CVE Catalog

A SQL injection vulnerability has been identified in the Popup – MailChimp, GetResponse and ActiveCampaign Integrations plugin for WordPress, affecting all versions through 3.2.6. The vulnerability arises from inadequate escaping of user-supplied data in the 'id' parameter of the 'upc_delete_db_record' AJAX action, coupled with a lack of proper preparation for the existing SQL query. This flaw allows unauthenticated attackers to inject additional SQL commands into existing queries, potentially leading to the extraction of sensitive information from the database.

A reflected cross-site scripting vulnerability has been identified in the GDY Modular Content plugin for WordPress, affecting all versions through 0.9.92. The issue arises from the use of the add_query_arg function without proper escaping, allowing unauthenticated attackers to inject arbitrary web scripts. These scripts could be executed if a user is tricked into clicking a link that contains the injected script.

A vulnerability allowing information exposure has been identified in the Elementor Addons AI Addons plugin for WordPress, specifically in versions through 2.2.1. The issue arises in the 'render' function, where inadequate restrictions allow authenticated attackers with Contributor-level access or higher to access and extract data from private or draft templates that should be off-limits.

A reflected cross-site scripting vulnerability has been identified in the SEO Keywords plugin for WordPress, affecting all versions through 1.1.3. The issue arises from inadequate input sanitization and output escaping, allowing unauthenticated attackers to inject arbitrary web scripts. These scripts could be executed if a user is tricked into clicking a link that contains the malicious payload.

A reflected cross-site scripting vulnerability has been identified in the Woo Ukrposhta plugin for WordPress, affecting all versions through 1.17.11. The issue arises from inadequate input sanitization and output escaping, allowing unauthenticated attackers to inject arbitrary web scripts. These scripts could be executed if a user is tricked into clicking a link or performing a similar action.

A reflected cross-site scripting vulnerability has been identified in the PayGreen Payment Gateway plugin for WordPress, affecting all versions through 1.0.26. The issue arises from inadequate input sanitization and output escaping, allowing unauthenticated attackers to inject arbitrary web scripts. These scripts could be executed if the attacker successfully persuades a user to click on a manipulated link.

A reflected cross-site scripting vulnerability has been identified in the Financial Stocks & Crypto Market Data Plugin for WordPress, affecting all versions through 1.10.3. The issue arises from inadequate input sanitization and output escaping, allowing unauthenticated attackers to inject arbitrary web scripts. These scripts could be executed on pages if the attacker successfully persuades a user to perform an action, such as clicking a link.

A vulnerability exists in the Infility Global plugin for WordPress, affecting all versions through 2.9.8. The issue arises from a lack of proper capability checks in the 'infility_global_ajax' function, allowing authenticated attackers with Subscriber-level access or higher to unauthorizedly modify plugin options. This could potentially disrupt the site's functionality.

A PHP Object Injection vulnerability has been identified in the Yikes Custom Product Tabs for WooCommerce plugin for WordPress, affecting all versions through 1.8.5. The vulnerability arises from the deserialization of untrusted data in the 'yikes_woo_products_tabs' post meta parameter. This flaw allows authenticated attackers with Shop Manager-level access or higher to inject a PHP object. While the vulnerable plugin does not have a known object injection chain, such a chain could potentially be exploited if an additional plugin or theme on the target system provides one, possibly leading to arbitrary file deletion, sensitive data exposure, or code execution.

A stored cross-site scripting vulnerability has been identified in the Image Magnify plugin for WordPress, affecting all versions through 1.1. The issue arises from inadequate input sanitization and output escaping of user-supplied attributes in the 'image_magnify' shortcode. This vulnerability allows authenticated attackers with contributor-level access or higher to inject arbitrary web scripts into pages, which are executed when users access the affected pages.

A reflected cross-site scripting vulnerability has been identified in the WP Bulk SMS by SMS.to plugin for WordPress, affecting all versions through 1.0.12. The issue arises from inadequate input sanitization and output escaping, allowing unauthenticated attackers to inject arbitrary web scripts via the 'page' parameter. These injected scripts could be executed if a user is tricked into clicking a link.

A stored cross-site scripting vulnerability has been identified in the CC Canadian Mortgage Calculator plugin for WordPress, affecting all versions through 2.1.0. The issue arises from inadequate input sanitization and output escaping of user-supplied attributes in the 'cc-mortgage-canada' shortcode. This vulnerability allows authenticated attackers with contributor-level access or higher to inject arbitrary scripts into pages, which are executed when users access the affected page.

