CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 1CVE-2024-3105 – Woody code snippets – Insert Header Footer Code, AdSense Ads <= 2.5.0 -Authenticated (Contributor+) Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-3105
The Woody code snippets – Insert Header Footer Code, AdSense Ads plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.5.0 via the 'insert_php' shortcode. This is due to the plugin not restricting the usage of the functionality to high level authorized users. This makes it possible for authenticated attackers, with contributor-level access and above, to execute code on the server. El complemento Woody code snippets – Insert Header Footer Code, AdSense Ads para WordPress es vulnerable a la ejecución remota de código en todas las versiones hasta la 2.5.0 incluida a través del código corto 'insert_php'. Esto se debe a que el complemento no restringe el uso de la funcionalidad a usuarios autorizados de alto nivel. • https://github.com/hunThubSpace/CVE-2024-3105-PoC https://plugins.trac.wordpress.org/browser/insert-php/trunk/includes/class.plugin.php#L166 https://plugins.trac.wordpress.org/browser/insert-php/trunk/includes/shortcodes/shortcode-insert-php.php https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3102522%40insert-php&new=3102522%40insert-php&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/134ad095-b0a0-4f0f-832d-3e558d4a250a?source=cve • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2019-16289 – Woody Ad Snippets <= 2.2.8 - Authenticated Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2019-16289
The insert-php (aka Woody ad snippets) plugin before 2.2.8 for WordPress allows authenticated XSS via the winp_item parameter. El plugin insert-php (también se conoce como Woody ad snippets) versiones anteriores a 2.2.8 para WordPress, permite un ataque de tipo XSS autenticado por medio del parámetro winp_item. The insert-php (aka Woody ad snippets) plugin before 2.2.9 for WordPress allows authenticated XSS via the winp_item parameter. • https://generaleg0x01.com/2019/09/13/xss-woody https://wordpress.org/plugins/insert-php/#developers https://wpvulndb.com/vulnerabilities/9880 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2019-15818 – Simple 301 Redirects Addon Bulk Uploader <= 1.2.4 - Missing Authentication on Option Changes
https://notcve.org/view.php?id=CVE-2019-15818
The simple-301-redirects-addon-bulk-uploader plugin through 1.2.4 for WordPress has no requirement for authentication for action=bulk301export or action=bulk301clearlist. El plugin simple-301-redirects-addon-bulk-uploader a través de 1.2.4 para WordPress no tiene requisitos de autenticación para action = bulk301export o action = bulk301clearlist. • https://blog.nintechnet.com/unauthenticated-option-changes-in-wordpress-simple-301-redirects-addon-bulk-uploader-plugin https://wordpress.org/plugins/simple-301-redirects-addon-bulk-uploader/#developers https://wpvulndb.com/vulnerabilities/9503 • CWE-287: Improper Authentication CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2019-15776 – Simple 301 Redirects Addon Bulk Uploader <= 1.2.4 - Missing Authorization
https://notcve.org/view.php?id=CVE-2019-15776
The simple-301-redirects-addon-bulk-uploader plugin before 1.2.5 for WordPress has no protection against 301 redirect rule injection via a CSV file. El plugin simple-301-redirects-addon-bulk-uploader versiones anteriores a 1.2.5 para WordPress, no presenta protección contra la inyección de la regla de redireccionamiento 301 por medio de un archivo CSV. • https://threatpost.com/wordpress-plugins-exploited-in-ongoing-attack-researchers-warn/147671 https://wordpress.org/plugins/simple-301-redirects-addon-bulk-uploader/#developers https://wpvulndb.com/vulnerabilities/9503 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') CWE-862: Missing Authorization •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-14773 – Woody Ad Snippets <= 2.2.5 - Arbitrary Post Deletion
https://notcve.org/view.php?id=CVE-2019-14773
admin/includes/class.actions.snippet.php in the "Woody ad snippets" plugin through 2.2.5 for WordPress allows wp-admin/admin-post.php?action=close&post= deletion. admin / includes / class.actions.snippet.php en el plugin "Woody ad snippets" hasta la versión 2.2.5 para WordPress permite wp-admin / admin-post.php? action = close & post = deletion. • https://wordpress.org/plugins/insert-php/#developers https://www.pluginvulnerabilities.com/2019/08/01/post-deletion-vulnerability-in-woody-ad-snippets • CWE-284: Improper Access Control •