CVE-2023-6526 – Meta Box – WordPress Custom Fields Framework <= 5.9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2023-6526
The Meta Box – WordPress Custom Fields Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom post meta values displayed through the plugin's shortcode in all versions up to, and including, 5.9.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. El complemento Meta Box – WordPress Custom Fields Framework para WordPress es vulnerable a Cross-Site Scripting Almacenado a través de metavalores de publicación personalizados que se muestran a través del código abreviado del complemento en todas las versiones hasta la 5.9.2 incluida debido a una sanitización de entrada y un escape de salida insuficientes. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten scripts web arbitrarios en páginas que se ejecutarán cada vez que un usuario acceda a una página inyectada. • https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3030376%40meta-box&new=3030376%40meta-box&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/2a6bfc87-6135-4d49-baa2-e8e6291148dc?source=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2019-14793 – Meta Box - WordPress Custom Fields Framework <= 4.16.2 - File Deletion via attachment_id Parameter
https://notcve.org/view.php?id=CVE-2019-14793
The Meta Box plugin before 4.16.3 for WordPress allows file deletion via ajax, with the wp-admin/admin-ajax.php?action=rwmb_delete_file attachment_id parameter. El plugin Meta Box en versiones anteriores a 4.16.3 para WordPress, permite la eliminación de archivos por medio de ajax, con el parámetro wp-admin/admin-ajax.php?action=rwmb_delete_file attachment_id. • https://metabox.io/changelog https://www.pluginvulnerabilities.com/2019/02/01/full-disclosure-of-authenticated-arbitrary-file-deletion-vulnerability-in-wordpress-plugin-with-300000-installs • CWE-862: Missing Authorization •
CVE-2019-14794 – Meta Box <= 4.16.1 - Mishandling of File Upload
https://notcve.org/view.php?id=CVE-2019-14794
The Meta Box plugin before 4.16.2 for WordPress mishandles the uploading of files to custom folders. El plugin Meta Box en versiones anteriores a 4.16.2 para WordPress, maneja inapropiadamente la carga de archivos hacia carpetas personalizadas. • https://metabox.io/changelog • CWE-19: Data Processing Errors CWE-73: External Control of File Name or Path •