โผ CVE-2021-24816 โผ
๐ Read
via "National Vulnerability Database".
The Phoenix Media Rename WordPress plugin before 3.4.4 does not have capability checks in its phoenix_media_rename AJAX action, which could allow users with Author roles to rename any uploaded media files, including ones they do not own.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-24791 โผ
๐ Read
via "National Vulnerability Database".
The Header Footer Code Manager WordPress plugin before 1.1.14 does not validate and escape the "orderby" and "order" request parameters before using them in a SQL statement when viewing the Snippets admin dashboard, leading to SQL injections๐ Read
via "National Vulnerability Database".
โผ CVE-2021-24537 โผ
๐ Read
via "National Vulnerability Database".
The Similar Posts WordPress plugin through 3.1.5 allow high privilege users to execute arbitrary PHP code in an hardened environment (ie with DISALLOW_FILE_EDIT, DISALLOW_FILE_MODS and DISALLOW_UNFILTERED_HTML set to true) via the 'widget_rrm_similar_posts_condition' widget setting of the plugin.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-24806 โผ
๐ Read
via "National Vulnerability Database".
The wpDiscuz WordPress plugin before 7.3.4 does check for CSRF when adding, editing and deleting comments, which could allow attacker to make logged in users such as admin edit and delete arbitrary comment, or the user who made the comment to edit it via a CSRF attack. Attackers could also make logged in users post arbitrary comment.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-24832 โผ
๐ Read
via "National Vulnerability Database".
The WP SEO Redirect 301 WordPress plugin before 2.3.2 does not have CSRF in place when deleting redirects, which could allow attackers to make a logged in admin delete them via a CSRF attack๐ Read
via "National Vulnerability Database".
โผ CVE-2021-24625 โผ
๐ Read
via "National Vulnerability Database".
The SpiderCatalog WordPress plugin through 1.7.3 does not sanitise or escape the 'parent' and 'ordering' parameters from the admin dashboard before using them in a SQL statement, leading to a SQL injection when adding a category๐ Read
via "National Vulnerability Database".
โผ CVE-2021-24840 โผ
๐ Read
via "National Vulnerability Database".
The Squaretype WordPress theme before 3.0.4 allows unauthenticated users to manipulate the query_vars used to retrieve the posts to display in one of its REST endpoint, without any validation. As a result, private and scheduled posts could be retrieved via a crafted request.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-24575 โผ
๐ Read
via "National Vulnerability Database".
The School Management System รยขรขโยฌรขโฌล WPSchoolPress WordPress plugin before 2.1.10 does not properly sanitize or use prepared statements before using POST variable in SQL queries, leading to SQL injection in multiple actions available to various authenticated users, from simple subscribers/students to teachers and above.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-24631 โผ
๐ Read
via "National Vulnerability Database".
The Unlimited PopUps WordPress plugin through 4.5.3 does not sanitise or escape the did GET parameter before using it in a SQL statement, available to users as low as editor, leading to an authenticated SQL Injection๐ Read
via "National Vulnerability Database".
โผ CVE-2021-24835 โผ
๐ Read
via "National Vulnerability Database".
The WCFM รยขรขโยฌรขโฌล Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible WordPress plugin before 6.5.12, when used in combination with another WCFM - WooCommerce Multivendor plugin such as WCFM - WooCommerce Multivendor Marketplace, does not escape the withdrawal_vendor parameter before using it in a SQL statement, allowing low privilege users such as Subscribers to perform SQL injection attacks๐ Read
via "National Vulnerability Database".
โผ CVE-2021-29735 โผ
๐ Read
via "National Vulnerability Database".
IBM Security Guardium 10.5, 10.6, 11.0, 11.1, 11.2, and 11.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-40577 โผ
๐ Read
via "National Vulnerability Database".
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Online Enrollment Management System in PHP and PayPal Free Source Code 1.0 in the Add-Users page via the Name parameter.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-24698 โผ
๐ Read
via "National Vulnerability Database".
The Simple Download Monitor WordPress plugin before 3.9.6 allows users with a role as low as Contributor to remove thumbnails from downloads they do not own, even if they cannot normally edit the download.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-24844 โผ
๐ Read
via "National Vulnerability Database".
The Affiliates Manager WordPress plugin before 2.8.7 does not validate the orderby parameter before using it in an SQL statement in the admin dashboard, leading to an SQL Injection issue๐ Read
via "National Vulnerability Database".
โผ CVE-2021-24827 โผ
๐ Read
via "National Vulnerability Database".
The Asgaros Forum WordPress plugin before 1.15.13 does not validate and escape user input when subscribing to a topic before using it in a SQL statement, leading to an unauthenticated SQL injection issue๐ Read
via "National Vulnerability Database".
โผ CVE-2021-24697 โผ
๐ Read
via "National Vulnerability Database".
The Simple Download Monitor WordPress plugin before 3.9.5 does not escape the 1) sdm_active_tab GET parameter and 2) sdm_stats_start_date/sdm_stats_end_date POST parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues๐ Read
via "National Vulnerability Database".
โผ CVE-2021-24669 โผ
๐ Read
via "National Vulnerability Database".
The MAZ Loader รยขรขโยฌรขโฌล Preloader Builder for WordPress plugin before 1.3.3 does not validate or escape the loader_id parameter of the mzldr shortcode, which allows users with a role as low as Contributor to perform SQL injection.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-24829 โผ
๐ Read
via "National Vulnerability Database".
The Visitor Traffic Real Time Statistics WordPress plugin before 3.9 does not validate and escape user input passed to the today_traffic_index AJAX action (available to any authenticated users) before using it in a SQL statement, leading to an SQL injection issue๐ Read
via "National Vulnerability Database".
โผ CVE-2021-24695 โผ
๐ Read
via "National Vulnerability Database".
The Simple Download Monitor WordPress plugin before 3.9.6 saves logs in a predictable location, and does not have any authentication or authorisation in place to prevent unauthenticated users to download and read the logs containing Sensitive Information such as IP Addresses and Usernames๐ Read
via "National Vulnerability Database".
โผ CVE-2020-4160 โผ
๐ Read
via "National Vulnerability Database".
IBM QRadar Network Security 5.4.0 and 5.5.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 174340.๐ Read
via "National Vulnerability Database".
โผ CVE-2020-4153 โผ
๐ Read
via "National Vulnerability Database".
IBM QRadar Network Security 5.4.0 and 5.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 174269.๐ Read
via "National Vulnerability Database".