V35HR4J

5 exploits Active since Oct 2021
CVE-2022-1597 NOMISEC MEDIUM WORKING POC
WPQA Builder < 5.4 - Reflected Cross-Site Scripting via Reset Password Form Parameter
The WPQA Builder WordPress plugin before 5.4, used as a companion for the Discy and Himer , does not sanitise and escape a parameter on its reset password form which makes it possible to perform Reflected Cross-Site Scripting attacks
4 stars
CVSS 6.1
CVE-2022-1051 NOMISEC MEDIUM WRITEUP
WPQA Builder Plugin < 5.2 - Authenticated Stored Cross-Site Scripting in Profile Page Fields
The WPQA Builder Plugin WordPress plugin before 5.2, used as a companion plugin for the Discy and Himer , does not sanitise and escape the city, phone or profile credentials fields when outputting it in the profile page, allowing any authenticated user to perform Cross-Site Scripting attacks.
2 stars
CVSS 5.4
CVE-2021-24545 NOMISEC MEDIUM WORKING POC
WP HTML Author Bio < 1.2.0 - Authenticated Stored Cross-Site Scripting via User Bio
The WP HTML Author Bio WordPress plugin through 1.2.0 does not sanitise the HTML allowed in the Bio of users, allowing them to use malicious JavaScript code, which will be executed when anyone visit a post in the frontend made by such user. As a result, user with a role as low as author could perform Cross-Site Scripting attacks against users, which could potentially lead to privilege escalation when an admin view the related post/s.
2 stars
CVSS 5.4
CVE-2022-1598 NOMISEC MEDIUM WRITEUP
WPQA Builder < 5.4 - Unauthenticated Private Question Disclosure via REST API Endpoint
The WPQA Builder WordPress plugin before 5.5 which is a companion to the Discy and Himer , lacks authentication in a REST API endpoint, allowing unauthenticated users to discover private questions sent between users on the site.
1 stars
CVSS 5.3
CVE-2021-24563 NOMISEC MEDIUM WORKING POC
Frontend Uploader < 1.3.2 - Unauthenticated Stored Cross-Site Scripting via HTML File Upload
The Frontend Uploader WordPress plugin through 1.3.2 does not prevent HTML files from being uploaded via its form, allowing unauthenticated user to upload a malicious HTML file containing JavaScript for example, which will be triggered when someone access the file directly
1 stars
CVSS 6.1