gbrsh@secragon

2 exploits Active since Apr 2023

CVE-2023-28121 NOMISEC CRITICAL WORKING POC

WooCommerce Payments < 4.8.2 and WooPayments < 5.6.2 - Unauthenticated Privilege Escalation via Request Forgery

An issue in WooCommerce Payments plugin for WordPress (versions 5.6.1 and lower) allows an unauthenticated attacker to send requests on behalf of an elevated user, like administrator. This allows a remote, unauthenticated attacker to gain admin access on a site that has the affected version of the plugin activated.

42 stars

CVSS 9.8

View Code

CVE-2024-1071 NOMISEC CRITICAL WORKING POC

WordPress Ultimate Member SQL Injection (CVE-2024-1071)

The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to SQL Injection via the 'sorting' parameter in versions 2.1.3 to 2.8.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

1 stars

CVSS 9.8

View Code