6 results (0.003 seconds)

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-10793 – WP Activity Log <= 5.2.1 - Unauthenticated Stored Cross-Site Scripting via User_id Parameter

https://notcve.org/view.php?id=CVE-2024-10793

The WP Activity Log plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the user_id parameter in all versions up to, and including, 5.2.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever an administrative user accesses an injected page. • https://plugins.trac.wordpress.org/browser/wp-security-audit-log/tags/5.2.1/classes/WPSensors/class-wp-system-sensor.php#L679 https://www.wordfence.com/threat-intel/vulnerabilities/id/44f3b2e4-c537-4369-b2d6-39fbc6cb8e08?source=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2022-44587 – WordPress WP 2FA plugin <= 2.6.3 - Sensitive Data Exposure via Log File vulnerability

https://notcve.org/view.php?id=CVE-2022-44587

Insertion of Sensitive Information into Log File vulnerability in WP 2FA allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP 2FA: from n/a through 2.6.3. La vulnerabilidad de inserción de información confidencial en el archivo de registro en WP 2FA permite acceder a la funcionalidad no restringida adecuadamente por las ACL. Este problema afecta a WP 2FA: desde n/a hasta 2.6.3. The WP 2FA – Two-factor authentication for WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.3 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed log files. • https://patchstack.com/database/vulnerability/wp-2fa/wordpress-wp-2fa-plugin-2-6-3-sensitive-data-exposure-via-log-file-vulnerability?_s_id=cve • CWE-532: Insertion of Sensitive Information into Log File •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-1717 – Admin Notices Manager <= 1.4.0 - Missing Authorization to Authenticated (Subscriber+) User Email Retrieval

https://notcve.org/view.php?id=CVE-2024-1717

The Admin Notices Manager plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the handle_ajax_call() function in all versions up to, and including, 1.4.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to retrieve a list of registered user emails. El complemento Admin Notices Manager para WordPress es vulnerable al acceso no autorizado a los datos debido a una falta de verificación de capacidad en la función handle_ajax_call() en todas las versiones hasta la 1.4.0 incluida. Esto hace posible que los atacantes autenticados, con acceso a nivel de suscriptor y superior, recuperen una lista de correos electrónicos de usuarios registrados. • https://plugins.trac.wordpress.org/browser/admin-notices-manager/trunk/vendor/wpwhitesecurity/select2-wpwhitesecurity/load.php#L58 https://www.wordfence.com/threat-intel/vulnerabilities/id/0849d86b-5cf1-4346-a9e9-a54768837969?source=cve • CWE-862: Missing Authorization •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-35650 – WordPress MelaPress Login Security plugin <= 1.3.0 - Remote File Inclusion vulnerability

https://notcve.org/view.php?id=CVE-2024-35650

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Melapress MelaPress Login Security allows PHP Remote File Inclusion.This issue affects MelaPress Login Security: from n/a through 1.3.0. Control inadecuado del nombre de archivo para la declaración Incluir/Requerir en el programa PHP ('Inclusión remota de archivos PHP') vulnerabilidad en Melapress MelaPress Login Security permite la inclusión remota de archivos PHP. Este problema afecta la seguridad de inicio de sesión de MelaPress: desde n/a hasta 1.3.0. The MelaPress Login Security plugin for WordPress is vulnerable to Remote File Inclusion in all versions up to, and including, 1.3.0 via the 'tab' parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, to include and execute arbitrary files hosted on remote servers, allowing the execution of any PHP code in those files. • https://patchstack.com/database/vulnerability/melapress-login-security/wordpress-melapress-login-security-plugin-1-3-0-remote-file-inclusion-vulnerability?_s_id=cve • CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') CWE-829: Inclusion of Functionality from Untrusted Control Sphere •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-6520 – WP 2FA – Two-factor authentication for WordPress <= 2.5.0 - Cross-Site Request Forgery

https://notcve.org/view.php?id=CVE-2023-6520

The WP 2FA – Two-factor authentication for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.5.0. This is due to missing or incorrect nonce validation on the send_backup_codes_email function. This makes it possible for unauthenticated attackers to send emails with arbitrary content to registered users via a forged request granted they can trick a site administrator or other registered user into performing an action such as clicking on a link. While a nonce check is present, it is only executed if a nonce is set. By omitting a nonce from the request, the check can be bypassed. • https://plugins.trac.wordpress.org/browser/wp-2fa/trunk/includes/classes/Admin/class-setup-wizard.php?rev=2940688#L606 https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3009922%40wp-2fa&new=3009922%40wp-2fa&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/0af451be-2477-453c-a230-7f3fb804398b?source=cve • CWE-352: Cross-Site Request Forgery (CSRF) •