CVE漏洞

OStack程序员社区-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2021-24733

The WP Post Page Clone WordPress plugin before 1.2 allows users with a role as low as Contributor to clone and view other users' draft and password-protected posts which they cannot view normally. ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：92 | 回复：0
CVE-2021-24858

The Cookie Notification Plugin for WordPress plugin before 1.0.9 does not sanitise or escape the id GET parameter before using it in a SQL statement, when retrieving the setting to edit in the admin d ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：125 | 回复：0
CVE-2021-24865

The Advanced Custom Fields: Extended WordPress plugin before 0.8.8.7 does not validate the order and orderby parameters before using them in a SQL statement, leading to a SQL Injection issue……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：125 | 回复：0
CVE-2021-24906

The Protect WP Admin WordPress plugin before 3.6.2 does not check for authorisation in the lib/pwa-deactivate.php file, which could allow unauthenticated users to disable the plugin (and therefore the ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：321 | 回复：0
CVE-2021-24923

The Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue WordPress plugin before 3.1.25 does not escape the sib-statistics-date parameter before outputting it back in an attribute, lead ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：133 | 回复：0
CVE-2021-24936

The WP Extra File Types WordPress plugin before 0.5.1 does not have CSRF check when saving its settings, nor sanitise and escape some of them, which could allow attackers to make a logged in admin cha ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：80 | 回复：0
CVE-2021-24965

The Five Star Restaurant Reservations WordPress plugin before 2.4.8 does not have capability and CSRF checks in the rtb_welcome_set_schedule AJAX action, allowing any authenticated users to call it. D ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：59 | 回复：0
CVE-2021-24968

The Ultimate FAQ WordPress plugin before 2.1.2 does not have capability and CSRF checks in the ewd_ufaq_welcome_add_faq and ewd_ufaq_welcome_add_faq_page AJAX actions, available to any authenticated u ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：52 | 回复：0
CVE-2021-24974

The Product Feed PRO for WooCommerce WordPress plugin before 11.0.7 does not have authorisation and CSRF check in some of its AJAX actions, allowing any authenticated users to call then, which could l ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：47 | 回复：0
CVE-2021-24976

The Smart SEO Tool WordPress plugin before 3.0.6 does not sanitise and escape the search parameter before outputting it back in an attribute when the TDK optimisation setting is enabled, leading to a ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：38 | 回复：0
CVE-2021-24985

The Easy Forms for Mailchimp WordPress plugin before 6.8.6 does not sanitise and escape the field_name and field_type parameters before outputting them back in attributes, leading to Reflected Cross-S ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：46 | 回复：0
CVE-2021-24989

The Accept Donations with PayPal WordPress plugin before 1.3.4 does not have CSRF check in place and does not ensure that the post to be deleted belongs to the plugin, allowing attackers to make a log ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：30 | 回复：0
CVE-2021-25008

The Code Snippets WordPress plugin before 2.14.3 does not escape the snippets-safe-mode parameter before outputting it back in attributes, leading to a Reflected Cross-Site Scripting issue……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：34 | 回复：0
CVE-2021-25013

The Qubely WordPress plugin before 1.7.8 does not have authorisation and CSRF check on the qubely_delete_saved_block AJAX action, and does not ensure that the block to be deleted belong to the plugin, ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：39 | 回复：0
CVE-2021-25015

The myCred WordPress plugin before 2.4 does not sanitise and escape the search query before outputting it back in the history dashboard page, leading to a Reflected Cross-Site Scripting issue……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：32 | 回复：0
CVE-2021-25017

The Tutor LMS WordPress plugin before 1.9.12 does not escape the search parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：30 | 回复：0
CVE-2021-25028

The Event Tickets WordPress plugin before 5.2.2 does not validate the tribe_tickets_redirect_to parameter before redirecting the user to the given value, leading to an arbitrary redirect issue……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：36 | 回复：0
CVE-2021-25031

The Image Hover Effects Ultimate (Image Gallery, Effects, Lightbox, Comparison or Magnifier) WordPress plugin before 9.7.1 does not escape the effects parameter before outputting it back in an attribu ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：30 | 回复：0
CVE-2021-25035

The Backup and Staging by WP Time Capsule WordPress plugin before 1.22.7 does not sanitise and escape the error parameter before outputting it back in an admin page, leading to a Reflected Cross-Site ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：29 | 回复：0
CVE-2021-25045

The Asgaros Forum WordPress plugin before 1.15.15 does not validate or escape the forum_id parameter before using it in a SQL statement when editing a forum, leading to an SQL injection issue……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：28 | 回复：0
CVE-2021-25049

The Mobile Events Manager WordPress plugin before 1.4.4 does not sanitise and escape various of its settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilt ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：35 | 回复：0
CVE-2021-25062

The Orders Tracking for WooCommerce WordPress plugin before 1.1.10 does not sanitise and escape the file_url before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：19 | 回复：0
CVE-2021-25073

The WP125 WordPress plugin before 1.5.5 does not have CSRF checks in various action, for example when deleting an ad, allowing attackers to make a logged in admin delete them via a CSRF attack……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：25 | 回复：0
CVE-2021-25074

The WebP Converter for Media WordPress plugin before 4.0.3 contains a file (passthru.php) which does not validate the src parameter before redirecting the user to it, leading to an Open Redirect issue……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：28 | 回复：0
CVE-2021-25076

The WP User Frontend WordPress plugin before 3.5.26 does not validate and escape the status parameter before using it in a SQL statement in the Subscribers dashboard, leading to an SQL injection. Due ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：25 | 回复：0
CVE-2021-25078

The Affiliates Manager WordPress plugin before 2.9.0 does not validate, sanitise and escape the IP address of requests logged by the click tracking feature, allowing unauthenticated attackers to perfo ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：28 | 回复：0
CVE-2021-25079

The Contact Form Entries WordPress plugin before 1.2.4 does not sanitise and escape various parameters, such as form_id, status, end_date, order, orderby and search before outputting them back in the ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：23 | 回复：0
CVE-2021-25080

The Contact Form Entries WordPress plugin before 1.1.7 does not validate, sanitise and escape the IP address retrieved via headers such as CLIENT-IP and X-FORWARDED-FOR, allowing unauthenticated attac ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：21 | 回复：0
CVE-2021-25083

The Registrations for the Events Calendar WordPress plugin before 2.7.10 does not escape the qtype parameter before outputting it back in an attribute in the settings page, leading to a Reflected Cros ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：19 | 回复：0
CVE-2022-0269

Cross-Site Request Forgery (CSRF) in Packagist yetiforce/yetiforce-crm prior to 6.3.0.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：21 | 回复：0
CVE-2021-44981

In QuickBox Pro v2.5.8 and below, the config.php file has a variable which takes a GET parameter value and parses it into a shell_exec(''); function without properly sanitizing any shell argum ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：16 | 回复：0
CVE-2022-22296

Sourcecodester Hospital's Patient Records Management System 1.0 is vulnerable to Insecure Permissions via the id parameter in manage_user endpoint. Simply change the value and data of other users ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：17 | 回复：0
CVE-2021-40596

SQL injection vulnerability in Login.php in sourcecodester Online Learning System v2 by oretnom23, allows attackers to execute arbitrary SQL commands via the faculty_id parameter.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：20 | 回复：0
CVE-2021-40907

SQL injection vulnerability in Sourcecodester Storage Unit Rental Management System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter to /storage/classes/L ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：21 | 回复：0
CVE-2021-40908

SQL injection vulnerability in Login.php in Sourcecodester Purchase Order Management System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：24 | 回复：0
CVE-2022-23437

There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser to wait in an infinite loop, w ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：23 | 回复：0
CVE-2021-40909

Cross site scripting (XSS) vulnerability in sourcecodester PHP CRUD without Refresh/Reload using Ajax and DataTables Tutorial v1 by oretnom23, allows remote attackers to execute arbitrary code via the ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：24 | 回复：0
CVE-2021-41471

SQL injection vulnerability in Sourcecodester South Gate Inn Online Reservation System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the email and Password parameters.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：21 | 回复：0
CVE-2021-41472

SQL injection vulnerability in Sourcecodester Simple Membership System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username and password parameters.……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：16 | 回复：0
CVE-2021-4088

SQL injection vulnerability in Data Loss Protection (DLP) ePO extension 11.8.x prior to 11.8.100, 11.7.x prior to 11.7.101, and 11.6.401 allows a remote authenticated attacker to inject unfiltered SQL ...……

作者：菜鸟教程小白 | 时间：2022-6-22 22:09 | 阅读：20 | 回复：0