Vulnerabilità WordPress (qui elenco plugin) fonte: NIST CVES


  1. CVE-2024-8902 -- 2024-10-12T10:15:03.810
    Received
      The Elementor Addon Elements Plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.13.8 via the render_column function in modules/data-table/widgets/data-table.php.
      - This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft template data.


  2. CVE-2024-8757 -- 2024-10-12T10:15:02.687
    Received
      The WP Post Author – Boost Your Blog's Engagement with Author Box, Social Links, Co-Authors, Guest Authors, Post Rating System, and Custom User Registration Form Builder Plugin for WordPress is vulnerable to time-based SQL Injection via the linked_user_id parameter in all versions up to, and including, 3.8.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.
      - This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.


  3. CVE-2024-9696 -- 2024-10-12T09:15:03.590
    Received
      The Rescue shortcodes Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Plugin's 'rescue_tab' shortcode in all versions up to, and including, 2.8 due to insufficient input sanitization and output escaping on user supplied attributes.
      - This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.


  4. CVE-2024-9595 -- 2024-10-12T09:15:03.230
    Received
      The TablePress – Tables in WordPress made easy Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the table cell content in all versions up to, and including, 2.4.2 due to insufficient input sanitization and output escaping.
      - This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.


  5. CVE-2024-8915 -- 2024-10-12T09:15:02.950
    Received
      The Category Icon Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG file uploads in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping.
      - This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.


  6. CVE-2024-8760 -- 2024-10-12T09:15:02.677
    Received
      The Stackable – Page Builder Gutenberg Blocks Plugin for WordPress is vulnerable to CSS Injection in all versions up to, and including, 3.13.6.
      - This makes it possible for unauthenticated attackers to embed untrusted style information into comments resulting in a possibility of data exfiltration such as admin nonces with limited impact.
      - These nonces could be used to perform CSRF attacks within a limited time window.
      - The presence of other Plugins may make additional nonces available, which may pose a risk in Plugins that don't perform capability checks to protect AJAX actions or other actions reachable by lower-privileged users.


  7. CVE-2024-9756 -- 2024-10-12T07:15:02.820
    Received
      The Order Attachments for WooCommerce Plugin for WordPress is vulnerable to unauthorized limited arbitrary file uploads due to a missing capability check on the wcoa_add_attachment AJAX action in versions 2.0 to 2.4.1.
      - This makes it possible for authenticated attackers, with subscriber-level access and above, to upload limited file types.


  8. CVE-2024-9704 -- 2024-10-12T07:15:02.570
    Received
      The Social Sharing (by Danny) Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Plugin's 'dvk_social_sharing' shortcode in all versions up to, and including, 1.3.7 due to insufficient input sanitization and output escaping on user supplied attributes.
      - This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.


  9. CVE-2024-9047 -- 2024-10-12T07:15:02.170
    Received
      The WordPress file Upload Plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 4.24.11 via wfu_file_downloader.php.
      - This makes it possible for unauthenticated attackers to read or delete files outside of the originally intended directory.
      - Successful exploitation requires the targeted WordPress installation to be using PHP 7.4 or earlier.


  10. CVE-2024-9824 -- 2024-10-12T06:15:04.230
    Received
      The ImagePress – Image Gallery Plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the 'ip_delete_post' and 'ip_update_post_title' functions in all versions up to, and including, 1.2.2.
      - This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary posts and update post titles.


  11. CVE-2024-9778 -- 2024-10-12T06:15:03.930
    Received
      The ImagePress – Image Gallery Plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.2.
      - This is due to missing or incorrect nonce validation on the 'imagepress_admin_page' function.
      - This makes it possible for unauthenticated attackers to update Plugin settings, including redirection URLs, via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.


  12. CVE-2024-9776 -- 2024-10-12T06:15:03.640
    Received
      The ImagePress – Image Gallery Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping.
      - This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
      - This only affects multi-site installations and installations where unfiltered_html has been disabled.


  13. CVE-2024-9670 -- 2024-10-12T06:15:03.347
    Received
      The 2D Tag Cloud Plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 6.0.2.
      - This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.