A stored cross-site scripting vulnerability has been identified in the Common Ninja WordPress plugin, specifically in the 'commonninja' shortcode. This issue affects all versions of the plugin up to and including 1.1.0. The vulnerability arises from inadequate input sanitization and output escaping of user-supplied attributes, allowing authenticated attackers with contributor-level access or higher to inject arbitrary web scripts. These scripts are executed when a user accesses the affected page.

A reflected cross-site scripting vulnerability has been identified in the Bizapp for WooCommerce plugin for WordPress, affecting all versions through 2.0.8. The issue arises from inadequate input sanitization and output escaping, allowing unauthenticated attackers to inject arbitrary web scripts. These scripts could be executed if a user is tricked into clicking a link or performing a similar action.

A reflected cross-site scripting vulnerability has been identified in the Automate Hub Free by Sperse.IO plugin for WordPress, affecting all versions through 1.7.0. The vulnerability arises from inadequate input sanitization and output escaping, allowing unauthenticated attackers to inject arbitrary web scripts into pages. These scripts could be executed if the attacker successfully persuades a user to perform an action, such as clicking a link.

A reflected cross-site scripting vulnerability has been identified in the WC1C plugin for WordPress, affecting all versions through 0.23.0. The issue arises from the use of add_query_arg without proper escaping, allowing unauthenticated attackers to inject arbitrary web scripts. These scripts could be executed if a user is tricked into clicking a link.

A reflected cross-site scripting vulnerability has been identified in the Same but Different – Related Posts by Taxonomy plugin for WordPress, affecting all versions through 1.0.16. The vulnerability arises from the plugin's use of add_query_arg and remove_query_arg functions without proper escaping, allowing unauthenticated attackers to inject arbitrary web scripts. These scripts could be executed if a user is tricked into clicking a link that contains the injected script.

A stored cross-site scripting vulnerability has been identified in the PIXNET Plugin for WordPress, affecting all versions through 2.9.10. The issue arises from inadequate input sanitization and output escaping, allowing authenticated attackers with Subscriber-level access or higher to inject arbitrary scripts. These scripts are executed when a user accesses the compromised page.

A stored cross-site scripting vulnerability has been identified in the Horoscope And Tarot plugin for WordPress, affecting all versions through 1.3.0. The issue arises from inadequate input sanitization and output escaping of user-supplied attributes in the 'divine_horoscope' shortcode. This vulnerability allows authenticated attackers with contributor-level access or higher to inject arbitrary web scripts into pages, which are executed when users access the affected pages.

A vulnerability allowing sensitive information exposure has been identified in the Member Access plugin for WordPress, affecting all versions through 1.1.6. This issue arises from an unauthenticated content restriction bypass, which can be exploited via the WordPress core search feature. As a result, attackers can access sensitive data from posts restricted to higher-level roles, such as administrators.

A vulnerability exists in the Spacer plugin for WordPress, all versions through 3.0.7, due to a missing capability check in the motech_spacer_callback() function. This flaw allows authenticated attackers with Subscriber-level access and above to access and view limited setting information, leading to unauthorized data disclosure.

A stored cross-site scripting vulnerability has been identified in the Sellsy plugin for WordPress, affecting all versions through 2.3.3. The issue arises from inadequate input sanitization and output escaping of user-supplied attributes in the plugin's 'testSellsy' shortcode. This vulnerability allows authenticated attackers with contributor-level access or higher to inject arbitrary web scripts into pages, which are executed when users access the affected pages.

A stored cross-site scripting vulnerability has been identified in the WP Youtube Gallery plugin for WordPress, affecting all versions through 1.9. The issue arises from inadequate input sanitization and output escaping, allowing authenticated attackers with Contributor-level access or higher to inject arbitrary scripts. These scripts are executed when a user accesses the compromised page.

A vulnerability exists in the ClickDesigns plugin for WordPress, allowing unauthorized data modification. This issue arises from a lack of capability checks in the 'clickdesigns_add_api' and 'clickdesigns_remove_api' functions, affecting all versions through 1.8.0. As a result, unauthenticated attackers can alter or delete the plugin's API key.

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the Transporters.io plugin for WordPress, affecting all versions through 2.1.1. The vulnerability arises from inadequate nonce validation, allowing unauthenticated attackers to inject malicious scripts by tricking a site administrator into clicking a link.

A Cross-Site Request Forgery (CSRF) vulnerability exists in the Chative Live Chat and Chatbot plugin for WordPress, affecting all versions through 1.1. The issue arises from inadequate nonce validation in the 'add_chative_widget_action()' function. This vulnerability allows unauthenticated attackers to manipulate the channel ID or organization ID by sending a forged request, provided they can deceive a site administrator into clicking a link. Such exploitation could redirect the live chat widget to a channel controlled by the attacker.

A vulnerability allowing sensitive information exposure has been identified in the WordPress Duplicate Post, Page and Any Custom Post plugin, affecting all versions through 3.5.5. The issue arises in the 'dpp_duplicate_as_draft' function, where authenticated attackers with Contributor-level access and above can access potentially sensitive data from draft, scheduled, private, and password-protected posts.

A stored cross-site scripting vulnerability has been identified in the WordPress Survey & Poll – Quiz, Survey and Poll Plugin for WordPress, affecting all versions through 1.7.5. The vulnerability arises from inadequate input sanitization and output escaping on user-supplied attributes, particularly within the 'wpsurveypoll_results' shortcode. This flaw allows authenticated attackers with contributor-level access or higher to inject arbitrary scripts into pages, which are executed when users access the affected page.

A vulnerability allowing arbitrary shortcode execution has been identified in the CF7 WOW Styler plugin for WordPress, affecting all versions through 1.7.0. The issue arises because the plugin does not properly validate user input before executing shortcodes, enabling unauthenticated attackers to execute arbitrary shortcodes. Additionally, this vulnerability is susceptible to reflected cross-site scripting. While version 1.7.0 addressed the reflected XSS issue, the arbitrary shortcode execution vulnerability persists.

A SQL injection vulnerability has been identified in the Live Sales Notification for WooCommerce - Woomotiv plugin for WordPress, affecting all versions through 3.6.1. The vulnerability arises from inadequate escaping of user-supplied data in the 'woomotiv_seen_products_.*' cookie, coupled with a lack of proper preparation in the SQL query. This flaw allows unauthenticated attackers to inject additional SQL commands into existing queries, potentially leading to the extraction of sensitive information from the database.

A privilege escalation vulnerability has been identified in the Themes Coder – Create Android & iOS Apps For Your WooCommerce Site plugin for WordPress, affecting all versions through 1.3.4. The vulnerability arises from the plugin's failure to properly validate user identity before allowing password changes via the update_user_profile() function. This flaw enables unauthenticated attackers to reset passwords for any user, including administrators, and gain unauthorized access to their accounts.

A reflected cross-site scripting vulnerability has been identified in the ARS Affiliate Page Plugin for WordPress, affecting all versions through 2.0.2. The issue arises from inadequate input sanitization and output escaping, allowing unauthenticated attackers to inject arbitrary web scripts via the 'utm_keyword' parameter. These injected scripts could be executed on pages if a user is tricked into clicking a link.

A stored cross-site scripting vulnerability has been identified in the Formaloo Form Maker & Customer Analytics for WordPress & WooCommerce plugin, affecting all versions through 2.1.3.2. The vulnerability arises from inadequate input sanitization and output escaping, allowing authenticated attackers with Contributor-level access or higher to inject arbitrary scripts. These scripts are executed when a user accesses the compromised page.

A stored cross-site scripting vulnerability has been identified in the Slider Pro Lite plugin for WordPress, affecting all versions through 1.4.1. The issue arises from inadequate input sanitization and output escaping on user-supplied attributes, particularly within the 'sliderpro' shortcode. This vulnerability allows authenticated attackers with contributor-level access or higher to inject arbitrary web scripts into pages, which are executed when users access the affected page.

A stored cross-site scripting vulnerability has been identified in the Sell Media plugin for WordPress, affecting all versions through 2.5.8.5. The issue arises from inadequate input sanitization and output escaping of user-supplied attributes in the 'sell_media_search_form_gutenberg' shortcode. This vulnerability allows authenticated attackers with contributor-level access or higher to inject arbitrary web scripts into pages, which are executed when users access the affected pages.

A SQL injection vulnerability has been identified in the Timeline Designer plugin for WordPress, affecting all versions through 1.4. The issue arises from inadequate escaping of user-supplied data in the 's' parameter, allowing unauthenticated attackers to inject additional SQL queries. This exploitation could lead to unauthorized access to sensitive information within the database.

A local privilege escalation vulnerability has been identified in the Dell Update Package Framework, affecting versions prior to 22.01.02. This vulnerability allows a low-privileged local attacker to execute arbitrary remote scripts on the server, potentially leading to a denial-of-service condition.

A vulnerability exists in Deno's fetch() redirect handling, where the Authorization header is not properly managed during cross-origin redirects. When a request with an Authorization header is sent to one domain and the response redirects to a different domain, Deno retains the original Authorization header in the follow-up request. This behavior leaks the header's content to the second domain, contrary to the expected behavior of dropping the Authorization header in such scenarios. The issue arises because Deno does not adhere to the same-origin policy and lacks a cookie jar, leading to unintentional leakage of authenticated data across origins. This vulnerability affects Deno versions prior to 1.46.4 and 2.1.2, as well as deno_fetch versions 0.204.0 and through 0.0.1.

A vulnerability in FRRouting (FRR) versions 6.0 prior to 10.3 allows for route re-validation to be triggered when an update received via the RTR protocol exceeds the default socket buffer size of 4K. This can be exploited by causing a large number of updates to be sent during the update interval, which typically lasts 30 minutes. The issue can also occur organically, but when exploited, it forces continuous route validation. Routers with large routing tables may take longer than 30 minutes to complete this process, leading to potential performance impacts. Additionally, the re-validation increases BMP traffic to ingestors.

A vulnerability exists in the AVM FRITZ!Box 7530 AX router, specifically in version 7.59, allowing unauthorized access to sensitive information through the '/juis_boxinfo.xml' file. This issue arises from an access control flaw that permits remote attackers to retrieve data without authentication. However, the reported vulnerability is disputed by the supplier, who states it cannot be reproduced and attributes the issue to an unintended configuration with direct Internet exposure.

An access control vulnerability has been identified in the ipTIME A2004 router, specifically in the login component hostinfo2.cgi, version 12.17.0. This vulnerability allows attackers to access sensitive information without authentication.

A cross-site scripting (XSS) vulnerability exists in Plane versions prior to 0.23. This issue allows authenticated users to upload SVG files as profile images. These SVG files can contain malicious JavaScript that executes in the browsers of users viewing the profile image.

An access control vulnerability has been identified in the ipTIME A2004 router, specifically in version 12.17.0. The issue resides in the '/login/hostinfo.cgi' component, where attackers can access sensitive information, including version details, without authentication. This vulnerability could be exploited by simply visiting the affected URL.

A vulnerability in the Color Phone Call Screen App (com.asianmobile.callcolor) for Android, up to version 24, allows any application to place phone calls without user interaction. This is achieved by sending a crafted intent to the exported CallActivity component, bypassing normal permission requirements.

A vulnerability in the 'iCall OS17 - Color Phone Flash' application, specifically in versions through 4.3 for Android, allows any application to make phone calls without user interaction. This is achieved by sending a crafted intent to the 'com.callos14.callscreen.colorphone.DialerActivity' component, bypassing normal permission requirements.

A vulnerability in the Color Phone Call Screen Themes application for Android, specifically in versions through 1.1.2, allows any app to make phone calls without user interaction. This is achieved by sending a specially crafted intent to the 'com.frovis.androidbase.call.DialerActivity' component, bypassing normal permission requirements.

A vulnerability in the Color Call Theme & Call Screen application, specifically in version 1.0.7 for Android, allows any app to make phone calls on behalf of the user without permission or interaction. This is achieved by sending a specially crafted intent to the exported DialerActivity component.

A vulnerability in the Color Phone: Call Screen Theme application, specifically in version 21.1.9 for Android, allows any app to make phone calls without user interaction. This is achieved by sending a crafted intent to the exported DialerActivity component, bypassing normal permission requirements.

A vulnerability in the Glitter Caller Screen application (also known as iCaller, Caller Theme & Dialer) for Android, in versions through 1.1, allows any application to make phone calls on behalf of the user without permission or interaction. This is achieved by sending a specially crafted intent to the exported 'com.glitter.caller.screen.DialerActivity' component.

A denial-of-service vulnerability has been identified in Redis versions 7.0.0 and later. The issue arises when an authenticated user with sufficient privileges creates a malformed Access Control List (ACL) selector. When this malformed selector is accessed, it triggers a server panic, leading to a crash and subsequent denial-of-service condition.