CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-23882 – WordPress Ultimate Addons for Beaver Builder – Lite Plugin <= 1.5.5 is vulnerable to Broken Access Control
https://notcve.org/view.php?id=CVE-2023-23882
Missing Authorization vulnerability in Brainstorm Force Ultimate Addons for Beaver Builder – Lite.This issue affects Ultimate Addons for Beaver Builder – Lite: from n/a through 1.5.5. Vulnerabilidad de autorización faltante en Brainstorm Force Ultimate Addons para Beaver Builder – Lite. Este problema afecta a Ultimate Addons para Beaver Builder – Lite: desde n/a hasta 1.5.5. The Ultimate Addons for Beaver Builder – Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.5.4. This is due to missing or incorrect nonce validation on the reload_icons function. • https://patchstack.com/database/vulnerability/ultimate-addons-for-beaver-builder-lite/wordpress-ultimate-addons-for-beaver-builder-lite-plugin-1-5-5-broken-access-control-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) CWE-862: Missing Authorization •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 1CVE-2021-42360 – Starter Templates — Elementor, Gutenberg & Beaver Builder Templates <= 2.7.0 Authenticated Block Import to Stored XSS
https://notcve.org/view.php?id=CVE-2021-42360
On sites that also had the Elementor plugin for WordPress installed, it was possible for users with the edit_posts capability, which includes Contributor-level users, to import blocks onto any page using the astra-page-elementor-batch-process AJAX action. An attacker could craft and host a block containing malicious JavaScript on a server they controlled, and then use it to overwrite any post or page by sending an AJAX request with the action set to astra-page-elementor-batch-process and the url parameter pointed to their remotely-hosted malicious block, as well as an id parameter containing the post or page to overwrite. Any post or page that had been built with Elementor, including published pages, could be overwritten by the imported block, and the malicious JavaScript in the imported block would then be executed in the browser of any visitors to that page. En los sitios que también tenían instalado el plugin de Elementor para WordPress, era posible que usuarios con la capacidad edit_posts, que incluye a usuarios de nivel Contributor, importaran bloques en cualquier página usando la acción AJAX astra-page-elementor-batch-process. Un atacante podía diseñar y alojar un bloque que contuviera JavaScript malicioso en un servidor que controlara, y luego usarlo para sobrescribir cualquier publicación o página enviando una petición AJAX con la acción establecida como astra-page-elementor-batch-process y el parámetro url apuntando a su bloque malicioso alojado remotamente, así como un parámetro id que contuviera la publicación o página a sobrescribir. • https://www.wordfence.com/blog/2021/11/over-1-million-sites-impacted-by-vulnerability-in-starter-templates-plugin • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-99: Improper Control of Resource Identifiers ('Resource Injection') CWE-284: Improper Access Control CWE-862: Missing Authorization •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2CVE-2021-24507 – Astra Pro Addon < 3.5.2 - Unauthenticated SQL Injection
https://notcve.org/view.php?id=CVE-2021-24507
The Astra Pro Addon WordPress plugin before 3.5.2 did not properly sanitise or escape some of the POST parameters from the astra_pagination_infinite and astra_shop_pagination_infinite AJAX action (available to both unauthenticated and authenticated user) before using them in SQL statement, leading to an SQL Injection issues El plugin Astra Pro Addon WordPress versiones anteriores a 3.5.2, no saneaba o escapaba apropiadamente algunos de los parámetros POST de las acciones AJAX astra_pagination_infinite y astra_shop_pagination_infinite (disponibles tanto para usuarios no autenticados como autenticados) antes de usarlos en una sentencia SQL, conllevando a un problema de inyección SQL • https://github.com/RandomRobbieBF/CVE-2021-24507 https://wpastra.com/changelog/astra-pro-addon https://wpscan.com/vulnerability/a1a0dc0b-c351-4d46-ac9b-b297ce4d251c • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2021-24271 – Ultimate Addons for Elementor < 1.30.0 - Contributor+ Stored XSS
https://notcve.org/view.php?id=CVE-2021-24271
The “Ultimate Addons for Elementor” WordPress Plugin before 1.30.0 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method. El Plugin de WordPress "Ultimate Addons for Elementor" versiones anteriores a 1.30.0, presenta varios widgets que son vulnerables a un ataque de tipo Cross-Site Scripting (XSS) almacenado por usuarios con menos privilegios, como los contribuyentes, todo por medio de un método similar The Ultimate Addons for Elementor WordPress Plugin before 1.30.0 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method. • https://wpscan.com/vulnerability/1ce8e188-6ded-413e-b4d1-bf80258acf79 https://www.wordfence.com/blog/2021/04/recent-patches-rock-the-elementor-ecosystem • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2021-24256 – Elementor - Header, Footer & Blocks Template < 1.5.8 - Contributor+ Stored XSS
https://notcve.org/view.php?id=CVE-2021-24256
The “Elementor – Header, Footer & Blocks Template” WordPress Plugin before 1.5.8 has two widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method. El Plugin de WordPress "Elementor - Header, Footer & Blocks Template" versiones anteriores a 1.5.8, presenta dos widgets que son vulnerables a un ataque de tipo Cross-Site Scripting (XSS) almacenado por parte de usuarios con menos privilegios, como los contribuyentes, todo por medio de un método similar • https://wpscan.com/vulnerability/a9412fed-aed3-4931-a504-1a86f876892e https://www.wordfence.com/blog/2021/04/recent-patches-rock-the-elementor-ecosystem • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •