CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2023-7085 – Scalable Vector Graphics (SVG) <= 3.4 - Author+ Stored XSS via SVG
https://notcve.org/view.php?id=CVE-2023-7085
The Scalable Vector Graphics (SVG) WordPress plugin through 3.4 does not sanitize uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads. El complemento Scalable Vector Graphics (SVG) de WordPress hasta la versión 3.4 no sanitiza los archivos SVG cargados, lo que podría permitir a los usuarios con un rol tan bajo como Autor cargar un SVG malicioso que contenga payloads XSS. The Scalable Vector Graphics (SVG) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVGs in all versions up to, and including, 3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://wpscan.com/vulnerability/a2ec1308-75a0-49d0-9288-33c6d9ee4328 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-0858 – Innovs HR <= 1.0.3.4 - Employee Creation via CSRF
https://notcve.org/view.php?id=CVE-2024-0858
The Innovs HR WordPress plugin through 1.0.3.4 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks such as adding them as employees. El complemento Innovs HR de WordPress hasta la versión 1.0.3.4 no tiene comprobaciones CSRF en algunos lugares, lo que podría permitir a los atacantes hacer que los usuarios que han iniciado sesión realicen acciones no deseadas a través de ataques CSRF, como agregarlos como empleados. The Innovs HR – Complete Human Resource Management System for Your Business plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.3.4. This is due to missing or incorrect nonce validation on the innovs_hrm_ajax_request AJAX action. This makes it possible for unauthenticated attackers to perform unauthorized actions such as adding themselves as an employee via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. • https://wpscan.com/vulnerability/f6627a35-d158-495e-9d56-69405cfca221 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 1CVE-2024-0365 – Fancy Product Designer < 6.1.5 - Admin+ SQL Injection
https://notcve.org/view.php?id=CVE-2024-0365
The Fancy Product Designer WordPress plugin before 6.1.5 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by adminstrators. El complemento Fancy Product Designer de WordPress anterior a 6.1.5 no sanitiza ni escapa adecuadamente un parámetro antes de usarlo en una declaración SQL, lo que genera una inyección de SQL explotable por los administradores. The Fancy Product Designer plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 6.1.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. • https://wpscan.com/vulnerability/4b8b9638-d52a-40bc-b298-ae1c74788c18 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 1CVE-2024-0559 – Enhanced Text Widget < 1.6.6 - Admin+ Stored XSS
https://notcve.org/view.php?id=CVE-2024-0559
The Enhanced Text Widget WordPress plugin before 1.6.6 does not validate and escape some of its Widget options before outputting them back in attributes, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) El complemento Enhanced Text Widget de WordPress anterior a 1.6.6 no valida ni escapa algunas de sus opciones de widget antes de devolverlas en atributos, lo que podría permitir a usuarios con privilegios elevados, como el administrador, realizar ataques de Cross-Site Scripting Almacenado incluso cuando la capacidad unfiltered_html no está permitida (por ejemplo, en una configuración multisitio) The Enhanced Text Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via widget options in all versions up to, and including, 1.6.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. • https://research.cleantalk.org/cve-2024-0559 https://wpscan.com/vulnerability/b257daf2-9540-4a0f-a560-54b47d2b913f • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 1CVE-2024-0951 – Advanced Social Feeds Widget & Shortcode <= 1.7 - Admin+ Stored XSS
https://notcve.org/view.php?id=CVE-2024-0951
The Advanced Social Feeds Widget & Shortcode WordPress plugin through 1.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) El complemento Advanced Social Feeds Widget & Shortcode de WordPress hasta la versión 1.7 no sanitiza ni escapa a algunas de sus configuraciones, lo que podría permitir a usuarios con altos privilegios, como el administrador, realizar ataques de Cross-Site Scripting Almacenado incluso cuando la capacidad unfiltered_html no está permitida (por ejemplo, en una configuración multisitio) The Advanced Social Feeds Widget & Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. • https://wpscan.com/vulnerability/88b2e479-eb15-4213-9df8-3d353074974e • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •