CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8856 – Backup and Staging by WP Time Capsule <= 1.22.21 - Unauthenticated Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2024-8856
The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the the UploadHandler.php file and no direct file access prevention in all versions up to, and including, 1.22.21. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://plugins.trac.wordpress.org/browser/wp-time-capsule/trunk/wp-tcapsule-bridge/upload/php/UploadHandler.php https://plugins.trac.wordpress.org/changeset/3188325 https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3153289%40wp-time-capsule&new=3153289%40wp-time-capsule&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/fdc2de78-5601-461f-b2f0-c80b592ccb1b?source=cve https://hacked.be/posts/CVE-2024-8856 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 3CVE-2023-2916 – InfiniteWP Client <= 1.11.1 - Authenticated (Subscriber+) Sensitive Information Exposure
https://notcve.org/view.php?id=CVE-2023-2916
The InfiniteWP Client plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.11.1 via the 'admin_notice' function. This can allow authenticated attackers with subscriber-level permissions or above to extract sensitive data including configuration. It can only be exploited if the plugin has not been configured yet. If combined with another arbitrary plugin installation and activation vulnerability, it may be possible to connect a site to InfiniteWP which would make remote management possible and allow for elevation of privileges. El plugin InfiniteWP Client para WordPress es vulnerable a la Exposición de Información Sensible en versiones hasta, e incluyendo, 1.11.1 a través de la función 'admin_notice'. • https://github.com/d0rb/CVE-2023-2916 https://plugins.trac.wordpress.org/browser/iwp-client/tags/1.11.1/core.class.php#L365 https://plugins.trac.wordpress.org/changeset/2925897/iwp-client#file4 https://www.wordfence.com/threat-intel/vulnerabilities/id/aa157c80-447f-4406-9e49-9cc6208b7b19?source=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-25035 – Backup and Staging by WP Time Capsule < 1.22.7 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2021-25035
The Backup and Staging by WP Time Capsule WordPress plugin before 1.22.7 does not sanitise and escape the error parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting El plugin Backup and Staging by WP Time Capsule de WordPress versiones anteriores a 1.22.7, no comprueba ni escapa del parámetro error antes de devolverlo a una página de administración, conllevando a un problema de tipo Cross-Site Scripting Reflejado • https://plugins.trac.wordpress.org/changeset/2641264 https://wpscan.com/vulnerability/f426360e-5ba0-4d6b-bfd4-61bc54be3469 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 96%CPEs: 1EXPL: 1CVE-2020-8772 – InfiniteWP Client <= 1.9.4.4 - Authentication Bypass
https://notcve.org/view.php?id=CVE-2020-8772
The InfiniteWP Client plugin before 1.9.4.5 for WordPress has a missing authorization check in iwp_mmb_set_request in init.php. Any attacker who knows the username of an administrator can log in. El plugin InfiniteWP Client versiones anteriores a 1.9.4.5 para WordPress, presenta una falta de comprobación de autorización en la función iwp_mmb_set_request en el archivo init.php. Cualquier atacante que conozca el nombre de usuario de un administrador puede iniciar sesión. • https://wpvulndb.com/vulnerabilities/10011 https://www.webarxsecurity.com/vulnerability-infinitewp-client-wp-time-capsule • CWE-862: Missing Authorization •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 2CVE-2016-15004 – InfiniteWP Client Plugin injection
https://notcve.org/view.php?id=CVE-2016-15004
A vulnerability was found in InfiniteWP Client Plugin 1.5.1.3/1.6.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to injection. The attack can be launched remotely. • http://seclists.org/fulldisclosure/2017/Jan/72 https://sumofpwn.nl/advisory/2016/infinitewp_client_wordpress_plugin_unauthenticated_php_object_injection_vulnerability.html https://vuldb.com/?id.96073 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-502: Deserialization of Untrusted Data •