  14. CVE-2024-9656 -- 2024-10-12T06:15:03.077
    Received
      The Mynx Page Builder Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG file uploads in all versions up to, and including, 0.27.8 due to insufficient input sanitization and output escaping.
      - This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.


  15. CVE-2024-9187 -- 2024-10-12T06:15:02.803
    Received
      The Read more By Adam Plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the deleteRm() function in all versions up to, and including, 1.1.8.
      - This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete read more buttons.


  16. CVE-2024-7489 -- 2024-10-12T06:15:02.337
    Received
      The Forms for Mailchimp by Optin Cat – Grow Your MailChimp List Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form color parameters in all versions up to, and including, 2.5.6 due to insufficient input sanitization and output escaping.
      - This makes it possible for authenticated attackers, with editor-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
      - This only affects multi-site installations and installations where unfiltered_html has been disabled.


  17. CVE-2024-9860 -- 2024-10-12T03:15:02.757
    Received
      The Bridge Core Plugin for WordPress is vulnerable to unauthorized modification of data or loss of data due to a missing capability check on the 'import_action' and 'install_Plugin_per_demo' functions in versions up to, and including, 3.3.
      - This makes it possible for authenticated attackers with subscriber-level permissions or above, to delete or change Plugin settings, import demo data, and install limited Plugins.


  18. CVE-2024-9821 -- 2024-10-12T03:15:02.507
    Received
      The Bot for Telegram on WooCommerce Plugin for WordPress is vulnerable to sensitive information disclosure due to missing authorization checks on the 'stm_wpcfto_get_settings' AJAX action in all versions up to, and including, 1.2.4.
      - This makes it possible for authenticated attackers, with subscriber-level access and above, to view the Telegram Bot Token, a secret token used to control the bot, which can then be used to log in as any existing user on the site, such as an administrator, if they know the username, due to the Login with Telegram feature.


  19. CVE-2024-9592 -- 2024-10-12T03:15:02.243
    Received
      The Easy PayPal Gift Certificate Plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.3.
      - This is due to missing or incorrect nonce validation on the 'wpppgc_Plugin_options' function.
      - This makes it possible for unauthenticated attackers to update the Plugin's settings and inject malicious JavaScript via a forged request, granted they can trick a site administrator into performing an action such as clicking on a link.


  20. CVE-2024-9707 -- 2024-10-11T13:15:21.233
    Received
      The Hunk Companion Plugin for WordPress is vulnerable to unauthorized Plugin installation/activation due to a missing capability check on the /wp-json/hc/v1/themehunk-import REST API endpoint in all versions up to, and including, 1.8.4.
      - This makes it possible for unauthenticated attackers to install and activate arbitrary Plugins which can be leveraged to achieve remote code execution if another vulnerable Plugin is installed and activated.


  21. CVE-2024-9616 -- 2024-10-11T13:15:20.703
    Received
      The BlockMeister – Block Pattern Builder Plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 3.1.10.
      - This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.


  22. CVE-2024-9611 -- 2024-10-11T13:15:20.487
    Received
      The Increase upload file size & Maximum Execution Time limit Plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.0.
      - This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.


  23. CVE-2024-9610 -- 2024-10-11T13:15:20.257
    Received
      The Language Switcher Plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 3.7.13.
      - This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.


  24. CVE-2024-9587 -- 2024-10-11T13:15:20.043
    Received
      The Linkz.ai Plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajax_linkz' function in versions up to, and including, 1.1.8.
      - This makes it possible for authenticated attackers with contributor-level privileges or above, to update Plugin settings.


  25. CVE-2024-9586 -- 2024-10-11T13:15:19.823
    Received
      The Linkz.ai Plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'check_auth' and 'check_logout' functions in versions up to, and including, 1.1.8.
      - This makes it possible for unauthenticated attackers to update Plugin settings.


  26. CVE-2024-9543 -- 2024-10-11T13:15:19.577
    Received
      The PowerPress Podcasting Plugin by Blubrry Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Plugin's 'skipto' shortcode in all versions up to, and including, 11.9.18 due to insufficient input sanitization and output escaping on user supplied attributes.
      - This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.


  27. CVE-2024-9538 -- 2024-10-11T13:15:19.373
    Received
      The ShopLentor Plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.9.8 via the 'render' function in includes/addons/wl_faq.php.
      - This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft Elementor template data.


  28. CVE-2024-9507 -- 2024-10-11T13:15:19.160
    Received
      The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder Plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 2.15.2 due to improper input validation within the iconUpload function.
      - This makes it possible for authenticated attackers, with Administrator-level access and above, to leverage a PHP filter chain attack and read the contents of arbitrary files on the server, which can contain sensitive information.


  29. CVE-2024-9436 -- 2024-10-11T13:15:18.947
    Received
      The PublishPress Revisions: Duplicate Posts, Submit, Approve and Schedule Content Changes Plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 3.5.14.
      - This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.


  30. CVE-2024-9346 -- 2024-10-11T13:15:18.740
    Received
      The Embed videos and respect privacy Plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'v' parameter in all versions up to, and including, 1.2 due to insufficient input sanitization and output escaping.
      - This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.


  31. CVE-2024-9234 -- 2024-10-11T13:15:18.530
    Received
      The GutenKit – Page Builder Blocks, Patterns, and Templates for Gutenberg Block Editor Plugin for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on the install_and_activate_Plugin_from_external() function (install-active-Plugin REST API endpoint) in all versions up to, and including, 2.1.0.
      - This makes it possible for unauthenticated attackers to install and activate arbitrary Plugins, or utilize the functionality to upload arbitrary files spoofed like Plugins.


  32. CVE-2024-9232 -- 2024-10-11T13:15:18.313
    Received
      The Download Plugins and Themes in ZIP from Dashboard Plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.9.1.
      - This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.


  33. CVE-2024-9221 -- 2024-10-11T13:15:18.100
    Received
      The Tainacan Plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 0.21.10.
      - This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.


  34. CVE-2024-9211 -- 2024-10-11T13:15:17.883
    Received
      The FULL – Cliente Plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 3.1.22.
      - This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.


  35. CVE-2024-9051 -- 2024-10-11T13:15:17.477
    Received
      The WP Ultimate Post Grid Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Plugin's wpupg-grid-with-filters shortcode in all versions up to, and including, 3.9.3 due to insufficient input sanitization and output escaping on user supplied attributes.
      - This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.


  36. CVE-2024-8913 -- 2024-10-11T13:15:17.040
    Received
      The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce Plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.6.11 via the render function in modules/widgets/tp_accordion.php.
      - This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft template data.


  37. CVE-2024-7514 -- 2024-10-11T13:15:16.800
    Received
      The WordPress Comments Import & Export Plugin for WordPress is vulnerable to to arbitrary file read due to insufficient file path validation during the comments import process, in versions up to, and including, 2.3.7.
      - This makes it possible for authenticated attackers, with Author-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information. The issue was partially fixed in version 2.3.8 and fully fixed in 2.3.9


  38. CVE-2024-9822 -- 2024-10-11T03:15:10.967
    Received
      The Pedalo Connector Plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.0.5.
      - This is due to insufficient restriction on the 'login_admin_user' function.
      - This makes it possible for unauthenticated attackers to log to the first user, who is usually the administrator, or if it does not exist, then to the first administrator.
      El complemento Pedalo Connector para WordPress es vulnerable a la omisión de autenticación en versiones hasta la 2.0.5 incluida.
      - Esto se debe a una restricción insuficiente en la función 'login_admin_user'.
      - Esto hace posible que atacantes no autenticados inicien sesión con el primer usuario, que normalmente es el administrador, o si no existe, con el primer administrador.


  39. CVE-2024-9796 -- 2024-10-10T08:15:04.140
    Undergoing Analysis
      The WP-Advanced-Search WordPress Plugin before 3.3.9.2 does not sanitize and sanitise the t parameter before using it in a SQL statement, allowing unauthenticated users to perform SQL Injection attacks El complemento WP-Advanced-Search para WordPress anterior a la versión 3.3.9.2 no desinfecta ni escapa el parámetro t antes de usarlo en una declaración SQL, lo que permite que usuarios no autenticados realicen ataques de inyección SQL.


  40. CVE-2024-9156 -- 2024-10-10T06:15:11.290
    Undergoing Analysis
      The TI WooCommerce Wishlist WordPress Plugin through 2.8.2 is vulnerable to SQL Injection due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.
      - This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
      El complemento TI WooCommerce Wishlist de WordPress hasta la versión 2.8.2 es vulnerable a la inyección SQL debido a un sanitise insuficiente en el parámetro proporcionado por el usuario y a la falta de preparación suficiente en la consulta SQL existente.
      - Esto hace posible que atacantes no autenticados agreguen consultas SQL adicionales a consultas ya existentes que se pueden usar para extraer información confidencial de la base de datos.


  41. CVE-2024-9520 -- 2024-10-10T03:15:03.177
    Undergoing Analysis
      The UserPlus Plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on multiple functions in all versions up to, and including, 2.0.
      - This makes it possible for authenticated attackers with subscriber-level permissions or above, to add, modify, or delete user meta and Plugin options.
      El complemento UserPlus para WordPress es vulnerable al acceso no autorizado, la modificación y la pérdida de datos debido a la falta de comprobación de capacidad en varias funciones en todas las versiones hasta la 2.0 incluida.
      - Esto permite que atacantes autenticados con permisos de nivel de suscriptor o superior agreguen, modifiquen o eliminen metadatos de usuario y opciones del complemento.


  42. CVE-2024-9074 -- 2024-10-10T03:15:02.963
    Undergoing Analysis
      The Advanced Blocks Pro Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG file uploads in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping.
      - This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.
      El complemento Advanced Blocks Pro para WordPress es vulnerable a Cross Site Scripting almacenado a través de la carga de archivos SVG en todas las versiones hasta la 1.0.0 incluida, debido a una desinfección de entrada y un sanitise de salida insuficientes.
      - Esto permite que atacantes autenticados, con acceso de nivel de autor o superior, inyecten secuencias de comandos web arbitrarias en páginas que se ejecutarán cada vez que un usuario acceda al archivo SVG.


  43. CVE-2024-9067 -- 2024-10-10T03:15:02.740
    Undergoing Analysis
      The Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress Plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'delete_attachment' function in all versions up to, and including, 1.3.0.
      - This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary attachments.
      El complemento Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin para WordPress es vulnerable a la modificación no autorizada de datos debido a una falta de verificación de capacidad en la función 'delete_attachment' en todas las versiones hasta la 1.3.0 incluida.
      - Esto permite que atacantes autenticados, con acceso de nivel de suscriptor y superior, eliminen archivos adjuntos arbitrarios.


  44. CVE-2024-9022 -- 2024-10-10T03:15:02.523
    Undergoing Analysis
      The TS Poll – Survey, Versus Poll, Image Poll, Video Poll Plugin for WordPress is vulnerable to SQL Injection via the ‘orderby’ parameter in all versions up to, and including, 2.3.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.
      - This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
      El complemento TS Poll – Survey, Versus Poll, Image Poll, Video Poll para WordPress es vulnerable a la inyección SQL a través del parámetro 'orderby' en todas las versiones hasta la 2.3.9 incluida, debido a un sanitise insuficiente en el parámetro proporcionado por el usuario y a la falta de preparación suficiente en la consulta SQL existente.
      - Esto permite que los atacantes autenticados, con acceso de nivel de administrador o superior, agreguen consultas SQL adicionales a las consultas ya existentes que se pueden usar para extraer información confidencial de la base de datos.


  45. CVE-2024-8477 -- 2024-10-10T03:15:02.300
    Undergoing Analysis
      The Newsletter, SMTP, email marketing and Subscribe forms by Brevo (formely Sendinblue) Plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.87.
      - This is due to missing or incorrect nonce validation on the Init() function.
      - This makes it possible for unauthenticated attackers to log out of a Brevo connection via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
      El complemento Newsletter, SMTP, email marketing and Subscribe forms by Brevo (formely Sendinblue) de WordPress es vulnerable a Cross-Site Request Forgery en todas las versiones hasta la 3.1.87 incluida.
      - Esto se debe a la falta o la validación incorrecta de nonce en la función Init().
      - Esto hace posible que atacantes no autenticados cierren sesión en una conexión de Brevo a través de una solicitud falsificada, siempre que puedan engañar a un administrador del sitio para que realice una acción como hacer clic en un enlace.


  46. CVE-2024-9685 -- 2024-10-10T02:15:06.440
    Undergoing Analysis
      The Notification for Telegram Plugin for WordPress is vulnerable to unauthorized test message sending due to a missing capability check on the 'nftb_test_action' function in versions up to, and including, 3.3.1.
      - This makes it possible for authenticated attackers, with subscriber-level access and above, to send a test message via the Telegram Bot API to all users configured in the settings.
      El complemento Notification for Telegram para WordPress es vulnerable al envío no autorizado de mensajes de prueba debido a una falta de verificación de capacidad en la función 'nftb_test_action' en versiones hasta la 3.3.1 incluida.
      - Esto hace posible que atacantes autenticados, con acceso de nivel de suscriptor y superior, envíen un mensaje de prueba a través de la API de bots de Telegram a todos los usuarios configurados en los ajustes.


  47. CVE-2024-9581 -- 2024-10-10T02:15:06.227
    Undergoing Analysis
      The shortcodes AnyWhere Plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.0.1.
      - This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode.
      - This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.
      El complemento shortcodes AnyWhere para WordPress es vulnerable a la ejecución arbitraria de códigos cortos en todas las versiones hasta la 1.0.1 incluida.
      - Esto se debe a que el software permite a los usuarios ejecutar una acción que no valida correctamente un valor antes de ejecutar do_shortcode.
      - Esto hace posible que atacantes no autenticados ejecuten códigos cortos arbitrarios.


  48. CVE-2024-9522 -- 2024-10-10T02:15:06.013
    Undergoing Analysis
      The WP Users Masquerade Plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.0.0.
      - This is due to incorrect authentication and capability checking in the 'ajax_masq_login' function.
      - This makes it possible for authenticated attackers, with subscriber-level permissions and above, to log in as any existing user on the site, such as an administrator.
      El complemento WP Users Masquerade para WordPress es vulnerable a la omisión de autenticación en versiones hasta la 2.0.0 incluida.
      - Esto se debe a una verificación de autenticación y capacidad incorrecta en la función 'ajax_masq_login'.
      - Esto hace posible que atacantes autenticados, con permisos de nivel de suscriptor y superiores, inicien sesión como cualquier usuario existente en el sitio, como un administrador.


  49. CVE-2024-9519 -- 2024-10-10T02:15:05.787
    Undergoing Analysis
      The UserPlus Plugin for WordPress is vulnerable to unauthorized modification of data due to an improper capability check on the 'save_metabox_form' function in versions up to, and including, 2.0.
      - This makes it possible for authenticated attackers, with editor-level permissions or above, to update the registration form role to administrator, which leads to privilege escalation.
      El complemento UserPlus para WordPress es vulnerable a la modificación no autorizada de datos debido a una comprobación incorrecta de la capacidad de la función 'save_metabox_form' en versiones hasta la 2.0 incluida.
      - Esto hace posible que atacantes autenticados, con permisos de nivel de editor o superior, actualicen el rol del formulario de registro a administrador, lo que conduce a una escalada de privilegios.


  50. CVE-2024-9518 -- 2024-10-10T02:15:05.590
    Undergoing Analysis
      The UserPlus Plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 2.0 due to insufficient restriction on the 'form_actions' and 'userplus_update_user_profile' functions.
      - This makes it possible for unauthenticated attackers to specify their user role by supplying the 'role' parameter during a registration.
      El complemento UserPlus para WordPress es vulnerable a la escalada de privilegios en versiones hasta la 2.0 incluida debido a una restricción insuficiente en las funciones 'form_actions' y 'userplus_update_user_profile'.
      - Esto permite que atacantes no autenticados especifiquen su rol de usuario proporcionando el parámetro 'role' durante un registro.






Newsletter Podcast
(30 gg free)