CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 9CVE-2024-2023 – Folders <= 3.0 and Folders Pro <= 3.0.2 - Directory Traversal via handle_folders_file_upload
https://notcve.org/view.php?id=CVE-2024-2023
The Folders and Folders Pro plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.0 in Folders and 3.0.2 in Folders Pro via the 'handle_folders_file_upload' function. This makes it possible for authenticated attackers, with author access and above, to upload files to arbitrary locations on the server. El complemento Folders and Folders Pro para WordPress es vulnerable a Directory Traversal en todas las versiones hasta la 3.0 en Folders y la 3.0.2 en Folders Pro a través de la función 'handle_folders_file_upload'. Esto hace posible que atacantes autenticados, con acceso de autor y superior, carguen archivos en ubicaciones arbitrarias del servidor. • https://github.com/W01fh4cker/CVE-2024-27198-RCE https://github.com/dinosn/CVE-2024-20931 https://github.com/duy-31/CVE-2023-46805_CVE-2024-21887 https://github.com/seajaysec/Ivanti-Connect-Around-Scan https://github.com/raminkarimkhani1996/CVE-2023-46805_CVE-2024-21887 https://github.com/team890/CVE-2023-2024 https://github.com/actuator/yi https://github.com/mickdec/CVE-2023-46805_CVE-2024-21887_scan_grouped https://github.com/UnHackerEnCapital/PDFernetRemotelo https://plugins. • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 50CVE-2024-2024 – Folders Pro <= 3.0.2 - Authenticated(Author+) Arbitrary File Upload via handle_folders_file_upload
https://notcve.org/view.php?id=CVE-2024-2024
The Folders Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'handle_folders_file_upload' function in all versions up to, and including, 3.0.2. This makes it possible for authenticated attackers, with author access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. El complemento Folders Pro para WordPress es vulnerable a cargas de archivos arbitrarias debido a la falta de validación del tipo de archivo en la función 'handle_folders_file_upload' en todas las versiones hasta la 3.0.2 incluida. Esto hace posible que atacantes autenticados, con acceso de autor y superior, carguen archivos arbitrarios en el servidor del sitio afectado, lo que puede hacer posible la ejecución remota de código. • https://github.com/Notselwyn/CVE-2024-1086 https://github.com/amalmurali47/git_rce https://github.com/zgzhang/cve-2024-6387-poc https://github.com/acrono/cve-2024-6387-poc https://github.com/amlweems/xzbot https://github.com/h4x0r-dz/CVE-2024-23897 https://github.com/h4x0r-dz/CVE-2024-3400 https://github.com/h4x0r-dz/CVE-2024-21762 https://github.com/h4x0r-dz/CVE-2024-21893.py https://github.com/hakaioffsec/CVE-2024-21338 https://github.com/varwara/CVE • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-7048 – My Sticky Bar <= 2.6.6 - Cross-Site Request Forgery to Sensitive Information Exposure
https://notcve.org/view.php?id=CVE-2023-7048
The My Sticky Bar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.6. This is due to missing or incorrect nonce validation in mystickymenu-contact-leads.php. This makes it possible for unauthenticated attackers to trigger the export of a CSV file containing contact leads via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Because the CSV file is exported to a public location, it can be downloaded during a very short window of time before it is automatically deleted by the export function. El complemento My Sticky Bar para WordPress es vulnerable a Cross-Site Request Forgery en todas las versiones hasta la 2.6.6 incluida. • https://plugins.trac.wordpress.org/changeset/3016780/mystickymenu https://www.wordfence.com/threat-intel/vulnerabilities/id/be0ab40f-cff7-48bd-8dae-cc50af047151?source=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47759 – WordPress Chaty Plugin <= 3.1.2 is vulnerable to Cross Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2023-47759
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Premio Chaty plugin <= 3.1.2 versions. Vulnerabilidad de neutralización inadecuada de la entrada durante la generación de páginas web ('cross-site Scripting') en el complemento Premio Chaty en versiones <= 3.1.2. The Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button – Chaty plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. • https://patchstack.com/database/vulnerability/chaty/wordpress-chaty-plugin-3-1-2-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-5509 – myStickymenu < 2.6.5 - Subscriber+ Arbitrary Form Leads Deletion
https://notcve.org/view.php?id=CVE-2023-5509
The myStickymenu WordPress plugin before 2.6.5 does not adequately authorize some ajax calls, allowing any logged-in user to perform the actions. El complemento myStickymenu de WordPress anterior a 2.6.5 no autoriza adecuadamente algunas llamadas ajax, lo que permite que cualquier usuario que haya iniciado sesión realice las acciones. The Floating Notification Bar, Sticky Menu on Scroll, Announcement Banner, and Sticky Header for Any Theme – My Sticky Bar (formerly myStickymenu) plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the my_sticky_menu_bulks() function in all versions up to, and including, 2.6.4. This makes it possible for authenticated attackers, with subscruber-level access and above, to delete arbitrary form leads. There were several additional AJAX actions in the plugin with missing capability checks as well such as mystickymenu_admin_send_message_to_owner(), stickymenu_widget_delete(), mystickymenu_widget_status() and more that make is possible for authenticated attackers to perform unauthorized actions. • https://wpscan.com/vulnerability/3b33c262-e7f0-4310-b26d-4727d7c25c9d • CWE-862: Missing Authorization CWE-863: Incorrect Authorization •