Export limit exceeded: 80499 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (80499 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-24579 | 1 Bold-themes | 1 Bold Page Builder | 2024-11-21 | 8.8 High |
| The bt_bb_get_grid AJAX action of the Bold Page Builder WordPress plugin before 3.1.6 passes user input into the unserialize() function without any validation or sanitisation, which could lead to a PHP Object Injection. Even though the plugin did not contain a suitable gadget to fully exploit the issue, other installed plugins on the blog could allow such issue to be exploited and lead to RCE in some cases. | ||||
| CVE-2021-24575 | 1 Igexsolutions | 1 Wpschoolpress | 2024-11-21 | 8.8 High |
| The School Management System – WPSchoolPress WordPress plugin before 2.1.10 does not properly sanitize or use prepared statements before using POST variable in SQL queries, leading to SQL injection in multiple actions available to various authenticated users, from simple subscribers/students to teachers and above. | ||||
| CVE-2021-24565 | 1 Contact Form 7 Captcha Project | 1 Contact Form 7 Captcha | 2024-11-21 | 8.8 High |
| The Contact Form 7 Captcha WordPress plugin before 0.0.9 does not have any CSRF check in place when saving its settings, allowing attacker to make a logged in user with the manage_options change them. Furthermore, the settings are not escaped when output in attributes, leading to a Stored Cross-Site Scripting issue. | ||||
| CVE-2021-24562 | 1 Lifterlms | 1 Lifterlms | 2024-11-21 | 7.5 High |
| The LMS by LifterLMS – Online Course, Membership & Learning Management System Plugin for WordPress plugin before 4.21.2 was affected by an IDOR issue, allowing students to see other student answers and grades | ||||
| CVE-2021-24557 | 1 Nimble3 | 1 M-vslider | 2024-11-21 | 7.2 High |
| The update functionality in the rslider_page uses an rs_id POST parameter which is not validated, sanitised or escaped before being inserted in sql query, therefore leading to SQL injection for users having Administrator role. | ||||
| CVE-2021-24555 | 1 Roosty | 1 Diary-availability-calendar | 2024-11-21 | 8.8 High |
| The daac_delete_booking_callback function, hooked to the daac_delete_booking AJAX action, takes the id POST parameter which is passed into the SQL statement without proper sanitisation, validation or escaping, leading to a SQL Injection issue. Furthermore, the ajax action is lacking any CSRF and capability check, making it available to any authenticated user. | ||||
| CVE-2021-24554 | 1 Freelancetoindia | 1 Paytm-pay | 2024-11-21 | 7.2 High |
| The Paytm – Donation Plugin WordPress plugin through 1.3.2 does not sanitise, validate or escape the id GET parameter before using it in a SQL statement when deleting donations, leading to an authenticated SQL injection issue | ||||
| CVE-2021-24553 | 1 Timeline Calendar Project | 1 Timeline Calendar | 2024-11-21 | 7.2 High |
| The Timeline Calendar WordPress plugin through 1.2 does not sanitise, validate or escape the edit GET parameter before using it in a SQL statement when editing events, leading to an authenticated SQL injection issue. Other SQL Injections are also present in the plugin | ||||
| CVE-2021-24552 | 1 Simple Events Calendar Project | 1 Simple Events Calendar | 2024-11-21 | 7.2 High |
| The Simple Events Calendar WordPress plugin through 1.4.0 does not sanitise, validate or escape the event_id POST parameter before using it in a SQL statement when deleting events, leading to an authenticated SQL injection issue | ||||
| CVE-2021-24550 | 1 Broken Link Manager Project | 1 Broken Link Manager | 2024-11-21 | 7.2 High |
| The Broken Link Manager WordPress plugin through 0.6.5 does not sanitise, validate or escape the url GET parameter before using it in a SQL statement when retrieving an URL to edit, leading to an authenticated SQL injection issue | ||||
| CVE-2021-24546 | 1 Extendify | 1 Editorskit | 2024-11-21 | 8.8 High |
| The Gutenberg Block Editor Toolkit – EditorsKit WordPress plugin before 1.31.6 does not sanitise and validate the Conditional Logic of the Custom Visibility settings, allowing users with a role as low contributor to execute Arbitrary PHP code | ||||
| CVE-2021-24537 | 1 Shareaholic | 1 Similar Posts | 2024-11-21 | 7.2 High |
| The Similar Posts WordPress plugin through 3.1.5 allow high privilege users to execute arbitrary PHP code in an hardened environment (ie with DISALLOW_FILE_EDIT, DISALLOW_FILE_MODS and DISALLOW_UNFILTERED_HTML set to true) via the 'widget_rrm_similar_posts_condition' widget setting of the plugin. | ||||
| CVE-2021-24521 | 1 Wow-estore | 1 Side Menu | 2024-11-21 | 7.2 High |
| The Side Menu Lite – add sticky fixed buttons WordPress plugin before 2.2.1 does not properly sanitize input values from the browser when building an SQL statement. Users with the administrator role or permission to manage this plugin could perform an SQL Injection attack. | ||||
| CVE-2021-24520 | 1 Coderstimes | 1 Out Of Stock Message For Woocommerce | 2024-11-21 | 8.8 High |
| The Stock in & out WordPress plugin through 1.0.4 lacks proper sanitization before passing variables to an SQL request, making it vulnerable to SQL Injection attacks. Users with a role of contributor or higher can exploit this vulnerability. | ||||
| CVE-2021-24511 | 1 Dpl | 1 Product Feed On Woocommerce | 2024-11-21 | 7.2 High |
| The fetch_product_ajax functionality in the Product Feed on WooCommerce WordPress plugin before 3.3.1.0 uses a `product_id` POST parameter which is not properly sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection. | ||||
| CVE-2021-24506 | 1 Quantumcloud | 1 Slider Hero | 2024-11-21 | 8.8 High |
| The Slider Hero with Animation, Video Background & Intro Maker WordPress plugin before 8.2.7 does not sanitise or escape the id attribute of its hero-button shortcode before using it in a SQL statement, allowing users with a role as low as Contributor to perform SQL injection. | ||||
| CVE-2021-24501 | 1 Amentotech | 1 Workreap | 2024-11-21 | 8.1 High |
| The Workreap WordPress theme before 2.2.2 had several AJAX actions missing authorization checks to verify that a user was authorized to perform critical operations such as modifying or deleting objects. This allowed a logged in user to modify or delete objects belonging to other users on the site. | ||||
| CVE-2021-24500 | 1 Amentotech | 1 Workreap | 2024-11-21 | 8.1 High |
| Several AJAX actions available in the Workreap WordPress theme before 2.2.2 lacked CSRF protections, as well as allowing insecure direct object references that were not validated. This allows an attacker to trick a logged in user to submit a POST request to the vulnerable site, potentially modifying or deleting arbitrary objects on the target site. | ||||
| CVE-2021-24497 | 1 Satollo | 1 Giveaway | 2024-11-21 | 7.2 High |
| The Giveaway WordPress plugin through 1.2.2 is vulnerable to an SQL Injection issue which allows an administrative user to execute arbitrary SQL commands via the $post_id on the options.php page. | ||||
| CVE-2021-24492 | 1 Handsome Testimonials \& Reviews Project | 1 Handsome Testimonials \& Reviews | 2024-11-21 | 8.8 High |
| The hndtst_action_instance_callback AJAX call of the Handsome Testimonials & Reviews WordPress plugin before 2.1.1, available to any authenticated users, does not sanitise, validate or escape the hndtst_previewShortcodeInstanceId POST parameter before using it in a SQL statement, leading to an SQL Injection issue. | ||||