CVE ID: CVE-2021-43408
Assigner: AppCheck
Date Published: 2021-10-19T00:00:00
Affected Products:
- Copy Delete Posts Duplicate Post WordPress Plugin: Up to (excluding) 1.2.0
The "Duplicate Post" WordPress plugin up to and including version 1.1.9 is vulnerable to SQL Injection
. SQL injection vulnerabilities occur when client supplied data is included within an SQL Query insecurely. SQL Injection can typically be exploited to read, modify and delete SQL table data. In many cases it also possible to exploit features of SQL server to execute system commands and/or access the local file system. This particular vulnerability can be exploited by any authenticated user who has been granted access to use the Duplicate Post plugin. By default, this is limited to Administrators, however the plugin presents the option to permit access to the Editor, Author, Contributor and Subscriber roles. .
CVE ID: CVE-2021-39201
Assigner: GitHub_M
Date Published: 2021-09-09T21:35:08
Affected Products:
- WordPress wordpress-develop: From (including) >= 5.0
WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database
. ### Impact The issue allows an authenticated but low-privileged user (like contributor/author) to execute XSS in the editor. This bypasses the restrictions imposed on users who do not have the permission to post `unfiltered_html`. ### Patches This has been patched in WordPress 5.8, and will be pushed to older versions via minor releases (automatic updates). It's strongly recommended that you keep auto-updates enabled to receive the fix. ### References https://wordpress.org/news/category/releases/ https://hackerone.com/reports/1142140 ### For more information If you have any questions or comments about this advisory: * Open an issue in [HackerOne](https://hackerone.com/wordpress) .
CVE ID: CVE-2022-4268
Assigner: WPScan
Date Published: 2022-12-26T12:27:56.219Z
Affected Products:
- Unknown Plugin Logic: From (including) 0
The Plugin Logic WordPress plugin before 1.0.8 does not sanitise and escape a parameter before using it in a SQL statement
, leading to a SQL injection exploitable by high privilege users such as admin .
CVE ID: CVE-2019-16780
Assigner: GitHub_M
Date Published: 2019-12-26T16:50:13
Affected Products:
- WordPress WordPress: From (including) < 5.3.1
WordPress users with lower privileges (like contributors) can inject JavaScript code in the block editor using a specific payload
, which is executed within the dashboard. This can lead to XSS if an admin opens the post in the editor. Execution of this attack does require an authenticated user. This has been patched in WordPress 5.3.1, along with all the previous WordPress versions from 3.7 to 5.3 via a minor release. Automatic updates are enabled by default for minor releases and we strongly recommend that you keep them enabled. .
CVE ID: CVE-2017-5611
Assigner: debian
Date Published: 2017-01-30T04:24:00
Affected Products:
- n/a n/a: From (including) n/a
SQL injection vulnerability in wp-includes/class-wp-query.php in WP_Query in WordPress before 4.7.2 allows remote attackers to execute arbitrary SQL commands by leveraging the presence of an affected plugin or theme that mishandles a crafted post type name.
.
CVE ID: CVE-2022-4681
Assigner: WPScan
Date Published: 2023-02-06T19:59:20.610Z
Affected Products:
- Unknown Hide My WP: From (including) 0
The Hide My WP WordPress plugin before 6.2.9 does not properly sanitize and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users
, leading to a SQL injection. .
CVE ID: CVE-2015-8834
Assigner: mitre
Date Published: 2016-05-22T01:00:00
Affected Products:
- n/a n/a: From (including) n/a
Cross-site scripting (XSS) vulnerability in wp-includes/wp-db.php in WordPress before 4.2.2 allows remote attackers to inject arbitrary web script or HTML via a long comment that is improperly stored because of limitations on the MySQL TEXT data type
. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-3440. .
CVE ID: CVE-2012-2109
Assigner: redhat
Date Published: 2022-10-03T16:15:35
Affected Products:
- n/a n/a: From (including) n/a
SQL injection vulnerability in wp-load.php in the BuddyPress plugin 1.5.x before 1.5.5 of WordPress allows remote attackers to execute arbitrary SQL commands via the page parameter in an activity_widget_filter action.
.
CVE ID: CVE-2022-4497
Assigner: WPScan
Date Published: 2023-01-09T22:13:36.385Z
Affected Products:
- Unknown Jetpack CRM: From (including) 0
The Jetpack CRM WordPress plugin before 5.5 does not validate and escape some of its shortcode attributes before outputting them back in the page
, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins .
CVE ID: CVE-2014-3937
Assigner: mitre
Date Published: 2022-10-03T16:20:24
Affected Products:
- n/a n/a: From (including) n/a
SQL injection vulnerability in the Contextual Related Posts plugin before 1.8.10.2 for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
.