CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2024-3241 – Ultimate Blocks < 3.1.7 - Contributor+ Stored XSS
https://notcve.org/view.php?id=CVE-2024-3241
The Ultimate Blocks WordPress plugin before 3.1.7 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks El complemento Ultimate Blocks de WordPress anterior a 3.1.7 no valida ni escapa algunas de sus opciones de bloqueo antes de devolverlas a una página/publicación donde está incrustado el bloque, lo que podría permitir a los usuarios con el rol de colaborador y superior realizar ataques de Cross-Site Scripting Almacenado The Ultimate Blocks – WordPress Blocks Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Advanced Heading Widget in all versions up to, and including, 3.1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://wpscan.com/vulnerability/a645daee-42ea-43f8-9480-ef3be69606e0 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 2CVE-2024-3239 – PostX < 4.0.2 - Contributor+ Stored XSS
https://notcve.org/view.php?id=CVE-2024-3239
The Post Grid Gutenberg Blocks and WordPress Blog Plugin WordPress plugin before 4.0.2 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks El complemento The Post Grid Gutenberg Blocks and WordPress Blog Plugin para WordPress anterior a 4.0.2 no valida ni escapa algunas de sus opciones de bloqueo antes de devolverlas a una página/publicación donde está incrustado el bloque, lo que podría permitir a los usuarios con el rol de colaborador y superior para realizar ataques de Cross-Site Scripting Almacenado The Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 4.0.1 due to insufficient input sanitization and output escaping on user supplied block attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://github.com/NN0b0dy/CVE-2024-32399 https://wpscan.com/vulnerability/dfa1421b-41b0-4b25-95ef-0843103e1f5e • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 1CVE-2024-2749 – VikBooking < 1.6.8 - Broken Access Control
https://notcve.org/view.php?id=CVE-2024-2749
The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.6.8's access control mechanism fails to properly restrict access to its settings, permitting any users that can access a menu to manipulate requests and perform unauthorized actions such as editing, renaming or deleting (categories for example) despite initial settings prohibiting such access. This vulnerability resembles broken access control, enabling unauthorized users to modify critical VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.6.8 configurations. El complemento VikBooking Hotel Booking Engine & PMS WordPress anterior a 1.6.8 no restringe adecuadamente el acceso a su configuración, lo que permite a cualquier usuario que pueda acceder a un menú manipular solicitudes y realizar acciones no autorizadas como editar, cambiar el nombre o eliminar (categorías para ejemplo) a pesar de que la configuración inicial prohíbe dicho acceso. Esta vulnerabilidad se asemeja a un control de acceso roto, lo que permite a usuarios no autorizados modificar el complemento crítico de VikBooking Hotel Booking Engine y PMS WordPress antes de las configuraciones 1.6.8. The VikBooking Hotel Booking Engine & PMS plugin for WordPress is vulnerable to unauthorized access due to insufficient capability checking in all versions up to, and including, 1.6.7. • https://wpscan.com/vulnerability/c0640d3a-80b3-4cad-a3cf-fb5d86558e91 • CWE-284: Improper Access Control CWE-862: Missing Authorization •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2024-3941 – reCAPTCHA Jetpack <= 0.2.2 - Stored XSS via CSRF
https://notcve.org/view.php?id=CVE-2024-3941
The reCAPTCHA Jetpack WordPress plugin through 0.2.2 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged-in admin add Stored XSS payloads via a CSRF attack. El complemento reCAPTCHA Jetpack WordPress hasta la versión 0.2.2 no tiene verificación CSRF en algunos lugares y le falta sanitización y escape, lo que podría permitir a los atacantes hacer que el administrador conectado agregue payloads XSS almacenado a través de un ataque CSRF. The reCAPTCHA Jetpack plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.2.2. This is due to missing or incorrect nonce validation on the recaptcha-jetpack page. This makes it possible for unauthenticated attackers to inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. • https://wpscan.com/vulnerability/6e09e922-983c-4406-8053-747d839995d1 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-2441 – VikBooking < 1.6.8 - Insecure Direct Object References
https://notcve.org/view.php?id=CVE-2024-2441
The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.6.8 allows direct access to menus, allowing an authenticated user with subscriber privileges or above, to bypass authorization and access settings of the VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.6.8's they shouldn't be allowed to. El complemento VikBooking Hotel Booking Engine & PMS WordPress anterior a 1.6.8 permite el acceso directo a los menús, lo que permite a un usuario autenticado con privilegios de suscriptor o superiores omitir la autorización y acceder a la configuración del complemento VikBooking Hotel Booking Engine & PMS WordPress anterior a 1.6.8. no debería permitírselo. The VikBooking Hotel Booking Engine & PMS plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.6.7 via the option endpoint due to missing validation on the 'task' user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view menus they shouldn't have access to. • https://wpscan.com/vulnerability/9647e273-5724-4a02-868d-9b79f4bb2b79 • CWE-639: Authorization Bypass Through User-Controlled Key •