| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The Electric Studio Download Counter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin settings in all versions up to, and including, 2.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. |
| The WMF Mobile Redirector plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin settings in all versions up to, and including, 1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. |
| The WP Allowed Hosts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'allowed-hosts' parameter in all versions up to, and including, 1.0.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. |
| Chainlit versions prior to 2.8.5 contain an authorization bypass through user-controlled key vulnerability. If this vulnerability is exploited, threads may be viewed or thread ownership may be obtained by an attacker who can log in to the product. |
| The Float Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to improper error handling in the verifyFloatResponse() function in all versions up to, and including, 1.1.9. This makes it possible for unauthenticated attackers to mark any WooCommerce order as failed. |
| The Aplazo Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the check_success_response() function in all versions up to, and including, 1.4.2. This makes it possible for unauthenticated attackers to set any WooCommerce order to `pending payment` status. |
| The PayHere Payment Gateway Plugin for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to an improper validation logic in the check_payhere_response function in all versions up to, and including, 2.3.9. This makes it possible for unauthenticated attackers to change the status of pending WooCommerce orders to paid/completed/on hold. |
| The Stopwords for comments plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing nonce validation on the 'set_stopwords_for_comments' and 'delete_stopwords_for_comments' functions. This makes it possible for unauthenticated attackers to add or delete stopwords via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. |
| The SocialChamp with WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.3. This is due to missing nonce validation on the wpsc_settings_tab_menu function. This makes it possible for unauthenticated attackers to modify plugin settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. |
| The Shipping Rate By Cities plugin for WordPress is vulnerable to SQL Injection via the 'city' parameter in all versions up to, and including, 2.0.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. |
| The Perfit WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0.1. This is due to missing authorization checks on the `logout` function called via the `actions` function hooked to `admin_init`. This makes it possible for unauthenticated attackers to delete arbitrary plugin settings via the `action` parameter. |
| Zohocorp ManageEngine PAM360 versions before 8202; Password Manager Pro versions before 13221; Access Manager Plus versions prior to 4401 are vulnerable to an authorization issue in the initiate remote session functionality. |
| An authentication bypass vulnerability in NETGEAR Orbi devices allows
users connected to the local network to access the router web interface
as an admin. |
| An insufficient authentication vulnerability in NETGEAR WiFi range
extenders allows a network adjacent attacker with WiFi authentication or
a physical Ethernet port connection to bypass the authentication
process and access the admin panel. |
| A path traversal vulnerability in NETGEAR WiFi range extenders allows
an attacker with LAN authentication to access the router's IP and
review the contents of the dynamically generated webproc file, which
records the username and password submitted to the router GUI. |
| An insufficient input validation vulnerability in NETGEAR Orbi devices'
DHCPv6 functionality allows network adjacent attackers authenticated
over WiFi or on LAN to execute OS command injections on the router.
DHCPv6 is not enabled by default. |
| An insufficient input validation vulnerability in the NETGEAR XR1000v2
allows attackers connected to the router's LAN to execute OS command
injections. |
| An insufficient input validation vulnerability in NETGEAR Orbi routers
allows attackers connected to the router's LAN to execute OS command
injections. |
| Due to an OS Command Injection vulnerability in SAP Application Server for ABAP and SAP NetWeaver RFCSDK, an authenticated attacker with administrative access and adjacent network access could upload specially crafted content to the server. If processed by the application, this content enables execution of arbitrary operating system commands. Successful exploitation could lead to full compromise of the system�s confidentiality, integrity, and availability. |
| SAP Fiori App Intercompany Balance Reconciliation does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has high impact on confidentiality and integrity of the application ,availability is not impacted. |
