Security
Headlines
HeadlinesLatestCVEs

Tag

#perl

CVE-2023-5742: EasyRotator for WordPress <= 1.0.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Wordfence Intelligence

The EasyRotator for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'easyrotator' shortcode in all versions up to, and including, 1.0.14 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE
Open in Source
#xss#vulnerability#web#wordpress#intel#perl#auth
CVE-2023-5708: WP Post Columns <= 2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Wordfence Intelligence

The WP Post Columns plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'column' shortcode in all versions up to, and including, 2.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE-2023-6008: UserPro <= 5.1.1 - Cross-Site Request Forgery via multiple functions — Wordfence Intelligence

The UserPro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.1.1. This is due to missing or incorrect nonce validation on multiple functions. This makes it possible for unauthenticated attackers to add, modify, or delete user meta and plugin options.

CVE-2023-5664: Garden Gnome Package <= 2.2.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Wordfence Intelligence

The Garden Gnome Package plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ggpkg' shortcode in all versions up to, and including, 2.2.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This was partially patched in version 2.2.7 and fully patched in version 2.2.9.

CVE-2023-5469: Drop Shadow Boxes <= 1.7.13 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Wordfence Intelligence

The Drop Shadow Boxes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'dropshadowbox' shortcode in versions up to, and including, 1.7.13 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE-2023-5466: Wp anything slider <= 9.1 - Authenticated (Subscriber+) SQL Injection via Shortcode — Wordfence Intelligence

The Wp anything slider plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 9.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with subscriber-level and above permissions to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

CVE-2023-5465: Popup with fancybox <= 3.5 - Authenticated (Subscriber+) SQL Injection via Shortcode — Wordfence Intelligence

The Popup with fancybox plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 3.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with subscriber-level and above permissions to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

CVE-2023-5667: Tab Ultimate <= 1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Wordfence Intelligence

The Tab Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE-2023-5662: Sponsors <= 3.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Wordfence Intelligence

The Sponsors plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'sponsors' shortcode in all versions up to, and including, 3.5.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE-2023-5704: CPO Shortcodes <= 1.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Wordfence Intelligence

The CPO Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.5.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.