4 results (0.005 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

The BulletProof Security WordPress plugin before 6.1 does not sanitize and escape some of its CAPTCHA settings, which could allow high-privileged users to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed El plugin BulletProof Security de WordPress versiones anteriores a 6.1, no sanea y escapa de algunos de sus ajustes CAPTCHA, lo que podría permitir a usuarios con altos privilegios llevar a cabo ataques de tipo Cross-Site Scripting incluso cuando unfiltered_html está deshabilitado • https://wpscan.com/vulnerability/9b66819d-8479-4c0b-b206-7f7ff769f758 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1

The BulletProof Security WordPress plugin before 5.8 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. El plugin BulletProof Security de WordPress versiones anteriores a 5.8, no sanea y escapa de algunas de sus configuraciones, lo que podría permitir a usuarios con altos privilegios llevar a cabo ataques de tipo Cross-Site Scripting incluso cuando la capacidad unfiltered_html está deshabilitada • https://wpscan.com/vulnerability/08b66b69-3c69-4a1e-9c0a-5697e31bc04e • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.3EPSS: 45%CPEs: 1EXPL: 3

The BulletProof Security WordPress plugin is vulnerable to sensitive information disclosure due to a file path disclosure in the publicly accessible ~/db_backup_log.txt file which grants attackers the full path of the site, in addition to the path of database backup files. This affects versions up to, and including, 5.1. El plugin BulletProof Security de WordPress es vulnerable a una divulgación de información confidencial debido a una divulgación de la ruta de archivos en el archivo ~/db_backup_log.txt de acceso público que otorga a los atacantes la ruta completa del sitio, además de la ruta de los archivos de copia de seguridad de la base de datos. Esto afecta a las versiones hasta la 5.1, incluyéndola The Wordpress plugin BulletProof Security, versions less than or equal to 5.1, suffers from an information disclosure vulnerability, in that the db_backup_log.txt is publicly accessible. If the backup functionality is being utilized, this file will disclose where the backup files can be downloaded. • https://www.exploit-db.com/exploits/50382 http://packetstormsecurity.com/files/164420/WordPress-BulletProof-Security-5.1-Information-Disclosure.html https://github.com/Hacker5preme/Exploits/tree/main/Wordpress/CVE-2021-39327 https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2591118%40bulletproof-security&new=2591118%40bulletproof-security&sfp_email=&sfph_mail= https://www.wordfence.com/vulnerability-advisories/#CVE-2021-39327 https://github.com/Hacker5preme/Exploits/blob/main/Wordp • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-459: Incomplete Cleanup •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

Server-side request forgery (SSRF) vulnerability in admin/htaccess/bpsunlock.php in the BulletProof Security plugin before .51.1 for WordPress allows remote attackers to trigger outbound requests that authenticate to arbitrary databases via the dbhost parameter. Vulnerabilidad de SSRF en admin/htaccess/bpsunlock.php en el plugin BulletProof Security anterior a .51.1 para WordPress permite a atacantes remotos provocar solicitudes salientes que autentican en bases de datos arbitrarias a través del parámetro dbhost. WordPress Bulletproof-Security version .51 suffers from SSRF, cross site scripting, and remote SQL injection vulnerabilities. • http://seclists.org/fulldisclosure/2014/Nov/13 https://wordpress.org/plugins/bulletproof-security/changelog • CWE-918: Server-Side Request Forgery (SSRF) •