‼ CVE-2023-4388 ‼
📖 Read
via "National Vulnerability Database".
The EventON WordPress plugin before 2.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)📖 Read
via "National Vulnerability Database".
‼ CVE-2023-4800 ‼
📖 Read
via "National Vulnerability Database".
The DoLogin Security WordPress plugin before 3.7.1 does not restrict the access of a widget that shows the IPs of failed logins to low privileged users.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-4820 ‼
📖 Read
via "National Vulnerability Database".
The PowerPress Podcasting plugin by Blubrry WordPress plugin before 11.0.12 does not sanitize and escape the media url field in posts, which could allow users with privileges as low as contributor to inject arbitrary web scripts that could target a site admin or superadmin.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-5561 ‼
📖 Read
via "National Vulnerability Database".
The Popup Builder WordPress plugin through 4.1.15 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).📖 Read
via "National Vulnerability Database".
‼ CVE-2023-42459 ‼
📖 Read
via "National Vulnerability Database".
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). In affected versions specific DATA submessages can be sent to a discovery locator which may trigger a free error. This can remotely crash any Fast-DDS process. The call to free() could potentially leave the pointer in the attackers control which could lead to a double free. This issue has been addressed in versions 2.12.0, 2.11.3, 2.10.3, and 2.6.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-45149 ‼
📖 Read
via "National Vulnerability Database".
Nextcloud talk is a chat module for the Nextcloud server platform. In affected versions brute force protection of public talk conversation passwords can be bypassed, as there was an endpoint validating the conversation password without registering bruteforce attempts. It is recommended that the Nextcloud Talk app is upgraded to 15.0.8, 16.0.6 or 17.1.1. There are no known workarounds for this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-4795 ‼
📖 Read
via "National Vulnerability Database".
The Testimonial Slider Shortcode WordPress plugin before 1.1.9 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin📖 Read
via "National Vulnerability Database".
‼ CVE-2023-4950 ‼
📖 Read
via "National Vulnerability Database".
The Interactive Contact Form and Multi Step Form Builder WordPress plugin before 3.4 does not sanitise and escape some parameters, which could allow unauthenticated users to perform Cross-Site Scripting attacks📖 Read
via "National Vulnerability Database".
‼ CVE-2023-4862 ‼
📖 Read
via "National Vulnerability Database".
The File Manager Pro WordPress plugin before 1.8.1 does not adequately validate and escape some inputs, leading to XSS by high-privilege users.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-5087 ‼
📖 Read
via "National Vulnerability Database".
The Page Builder: Pagelayer WordPress plugin before 1.7.8 doesn't prevent attackers with author privileges and higher from inserting malicious JavaScript inside a post's header or footer code.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-5133 ‼
📖 Read
via "National Vulnerability Database".
This user-activity-log-pro WordPress plugin before 2.3.4 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to hide the source of malicious traffic.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-5057 ‼
📖 Read
via "National Vulnerability Database".
The ActivityPub WordPress plugin before 1.0.0 does not escape user metadata before outputting them in mentions, which could allow users with a role of Contributor and above to perform Stored XSS attacks📖 Read
via "National Vulnerability Database".
‼ CVE-2023-5177 ‼
📖 Read
via "National Vulnerability Database".
The Vrm 360 3D Model Viewer WordPress plugin through 1.2.1 exposes the full path of a file when putting in a non-existent file in a parameter of the shortcode.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-4821 ‼
📖 Read
via "National Vulnerability Database".
The Drag and Drop Multiple File Upload for WooCommerce WordPress plugin before 1.1.1 does not filter all potentially dangerous file extensions. Therefore, an attacker can upload unsafe .shtml or .svg files containing malicious scripts.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-5167 ‼
📖 Read
via "National Vulnerability Database".
The User Activity Log Pro WordPress plugin before 2.3.4 does not properly escape recorded User-Agents in the user activity logs dashboard, which may allow visitors to conduct Stored Cross-Site Scripting attacks.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-4861 ‼
📖 Read
via "National Vulnerability Database".
The File Manager Pro WordPress plugin before 1.8.1 allows admin users to upload arbitrary files, even in environments where such a user should not be able to gain full control of the server, such as a multisite installation. This leads to remote code execution.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-4933 ‼
📖 Read
via "National Vulnerability Database".
The WP Job Openings WordPress plugin before 3.4.3 does not block listing the contents of the directories where it stores attachments to job applications, allowing unauthenticated visitors to list and download private attachments if the autoindex feature of the web server is enabled.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-45150 ‼
📖 Read
via "National Vulnerability Database".
Nextcloud calendar is a calendar app for the Nextcloud server platform. Due to missing precondition checks the server was trying to validate strings of any length as email addresses even when megabytes of data were provided, eventually making the server busy and unresponsive. It is recommended that the Nextcloud Calendar app is upgraded to 4.4.4. The only workaround for users unable to upgrade is to disable the calendar app.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-4971 ‼
📖 Read
via "National Vulnerability Database".
The Weaver Xtreme Theme Support WordPress plugin before 6.3.1 unserialises the content of an imported file, which could lead to PHP object injections issues when a high privilege user import a malicious file and a suitable gadget chain is present on the blog.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-5003 ‼
📖 Read
via "National Vulnerability Database".
The Active Directory Integration / LDAP Integration WordPress plugin before 4.1.10 stores sensitive LDAP logs in a buffer file when an administrator wants to export said logs. Unfortunately, this log file is never removed, and remains accessible to any users knowing the URL to do so.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-5089 ‼
📖 Read
via "National Vulnerability Database".
The Defender Security WordPress plugin before 4.1.0 does not prevent redirects to the login page via the auth_redirect WordPress function, allowing an unauthenticated visitor to access the login page, even when the hide login page functionality of the plugin is enabled.📖 Read
via "National Vulnerability Database".