CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-0677 – Pz-LinkCard <= 2.5.1 - Contributor+ SSRF
https://notcve.org/view.php?id=CVE-2024-0677
The Pz-LinkCard WordPress plugin through 2.5.1 does not prevent users from pinging arbitrary hosts via some of its shortcodes, which could allow high privilege users such as contributors to perform SSRF attacks. El complemento Pz-LinkCard de WordPress hasta la versión 2.5.1 no impide que los usuarios hagan ping a hosts arbitrarios a través de algunos de sus códigos cortos, lo que podría permitir a usuarios con altos privilegios, como los contribuyentes, realizar ataques SSRF. The Pz-LinkCard plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.5.2 via shortcode. This makes it possible for authenticated attackers, with contributor access or higher, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. • https://wpscan.com/vulnerability/0f7757c9-69fa-49db-90b0-40f0ff29bee7 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2024-0673 – Pz-LinkCard <= 2.5.1 - Admin+ Stored XSS
https://notcve.org/view.php?id=CVE-2024-0673
The Pz-LinkCard WordPress plugin through 2.5.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed El complemento Pz-LinkCard para WordPress hasta la versión 2.5.1 no sanitiza ni escapa a algunas de sus configuraciones, lo que podría permitir a usuarios con privilegios elevados, como el administrador, realizar ataques de cross-site scripting incluso cuando unfiltered_html no está permitido. The Pz-LinkCard plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. • https://wpscan.com/vulnerability/d80e725d-356a-4997-a352-33565e291fc8 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-7232 – Backup and Restore WordPress <= 1.45 - Unauthenticated Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2023-7232
The Backup and Restore WordPress WordPress plugin through 1.45 does not protect some log files containing sensitive information such as site configuration etc, allowing unauthenticated users to access such data El complemento Backup and Restore WordPress de WordPress hasta la versión 1.45 no protege algunos archivos de registro que contienen información confidencial, como la configuración del sitio, etc., lo que permite a usuarios no autenticados acceder a dichos datos. The Backup and Restore WordPress – Backup Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.45 via log files. This makes it possible for unauthenticated attackers to extract potentially sensitive information via log files. • https://wpscan.com/vulnerability/323fef8a-aa17-4698-9a02-c12d1d390763 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-1745 – Testimonial Slider < 2.3.7 - Author+ Settings Update
https://notcve.org/view.php?id=CVE-2024-1745
The Testimonial Slider WordPress plugin before 2.3.7 does not properly ensure that a user has the necessary capabilities to edit certain sensitive Testimonial Slider WordPress plugin before 2.3.7 settings, making it possible for users with at least the Author role to edit them. El complemento Testimonial Slider de WordPress anterior a 2.3.7 no garantiza adecuadamente que un usuario tenga las capacidades necesarias para editar ciertas configuraciones sensibles del complemento Testimonial Slider de WordPress anterior a 2.3.7, lo que hace posible que los usuarios con al menos el rol de Autor puedan editarlas. The Testimonial Slider plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tssSettingsUpdate() function in all versions up to, and including, 2.3.6. This makes it possible for authenticated attackers, with author-level access and above, to update the plugin's settings. • https://wpscan.com/vulnerability/b63bbfeb-d6f7-4c33-8824-b86d64d3f598 • CWE-862: Missing Authorization •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-1564 – Schema Pro < 2.7.16 - Contributor+ Custom Field Access
https://notcve.org/view.php?id=CVE-2024-1564
The wp-schema-pro WordPress plugin before 2.7.16 does not validate post access allowing a contributor user to access custom fields on any post regardless of post type or status via a shortcode El complemento wp-schema-pro de WordPress anterior a 2.7.16 no valida el acceso a la publicación, lo que permite a un usuario colaborador acceder a campos personalizados en cualquier publicación, independientemente del tipo o estado de la publicación a través de un código corto. The Schema Pro plugin for WordPress is vulnerable to unauthorized access of data due to a missing or incorrect capability check in all versions up to, and including 2.7.15. This makes it possible for authenticated attackers, with contributor-level access and above, to access arbitrary custom fields. • https://wpscan.com/vulnerability/ecb1e36f-9c6e-4754-8878-03c97194644d • CWE-863: Incorrect Authorization •