The Directorist – WordPress Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'setup_wizard' function in all versions up to, and including, 7.8.4. This makes it possible for unauthenticated attackers to recreate default pages and enable or disable monetization and change map provider.
Max CVSS
5.3
EPSS Score
N/A
Published
2024-02-29
Updated
2024-02-29
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to DOM-Based Reflected Cross-Site Scripting via a 'playground.wordpress.net' parameter in all versions up to, and including, 2.7.4.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Max CVSS
5.4
EPSS Score
0.05%
Published
2024-03-13
Updated
2024-03-13
WordPress through 6.1.1 depends on unpredictable client visits to cause wp-cron.php execution and the resulting security updates, and the source code describes "the scenario where a site may not receive enough visits to execute scheduled tasks in a timely manner," but neither the installation guide nor the security guide mentions this default behavior, or alerts the user about security risks on installations with very few visits.
Max CVSS
5.3
EPSS Score
0.08%
Published
2023-01-05
Updated
2023-02-02
WordPress does not properly restrict which user fields are searchable via the REST API, allowing unauthenticated attackers to discern the email addresses of users who have published public posts on an affected website via an Oracle style attack
Max CVSS
5.3
EPSS Score
0.09%
Published
2023-10-16
Updated
2023-11-20
Improper authentication vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to obtain the email address of the user who posted a blog using the WordPress Post by Email Feature. The developer also provides new patched releases for all versions since 3.7.
Max CVSS
5.3
EPSS Score
0.16%
Published
2022-12-05
Updated
2023-02-03
WordPress is affected by an unauthenticated blind SSRF in the pingback feature. Because of a TOCTOU race condition between the validation checks and the HTTP request, attackers can reach internal hosts that are explicitly forbidden.
Max CVSS
5.9
EPSS Score
0.12%
Published
2022-12-14
Updated
2022-12-20
WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions output data of the function wp_die() can be leaked under certain conditions, which can include data like nonces. It can then be used to perform actions on your behalf. This has been patched in WordPress 5.8.1, along with any older affected versions via minor releases. It's strongly recommended that you keep auto-updates enabled to receive the fix.
Max CVSS
5.3
EPSS Score
0.09%
Published
2021-09-09
Updated
2021-12-14
In wp-includes/comment-template.php in WordPress before 5.4.2, comments from a post or page could sometimes be seen in the latest comments even if the post or page was not public.
Max CVSS
5.3
EPSS Score
0.09%
Published
2020-09-13
Updated
2020-09-17
In affected versions of WordPress, a cross-site scripting (XSS) vulnerability in the navigation section of Customizer allows JavaScript code to be executed. Exploitation requires an authenticated user. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33).
Max CVSS
5.8
EPSS Score
0.15%
Published
2020-04-30
Updated
2020-08-18
In affected versions of WordPress, due to an issue in wp_validate_redirect() and URL sanitization, an arbitrary external link can be crafted leading to unintended/open redirect when clicked. This has been patched in version 5.4.2, along with all the previously affected versions via a minor release (5.3.4, 5.2.7, 5.1.6, 5.0.10, 4.9.15, 4.8.14, 4.7.18, 4.6.19, 4.5.22, 4.4.23, 4.3.24, 4.2.28, 4.1.31, 4.0.31, 3.9.32, 3.8.34, 3.7.34).
Max CVSS
5.7
EPSS Score
0.10%
Published
2020-06-12
Updated
2023-02-27
In affected versions of WordPress, users with low privileges (like contributors and authors) can use the embed block in a certain way to inject unfiltered HTML in the block editor. When affected posts are viewed by a higher privileged user, this could lead to script execution in the editor/wp-admin. This has been patched in version 5.4.2, along with all the previously affected versions via a minor release (5.3.4, 5.2.7, 5.1.6, 5.0.10, 4.9.15, 4.8.14, 4.7.18, 4.6.19, 4.5.22, 4.4.23, 4.3.24, 4.2.28, 4.1.31, 4.0.31, 3.9.32, 3.8.34, 3.7.34).
Max CVSS
5.4
EPSS Score
0.41%
Published
2020-06-12
Updated
2023-01-27
In in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in WordPress 3.7 to 5.3.0, authenticated users who do not have the rights to publish a post are able to mark posts as sticky or unsticky via the REST API. For example, the contributor role does not have such rights, but this allowed them to bypass that. This has been patched in WordPress 5.3.1, along with all the previous WordPress versions from 3.7 to 5.3 via a minor release.
Max CVSS
5.0
EPSS Score
0.20%
Published
2019-12-27
Updated
2023-01-20
WordPress before 5.2.4 is vulnerable to stored XSS (cross-site scripting) via the Customizer.
Max CVSS
5.4
EPSS Score
0.22%
Published
2019-10-17
Updated
2023-02-03
In WordPress before 5.2.4, unauthenticated viewing of certain content is possible because the static query property is mishandled.
Max CVSS
5.3
EPSS Score
1.12%
Published
2019-10-17
Updated
2023-02-03
In WordPress before 5.3.1, authenticated users with lower privileges (like contributors) can inject JavaScript code in the block editor, which is executed within the dashboard. It can lead to an admin opening the affected post in the editor leading to XSS.
Max CVSS
5.8
EPSS Score
0.18%
Published
2019-12-26
Updated
2023-01-19
WordPress users with lower privileges (like contributors) can inject JavaScript code in the block editor using a specific payload, which is executed within the dashboard. This can lead to XSS if an admin opens the post in the editor. Execution of this attack does require an authenticated user. This has been patched in WordPress 5.3.1, along with all the previous WordPress versions from 3.7 to 5.3 via a minor release. Automatic updates are enabled by default for minor releases and we strongly recommend that you keep them enabled.
Max CVSS
5.8
EPSS Score
0.16%
Published
2019-12-26
Updated
2022-11-23
WordPress before 5.2.3 allows XSS in post previews by authenticated users.
Max CVSS
5.4
EPSS Score
0.62%
Published
2019-09-11
Updated
2022-10-07
In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could modify new comments made by users with greater privileges, possibly causing XSS.
Max CVSS
5.4
EPSS Score
0.17%
Published
2018-12-14
Updated
2019-03-04
In WordPress before 4.9.9 and 5.x before 5.0.1, when the Apache HTTP Server is used, authors could upload crafted files that bypass intended MIME type restrictions, leading to XSS, as demonstrated by a .jpg file without JPEG data.
Max CVSS
5.4
EPSS Score
0.10%
Published
2018-12-14
Updated
2019-03-04
wp-includes/feed.php in WordPress before 4.9.1 does not properly restrict enclosures in RSS and Atom fields, which might allow attackers to conduct XSS attacks via a crafted URL.
Max CVSS
5.4
EPSS Score
0.10%
Published
2017-12-02
Updated
2019-04-26
wp-includes/general-template.php in WordPress before 4.9.1 does not properly restrict the lang attribute of an HTML element, which might allow attackers to conduct XSS attacks via the language setting of a site.
Max CVSS
5.4
EPSS Score
0.09%
Published
2017-12-02
Updated
2019-04-26
wp-includes/functions.php in WordPress before 4.9.1 does not require the unfiltered_html capability for upload of .js files, which might allow remote attackers to conduct XSS attacks via a crafted file.
Max CVSS
5.4
EPSS Score
0.09%
Published
2017-12-02
Updated
2019-04-26
Before version 4.8.2, WordPress was susceptible to an open redirect attack in wp-admin/edit-tag-form.php and wp-admin/user-edit.php.
Max CVSS
5.4
EPSS Score
0.14%
Published
2017-09-23
Updated
2017-11-10
WordPress through 4.7.4 relies on the Host HTTP header for a password-reset e-mail message, which makes it easier for remote attackers to reset arbitrary passwords by making a crafted wp-login.php?action=lostpassword request and then arranging for this message to bounce or be resent, leading to transmission of the reset key to a mailbox on an attacker-controlled SMTP server. This is related to problematic use of the SERVER_NAME variable in wp-includes/pluggable.php in conjunction with the PHP mail function. Exploitation is not achievable in all cases because it requires at least one of the following: (1) the attacker can prevent the victim from receiving any e-mail messages for an extended period of time (such as 5 days), (2) the victim's e-mail system sends an autoresponse containing the original message, or (3) the victim manually composes a reply containing the original message.
Max CVSS
5.9
EPSS Score
2.83%
Published
2017-05-04
Updated
2017-11-04
In WordPress before 4.7.3 (wp-includes/embed.php), there is authenticated Cross-Site Scripting (XSS) in YouTube URL Embeds.
Max CVSS
5.4
EPSS Score
0.09%
Published
2017-03-12
Updated
2019-03-19
75 vulnerabilities found
1 2 3
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!