4 results (0.027 seconds)

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

Server-Side Request Forgery (SSRF) vulnerability in Dimitar Ivanov HTTP Headers.This issue affects HTTP Headers: from n/a through 1.18.11. Vulnerabilidad de Server-Side Request Forgery (SSRF) en Dimitar Ivanov HTTP Headers. Este problema afecta a HTTP Headers: desde n/a hasta 1.18.11. The HTTP Headers plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 1.18.11 via the ajax-inspect.php file. This can allow authenticated attackers with admin access to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. • https://patchstack.com/database/vulnerability/http-headers/wordpress-http-headers-plugin-1-18-11-server-side-request-forgery-ssrf-vulnerability?_s_id=cve • CWE-918: Server-Side Request Forgery (SSRF) •

CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Dimitar Ivanov HTTP Headers plugin <= 1.18.11 versions. Una vulnerabilidad de Cross-Site Scripting (XSS) almacenado autenticado con permisos de administrador o más en el plugin HTTP Headers de Dimitar Ivanov en versiones anteriores, e incluyendo, la 1.18.11. The HTTP Headers for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 1.18.11 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://patchstack.com/database/vulnerability/http-headers/wordpress-http-headers-plugin-1-18-11-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1

This HTTP Headers WordPress plugin before 1.18.11 allows arbitrary data to be written to arbitrary files, leading to a Remote Code Execution vulnerability. The HTTP Headers plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 1.18.10 via the 'http_headers_pre_update_option' function. This allows authenticated attackers with administrator-level permissions to write files and execute code on the server. The issue was partially fixed in 1.18.10 but not fully fixed until 1.18.11. • https://wpscan.com/vulnerability/e0cc6740-866a-4a81-a93d-ff486b79b7f7 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1

This HTTP Headers WordPress plugin before 1.18.8 has an import functionality which executes arbitrary SQL on the server, leading to an SQL Injection vulnerability. The HTTP Headers plugin for WordPress is vulnerable to SQL Injection via the 'http_headers_post_import' and 'http_headers_post_export' functions in versions up to, and including, 1.18.8 due to insufficient escaping on the user supplied parameters and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with administrator-level permissions to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Note that 1.18.8 provided a partial patch by restricting this capability to Super Administrators. • https://wpscan.com/vulnerability/6f3f460b-542a-4d32-8feb-afa1aef57e37 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •