Total
7411 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-24620 | 1 Simple-e-commerce-shopping-cart Project | 1 Simple-e-commerce-shopping-cart | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The WordPress Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal plugin through 2.2.5 does not check for the uploaded Downloadable Digital product file, allowing any file, such as PHP to be uploaded by an administrator. Furthermore, as there is no CSRF in place, attackers could also make a logged admin upload a malicious PHP file, which would lead to RCE | |||||
| CVE-2021-24618 | 1 Wbolt | 1 Donate With Qrcode | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| The Donate With QRCode WordPress plugin before 1.4.5 does not sanitise or escape its QRCode Image setting, which result into a Stored Cross-Site Scripting (XSS). Furthermore, the plugin also does not have any CSRF and capability checks in place when saving such setting, allowing any authenticated user (as low as subscriber), or unauthenticated user via a CSRF vector to update them and perform such attack. | |||||
| CVE-2021-24615 | 1 Wechat Reward Project | 1 Wechat Reward | 2024-11-21 | 4.3 MEDIUM | 5.4 MEDIUM |
| The Wechat Reward WordPress plugin through 1.7 does not sanitise or escape its QR settings, nor has any CSRF check in place, allowing attackers to make a logged in admin change the settings and perform Cross-Site Scripting attacks. | |||||
| CVE-2021-24611 | 1 Keyword Meta Project | 1 Keyword Meta | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| The Keyword Meta WordPress plugin through 3.0 does not sanitise of escape its settings before outputting them back in the page after they are saved, allowing for Cross-Site Scripting issues. Furthermore, it is also lacking any CSRF check, allowing attacker to make a logged in high privilege user save arbitrary setting via a CSRF attack. | |||||
| CVE-2021-24595 | 1 Wp Cookie Choice Project | 1 Wp Cookie Choice | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| The Wp Cookie Choice WordPress plugin through 1.1.0 is lacking any CSRF check when saving its options, and do not escape them when outputting them in attributes. As a result, an attacker could make a logged in admin change them to arbitrary values including XSS payloads via a CSRF attack. | |||||
| CVE-2021-24586 | 1 Evona | 1 Per Page Add To Head | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| The Per page add to head WordPress plugin before 1.4.4 is lacking any CSRF check when saving its settings, which could allow attackers to make a logged in admin change them. Furthermore, as the plugin allows arbitrary HTML to be inserted in one of the setting (feature mentioned by the plugin), this could lead to Stored XSS issue which will be triggered either in the backend, frontend or both depending on the payload used. | |||||
| CVE-2021-24584 | 1 Motopress | 1 Timetable And Event Schedule | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| The Timetable and Event Schedule WordPress plugin before 2.4.2 does not have proper access control when updating a timeslot, allowing any user with the edit_posts capability (contributor+) to update arbitrary timeslot from any events. Furthermore, no CSRF check is in place as well, allowing such attack to be perform via CSRF against a logged in with such capability. In versions before 2.3.19, the lack of sanitisation and escaping in some of the fields, like the descritption could also lead to Stored XSS issues | |||||
| CVE-2021-24583 | 1 Motopress | 1 Timetable And Event Schedule | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| The Timetable and Event Schedule WordPress plugin before 2.4.2 does not have proper access control when deleting a timeslot, allowing any user with the edit_posts capability (contributor+) to delete arbitrary timeslot from any events. Furthermore, no CSRF check is in place as well, allowing such attack to be performed via CSRF against a logged in with such capability | |||||
| CVE-2021-24581 | 1 Blue-admin Project | 1 Blue-admin | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The Blue Admin WordPress plugin through 21.06.01 does not sanitise or escape its "Logo Title" setting before outputting in a page, leading to a Stored Cross-Site Scripting issue. Furthermore, the plugin does not have CSRF check in place when saving its settings, allowing the issue to be exploited via a CSRF attack. | |||||
| CVE-2021-24572 | 1 Wpplugin | 1 Accept Donations With Paypal | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| The Accept Donations with PayPal WordPress plugin before 1.3.1 provides a function to create donation buttons which are internally stored as posts. The deletion of a button is not CSRF protected and there is no control to check if the deleted post was a button post. As a result, an attacker could make logged in admins delete arbitrary posts | |||||
| CVE-2021-24570 | 1 Wpplugin | 1 Accept Donations With Paypal | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| The Accept Donations with PayPal WordPress plugin before 1.3.1 offers a function to create donation buttons, which internally are posts. The process to create a new button is lacking a CSRF check. An attacker could use this to make an authenticated admin create a new button. Furthermore, one of the Button field is not escaped before being output in an attribute when editing a Button, leading to a Stored Cross-Site Scripting issue as well. | |||||
| CVE-2021-24565 | 1 Contact Form 7 Captcha Project | 1 Contact Form 7 Captcha | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The Contact Form 7 Captcha WordPress plugin before 0.0.9 does not have any CSRF check in place when saving its settings, allowing attacker to make a logged in user with the manage_options change them. Furthermore, the settings are not escaped when output in attributes, leading to a Stored Cross-Site Scripting issue. | |||||
| CVE-2021-24555 | 1 Roosty | 1 Diary-availability-calendar | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| The daac_delete_booking_callback function, hooked to the daac_delete_booking AJAX action, takes the id POST parameter which is passed into the SQL statement without proper sanitisation, validation or escaping, leading to a SQL Injection issue. Furthermore, the ajax action is lacking any CSRF and capability check, making it available to any authenticated user. | |||||
| CVE-2021-24543 | 1 Jquery-reply-to-comment Project | 1 Jquery-reply-to-comment | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The jQuery Reply to Comment WordPress plugin through 1.31 does not have any CSRF check when saving its settings, nor sanitise or escape its 'Quote String' and 'Reply String' settings before outputting them in Comments, leading to a Stored Cross-Site Scripting issue. | |||||
| CVE-2021-24536 | 1 Custom Login Redirect Project | 1 Custom Login Redirect | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Custom Login Redirect WordPress plugin through 1.0.0 does not have CSRF check in place when saving its settings, and do not sanitise or escape user input before outputting them back in the page, leading to a Stored Cross-Site Scripting issue | |||||
| CVE-2021-24535 | 1 Light Messages Project | 1 Light Messages | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Light Messages WordPress plugin through 1.0 is lacking CSRF check when updating it's settings, and is not sanitising its Message Content in them (even with the unfiltered_html disallowed). As a result, an attacker could make a logged in admin update the settings to arbitrary values, and set a Cross-Site Scripting payload in the Message Content. Depending on the options set, the XSS payload can be triggered either in the backend only (in the plugin's settings), or both frontend and backend. | |||||
| CVE-2021-24504 | 1 Wplearnmanager | 1 Wp Learn Manager | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The WP LMS – Best WordPress LMS Plugin WordPress plugin through 1.1.2 does not properly sanitise or validate its User Field Titles, allowing XSS payload to be used in them. Furthermore, no CSRF and capability checks were in place, allowing such attack to be performed either via CSRF or as any user (including unauthenticated) | |||||
| CVE-2021-24500 | 1 Amentotech | 1 Workreap | 2024-11-21 | 5.8 MEDIUM | 8.1 HIGH |
| Several AJAX actions available in the Workreap WordPress theme before 2.2.2 lacked CSRF protections, as well as allowing insecure direct object references that were not validated. This allows an attacker to trick a logged in user to submit a POST request to the vulnerable site, potentially modifying or deleting arbitrary objects on the target site. | |||||
| CVE-2021-24491 | 1 Fileviewer Project | 1 Fileviewer | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The Fileviewer WordPress plugin through 2.2 does not have CSRF checks in place when performing actions such as upload and delete files. As a result, attackers could make a logged in administrator delete and upload arbitrary files via a CSRF attack | |||||
| CVE-2021-24490 | 1 Email Artillery Project | 1 Email Artillery | 2024-11-21 | 6.0 MEDIUM | 6.8 MEDIUM |
| The Email Artillery (MASS EMAIL) WordPress plugin through 4.1 does not properly check the uploaded files from the Import Emails feature, allowing arbitrary files to be uploaded. Furthermore, the plugin is also lacking any CSRF check, allowing such issue to be exploited via a CSRF attack as well. However, due to the presence of a .htaccess, denying access to everything in the folder the file is uploaded to, the malicious uploaded file will only be accessible on Web Servers such as Nginx/IIS | |||||