CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2021-26256 – WordPress Survey Maker plugin <= 2.0.6 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2021-26256
Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability discovered in Survey Maker WordPress plugin (versions <= 2.0.6). Se ha detectado una vulnerabilidad de tipo Cross-Site Scripting (XSS) no autenticada en el plugin Survey Maker de WordPress (versiones anteriores a 2.0.6 incluyéndola) • https://patchstack.com/database/vulnerability/survey-maker/wordpress-survey-maker-plugin-2-0-6-unauthenticated-stored-cross-site-scripting-xss-vulnerability https://wordpress.org/plugins/survey-maker/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 56%CPEs: 1EXPL: 3CVE-2021-24931 – Secure Copy Content Protection and Content Locking < 2.8.2 - Unauthenticated SQL Injection
https://notcve.org/view.php?id=CVE-2021-24931
The Secure Copy Content Protection and Content Locking WordPress plugin before 2.8.2 does not escape the sccp_id parameter of the ays_sccp_results_export_file AJAX action (available to both unauthenticated and authenticated users) before using it in a SQL statement, leading to an SQL injection. El plugin Secure Copy Content Protection and Content Locking de WordPress versiones anteriores a 2.8.2, no escapa del parámetro sccp_id de la acción AJAX ays_sccp_results_export_file (disponible para usuarios autenticados y no autenticados) antes de usarlo en una sentencia SQL, conllevando a una inyección SQL WordPress Secure Copy Content Protection and Content Locking plugin version 2.8.1 suffers from a remote SQL injection vulnerability. • https://www.exploit-db.com/exploits/50733 http://packetstormsecurity.com/files/165946/WordPress-Secure-Copy-Content-Protection-And-Content-Locking-2.8.1-SQL-Injection.html https://wpscan.com/vulnerability/1cd52d61-af75-43ed-9b99-b46c471c4231 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24651 – Poll Maker < 3.4.2 - Unauthenticated Time Based SQL Injection
https://notcve.org/view.php?id=CVE-2021-24651
The Poll Maker WordPress plugin before 3.4.2 allows unauthenticated users to perform SQL injection via the ays_finish_poll AJAX action. While the result is not disclosed in the response, it is possible to use a timing attack to exfiltrate data such as password hash. El plugin Poll Maker de WordPress versiones anteriores a 3.4.2, permite a usuarios no autenticados llevar a cabo una inyección SQL por medio de la acción ays_finish_poll AJAX. Mientras que el resultado no se revela en la respuesta, es posible usar un ataque de tiempo para exfiltrar datos como el hash de la contraseña • https://wpscan.com/vulnerability/24f933b0-ad57-4ed3-817d-d637256e2fb1 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') CWE-203: Observable Discrepancy •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-34635 – Poll Maker <= 3.2.8 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2021-34635
The Poll Maker WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the mcount parameter found in the ~/admin/partials/settings/poll-maker-settings.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 3.2.8. El plugin Poll Maker WordPress es vulnerable a un ataque de tipo Cross-Site Scripting Reflejado por medio del parámetro mcount encontrado en el archivo ~/admin/partials/settings/poll-maker-settings.php que permite a atacantes inyectar scripts web arbitrarios, en versiones hasta 3.2.8 incluyéndola • https://plugins.trac.wordpress.org/browser/poll-maker/tags/3.2.8/admin/partials/settings/poll-maker-settings.php#L249 https://www.wordfence.com/vulnerability-advisories/#CVE-2021-34635 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24457 – Portfolio Responsive Gallery < 1.1.8 - Authenticated Blind SQL Injections
https://notcve.org/view.php?id=CVE-2021-24457
The get_portfolios() and get_portfolio_attributes() functions in the class-portfolio-responsive-gallery-list-table.php and class-portfolio-responsive-gallery-attributes-list-table.php files of the Portfolio Responsive Gallery WordPress plugin before 1.1.8 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard Las funciones get_portfolios() y get_portfolio_attributes() de los archivos class-portfolio-responsive-gallery-list-table.php y class-portfolio-responsive-gallery-attributes-list-table.php del plugin Portfolio Responsive Gallery de WordPress versiones anteriores a 1.1.8, no usaban la lista blanca ni comprobaban el parámetro orderby antes de usarlo en las sentencias SQL pasadas a las llamadas a la base de datos get_results(), conllevando a problemas de inyección SQL en el panel de administración • https://wpscan.com/vulnerability/97f4f7da-22a8-42a6-88ac-82e95a6c06dd • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •