CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2024-2375 – WPQA < 6.1.1 - Contributor+ Stored XSS
https://notcve.org/view.php?id=CVE-2024-2375
The WPQA Builder WordPress plugin before 6.1.1 does not sanitise and escape some of its Slider settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks El complemento WPQA Builder WordPress anterior a 6.1.1 no sanitiza ni escapa a algunas de sus configuraciones del control deslizante, lo que podría permitir a usuarios con altos privilegios, como los contribuyentes, realizar ataques de Cross-Site Scripting Almacenado. The WPQA - Builder forms Addon For WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via slider settings in all versions up to, and including, 6.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://wpscan.com/vulnerability/3d144e1c-a1f4-4c5a-93e2-4296a96d4ba2 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-2376 – WPQA < 6.1.1 - Arbitrary Category and Tag Follow/Unfollow via CSRF
https://notcve.org/view.php?id=CVE-2024-2376
The WPQA Builder WordPress plugin before 6.1.1 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks El complemento WPQA Builder WordPress anterior a 6.1.1 no tiene comprobaciones CSRF en algunos lugares, lo que podría permitir a los atacantes hacer que los usuarios que han iniciado sesión realicen acciones no deseadas a través de ataques CSRF. The WPQA Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.1.0. This is due to missing or incorrect nonce validation on several AJAX actions. This makes it possible for unauthenticated attackers to perform unauthorized actions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. • https://wpscan.com/vulnerability/bdd2e323-d589-4050-bc27-5edd2507a818 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2022-3343 – WPQA < 5.9.3 - Missing validation lead to functionality abuse
https://notcve.org/view.php?id=CVE-2022-3343
The WPQA Builder WordPress plugin before 5.9.3 (which is a companion plugin used with Discy and Himer Discy WordPress themes) incorrectly tries to validate that a user already follows another in the wpqa_following_you_ajax action, allowing a user to inflate their score on the site by having another user send repeated follow actions to them. El complemento WPQA Builder de WordPress anterior a 5.9.3 (que es un complemento complementario utilizado con los temas de WordPress de Discy y Himer Discy) intenta validar incorrectamente que un usuario ya sigue a otro en la acción wpqa_following_you_ajax, lo que permite al usuario inflar su puntuación en el sitio hacer que otro usuario les envíe acciones de seguimiento repetidas. The WPQA - Builder forms Addon For WordPress plugin is vulnerable to insecure direct object reference in versions up to, and including, 5.9.2 along with the Himer (<= 1.9.3) and Discy (<= 5.5.3) WordPress themes. This is due to insufficient validation of user follows on the wpqa_following_you_ajax action. This makes it possible for authenticated attackers with subscriber-level capabilities and above to inflate follower counts of others by sending repeat follow requests. • https://wpscan.com/vulnerability/e507b1b5-1a56-4b2f-b7e7-e22f6da1e32a • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-3688 – WPQA < 5.9 - Follow/Unfollow via CSRF
https://notcve.org/view.php?id=CVE-2022-3688
The WPQA Builder WordPress plugin before 5.9 does not have CSRF check when following and unfollowing users, which could allow attackers to make logged in users perform such actions via CSRF attacks El complemento de WordPress WPQA Builder anterior a 5.9 no tiene verificación CSRF al seguir y dejar de seguir a los usuarios, lo que podría permitir a los atacantes hacer que los usuarios que han iniciado sesión realicen tales acciones a través de ataques CSRF. The WPQA plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, but not including, 5.9. This is due to missing or incorrect nonce validation on some of its functions. This makes it possible for unauthenticated attackers to invoke these functions leading users to follow or unfollow others, via forged request granted they can trick a site user into performing an action such as clicking on a link. • https://wpscan.com/vulnerability/03b2c6e6-b86e-4143-a84a-7a99060c4848 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-2198 – WPQA < 5.7 - Subscriber+ Private Message Disclosure via IDOR
https://notcve.org/view.php?id=CVE-2022-2198
The WPQA Builder WordPress plugin before 5.7 which is a companion plugin to the Hilmer and Discy , does not check authorization before displaying private messages, allowing any logged in user to read other users private message using the message id, which can easily be brute forced. El plugin WPQA Builder de WordPress versiones anteriores a 5.7, que es un plugin complementario de Hilmer y Discy, no comprueba la autorización antes de mostrar los mensajes privados, lo que permite a cualquier usuario conectado leer los mensajes privados de otros usuarios usando el identificador del mensaje, que puede ser fácilmente forzado. • https://wpscan.com/vulnerability/867248f2-d497-4ea8-b3f8-0f2e8aaaa2bd • CWE-639: Authorization Bypass Through User-Controlled Key •