CVE-2024-4372 – Carousel Slider < 2.2.11 - Editor+ Stored XSS
https://notcve.org/view.php?id=CVE-2024-4372
The Carousel Slider WordPress plugin before 2.2.11 does not sanitise and escape some parameters, which could allow users with a role as low as editor to perform Cross-Site Scripting attacks El complemento Carousel Slider de WordPress anterior a 2.2.11 no sanitiza ni escapa a algunos parámetros, lo que podría permitir a los usuarios con un rol tan bajo como el de editor realizar ataques de Cross Site Scripting. The Carousel Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the url view parameter in all versions up to, and including, 2.2.10 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://wpscan.com/vulnerability/13dcfd8a-e378-44b4-af6f-940bc41539a4 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2024-4289 – Sailthru Triggermail <= 1.1 - Reflected XSS
https://notcve.org/view.php?id=CVE-2024-4289
The Sailthru Triggermail WordPress plugin through 1.1 does not sanitise and escape various parameters before outputting them back in pages and attributes, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin El complemento de WordPress Sailthru Triggermail hasta la versión 1.1 no sanitiza ni escapa varios parámetros antes de devolverlos a páginas y atributos, lo que genera Cross Site Scripting Reflejado que podría usarse contra usuarios con altos privilegios, como administradores. The Sailthru Triggermail plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. • https://wpscan.com/vulnerability/072785de-0ce5-42a4-a3fd-4eb1d1a2f1be • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2024-3368 – All in One SEO < 4.6.1.1 - Contributor+ Stored XSS
https://notcve.org/view.php?id=CVE-2024-3368
The All in One SEO WordPress plugin before 4.6.1.1 does not validate and escape some of its Post fields before outputting them back, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks El complemento de WordPress All in One SEO anterior a 4.6.1.1 no valida ni escapa algunos de sus campos de publicación antes de devolverlos, lo que podría permitir a los usuarios con el rol de colaborador y superiores realizar ataques de Cross Site Scripting Almacenado. The All in One SEO – Best WordPress SEO Plugin – Easily Improve SEO Rankings & Increase Traffic plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the meta description in all versions up to, and including, 4.6.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://wpscan.com/vulnerability/ab78b1a5-e28c-406b-baaf-6d53017f9328 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2024-3060 – ENL Newsletter <= 1.0.1 - Admin+ SQL Injection
https://notcve.org/view.php?id=CVE-2024-3060
The ENL Newsletter WordPress plugin through 1.0.1 does not sanitize and escape a parameter before using it in a SQL statement, allowing admin+ to perform SQL injection attacks El complemento ENL Newsletter de WordPress hasta la versión 1.0.1 no sanitiza ni escapa un parámetro antes de usarlo en una declaración SQL, lo que permite a admin+ realizar ataques de inyección SQL. The ENL Newsletter plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 1.0.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with administrator access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. • https://wpscan.com/vulnerability/7740646d-f3ea-4fc7-b35e-8b4a6821e178 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-3231 – Popup4Phone <= 1.3.2 - Unauthenticated Stored XSS
https://notcve.org/view.php?id=CVE-2024-3231
The Popup4Phone WordPress plugin through 1.3.2 does not sanitise and escape some parameters, which could allow unauthenticated users to perform Cross-Site Scripting attacks against admins. El complemento Popup4Phone de WordPress hasta la versión 1.3.2 no sanitiza ni escapa a algunos parámetros, lo que podría permitir a usuarios no autenticados realizar ataques de Cross Site Scripting contra administradores. The Popup4Phone plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://wpscan.com/vulnerability/81dbb5c0-ccdd-4af1-b2f2-71cb1b37fe93 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •