b0marek

10 exploits Active since Apr 2023
CVE-2023-4800 NOMISEC MEDIUM WRITEUP
DoLogin Security WP <3.7.1 - Info Disclosure
The DoLogin Security WordPress plugin before 3.7.1 does not restrict the access of a widget that shows the IPs of failed logins to low privileged users.
CVSS 6.5
CVE-2023-4549 NOMISEC MEDIUM WORKING POC
DoLogin Security WordPress plugin < 3.7 - Stored Cross-Site Scripting via X-Forwarded-For Header
The DoLogin Security WordPress plugin before 3.7 does not properly sanitize IP addresses coming from the X-Forwarded-For header, which can be used by attackers to conduct Stored XSS attacks via WordPress' login form.
CVSS 6.1
CVE-2023-4631 NOMISEC MEDIUM WRITEUP
DoLogin Security WP <3.7 - Info Disclosure
The DoLogin Security WordPress plugin before 3.7 uses headers such as the X-Forwarded-For to retrieve the IP address of the request, which could lead to IP spoofing.
CVSS 5.3
CVE-2023-42426 NOMISEC MEDIUM WRITEUP
Froala Editor 4.1.1 - Stored Cross-Site Scripting via Insert Link Parameter
Cross-site scripting (XSS) vulnerability in Froala Froala Editor v.4.1.1 allows remote attackers to execute arbitrary code via the 'Insert link' parameter in the 'Insert Image' component.
CVSS 6.1
CVE-2023-4279 NOMISEC HIGH WORKING POC
User Activity Log <1.6.7 - Info Disclosure
This User Activity Log WordPress plugin before 1.6.7 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to hide the source of malicious traffic.
CVSS 7.5
CVE-2023-4281 NOMISEC MEDIUM WORKING POC
Activity Log WP <2.8.8 - Info Disclosure
This Activity Log WordPress plugin before 2.8.8 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to hide the source of malicious traffic.
CVSS 5.3
CVE-2023-4294 NOMISEC MEDIUM WRITEUP
URL Shortify < 1.7.6 - Unauthenticated Stored Cross-Site Scripting via Referer Header
The URL Shortify WordPress plugin before 1.7.6 does not properly escape the value of the referer header, thus allowing an unauthenticated attacker to inject malicious javascript that will trigger in the plugins admin panel with statistics of the created short link.
CVSS 6.1
CVE-2023-43263 NOMISEC MEDIUM WORKING POC
Froala Editor 4.1.1 - Stored Cross-Site Scripting via Markdown Component
A Cross-site scripting (XSS) vulnerability in Froala Editor v.4.1.1 allows attackers to execute arbitrary code via the Markdown component.
CVSS 6.1
CVE-2023-0157 NOMISEC MEDIUM WRITEUP
All-In-One Security WordPress Plugin < 5.1.5 - Stored Cross-Site Scripting via Log File Content
The All-In-One Security (AIOS) WordPress plugin before 5.1.5 does not escape the content of log files before outputting it to the plugin admin page, allowing an authorized user (admin+) to plant bogus log files containing malicious JavaScript code that will be executed in the context of any administrator visiting this page.
CVSS 4.8
CVE-2023-0156 NOMISEC MEDIUM WORKING POC
AIOS WordPress <5.1.5 - Info Disclosure
The All-In-One Security (AIOS) WordPress plugin before 5.1.5 does not limit what log files to display in it's settings pages, allowing an authorized user (admin+) to view the contents of arbitrary files and list directories anywhere on the server (to which the web server has access). The plugin only displays the last 50 lines of the file.
CVSS 4.9