all versions up to, and including, 2.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. • https://wpscan.com/vulnerability/d04bab9c-7cb4-4d21-b70b-a4a7fabc3c20 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •