CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10913 – Clone <= 2.4.6 - Unauthenticated PHP Object Injection via 'recursive_unserialized_replace'
https://notcve.org/view.php?id=CVE-2024-10913
The Clone plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.4.6 via deserialization of untrusted input in the 'recursive_unserialized_replace' function. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. El complemento Clone para WordPress es vulnerable a la inyección de objetos PHP en todas las versiones hasta la 2.4.6 incluida, a través de la deserialización de entradas no confiables en la función 'recursive_unserialized_replace'. • https://plugins.trac.wordpress.org/browser/wp-clone-by-wp-academy//tags/2.4.6/lib/icit_srdb_replacer.php#L24 https://plugins.trac.wordpress.org/browser/wp-clone-by-wp-academy/tags/2.4.7/lib/icit_srdb_replacer.php#L24 https://www.wordfence.com/threat-intel/vulnerabilities/id/16569267-ab52-4b96-86f0-d37c470a3938?source=cve • CWE-502: Deserialization of Untrusted Data •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-6750 – Clone < 2.4.3 - Unauthenticated Backup Download
https://notcve.org/view.php?id=CVE-2023-6750
The Clone WordPress plugin before 2.4.3 uses buffer files to store in-progress backup informations, which is stored at a publicly accessible, statically defined file path. El complemento Clone de WordPress anterior a 2.4.3 utiliza archivos de búfer para almacenar información de copia de seguridad en progreso, que se almacena en una ruta de archivo definida estáticamente y de acceso público. The Clone plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.4.2. This makes it possible for unauthenticated attackers to download database backups made with the plugin resulting in the potential of a complete site takeover. • https://wpscan.com/vulnerability/fad9eefe-4552-4d20-a1fd-bb2e172ec8d7 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 11EXPL: 0CVE-2023-0958 – Inisev Plugins (Various Versions) - Missing Authorization on handle_installation function
https://notcve.org/view.php?id=CVE-2023-0958
Several plugins for WordPress by Inisev are vulnerable to unauthorized installation of plugins due to a missing capability check on the handle_installation function that is called via the inisev_installation AJAX aciton in various versions. This makes it possible for authenticated attackers with minimal permissions, such as subscribers, to install select plugins from Inisev on vulnerable sites. CVE-2023-38514 appears to be a duplicate of this vulnerability. • https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.2.7/includes/banner/misc.php#L427 https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.2.8/includes/banner/misc.php#L434 https://plugins.trac.wordpress.org/browser/copy-delete-posts/tags/1.3.8/banner/misc.php#L426 https://plugins.trac.wordpress.org/browser/copy-delete-posts/tags/1.4.0/banner/misc.php#L434 https://plugins.trac.wordpress.org/browser/enhanced-text-widget/tags/1.5.6/banner/misc.php#L339 • CWE-862: Missing Authorization •
CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 18CVE-2023-3977 – Inisev Plugins (Various Versions) - Cross-Site Request Forgery on handle_installation function
https://notcve.org/view.php?id=CVE-2023-3977
Several plugins for WordPress by Inisev are vulnerable to Cross-Site Request Forgery to unauthorized installation of plugins due to a missing nonce check on the handle_installation function that is called via the inisev_installation AJAX aciton in various versions. This makes it possible for unauthenticated attackers to install plugins from the limited list via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. • https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.2.7/includes/banner/misc.php#L427 https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.2.8/includes/banner/misc.php#L434 https://plugins.trac.wordpress.org/browser/copy-delete-posts/tags/1.3.8/banner/misc.php#L426 https://plugins.trac.wordpress.org/browser/copy-delete-posts/tags/1.4.0/banner/misc.php#L434 https://plugins.trac.wordpress.org/browser/enhanced-text-widget/tags/1.5.6/banner/misc.php#L339 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2007-3575
https://notcve.org/view.php?id=CVE-2007-3575
SQL injection vulnerability in includes/functions in FreeDomain.co.nr Clone allows remote attackers to execute arbitrary SQL commands via the logindomain parameter to members.php. Vulnerabilidad de inyección SQL en includes/functions de FreeDomain.co.nr Clone permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro logindomain de members.php. • http://osvdb.org/45741 http://securityreason.com/securityalert/2862 http://www.securityfocus.com/archive/1/472656/100/0/threaded http://www.securityfocus.com/bid/24737 https://exchange.xforce.ibmcloud.com/vulnerabilities/35366 •