Github Exploits
1,799 exploits tracked across all sources.
Eventin <= 4.0.26 - Privilege Escalation via Incorrect Privilege Assignment
Incorrect Privilege Assignment vulnerability in Arraytics Eventin wp-event-solution allows Privilege Escalation.This issue affects Eventin: from n/a through <= 4.0.26.
by Boshe99
CVSS 9.8
Profitori WordPress <2.1.1.3 - Privilege Escalation
The Profitori plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the stocktend_object endpoint in versions 2.0.6.0 to 2.1.1.3. This makes it possible to trigger the save_object_as_user() function for objects whose '_datatype' is set to 'users',. This allows unauthenticated attackers to write arbitrary strings straight into the user’s wp_capabilities meta field, potentially elevating the privileges of an existing user account or a newly created one to that of an administrator.
by Boshe99
CVSS 9.8
Simple User Registration < 6.3 - Unauthenticated Privilege Escalation via User Meta Manipulation
The Simple User Registration plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.3. This is due to insufficient restrictions on user meta values that can be supplied during registration. This makes it possible for unauthenticated attackers to register as an administrator.
by Boshe99
CVSS 9.8
WordPress CSV Mass Importer <1.2 - Privilege Escalation
The CSV Mass Importer WordPress plugin through 1.2 does not properly validate uploaded files, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to (for example in multisite setup)
by Boshe99
CVSS 7.2
WPFactory Custom CSS, JS & PHP <2.4.1 - CSRF
Cross-Site Request Forgery (CSRF) vulnerability in WPFactory Custom CSS, JS & PHP custom-css allows Remote Code Inclusion.This issue affects Custom CSS, JS & PHP: from n/a through <= 2.4.1.
by Boshe99
CVSS 9.6
Quentn WP <1.2.8 - Privilege Escalation
Weak Authentication vulnerability in Quentn.com GmbH Quentn WP quentn-wp allows Privilege Escalation.This issue affects Quentn WP: from n/a through <= 1.2.8.
by Boshe99
CVSS 9.8
WP-Advanced-Search <3.3.9.3 - Code Injection
Unrestricted Upload of File with Dangerous Type vulnerability in Mathieu Chartier WP-Advanced-Search wp-advanced-search allows Upload a Web Shell to a Web Server.This issue affects WP-Advanced-Search: from n/a through <= 3.3.9.4.
by Boshe99
CVSS 6.6
I Draw <= 1.0 - Arbitrary File Upload
Unrestricted Upload of File with Dangerous Type vulnerability in aidraw I Draw idraw allows Using Malicious Files.This issue affects I Draw: from n/a through <= 1.0.
by Boshe99
CVSS 9.1
WordPress TargetSMS <= 1.5 - Unauthenticated Callable Function Execution
The Verification SMS with TargetSMS plugin for WordPress is vulnerable to limited Remote Code Execution in all versions up to, and including, 1.5 via the 'targetvr_ajax_handler' function. This is due to a lack of validation on the type of function that can be called. This makes it possible for unauthenticated attackers to execute any callable function on the site, such as phpinfo().
by Boshe99
CVSS 8.3
Frontend Login & Registration Blocks <1.0.7 - Privilege Escalation
The Frontend Login and Registration Blocks plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.1.1. This is due to the plugin not properly validating a user's identity prior to updating their details like email via the flr_blocks_user_settings_handle_ajax_callback() function. This makes it possible for unauthenticated attackers to change arbitrary user's email addresses, including administrators, and leverage that to reset the user's password and gain access to their account.
by Boshe99
CVSS 9.8
Flynax Bridge < 2.2.0 - Unauthenticated Privilege Escalation via Email Update
The Flynax Bridge plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.2.0. This is due to the plugin not properly validating a user's identity prior to updating their details like email. This makes it possible for unauthenticated attackers to change arbitrary user's email addresses, including administrators, and leverage that to reset the user's password and gain access to their account.
by Boshe99
CVSS 9.8
RomanCode MapSVG Lite <8.5.34 - RCE
Unrestricted Upload of File with Dangerous Type vulnerability in RomanCode MapSVG mapsvg-lite-interactive-vector-maps allows Upload a Web Shell to a Web Server.This issue affects MapSVG: from n/a through <= 8.6.4.
by Boshe99
CVSS 9.9
Anant Addons for Elementor <1.1.5 - CSRF
Cross-Site Request Forgery (CSRF) vulnerability in anantaddons Anant Addons for Elementor anant-addons-for-elementor allows Cross Site Request Forgery.This issue affects Anant Addons for Elementor: from n/a through <= 1.1.8.
by Boshe99
CVSS 9.6
termel PDF 2 Post <2.4.0 - Code Injection
Improper Control of Generation of Code ('Code Injection') vulnerability in termel PDF 2 Post pdf2post allows Remote Code Inclusion.This issue affects PDF 2 Post: from n/a through <= 2.4.0.
by Boshe99
CVSS 9.9
SoftClever Limited Sync Posts <1.0 - RCE
Unrestricted Upload of File with Dangerous Type vulnerability in SoftClever Limited Sync Posts sync-posts allows Upload a Web Shell to a Web Server.This issue affects Sync Posts: from n/a through <= 1.0.
by Boshe99
CVSS 9.9
LABCAT Processing Projects <1.0.2 - RCE
Unrestricted Upload of File with Dangerous Type vulnerability in LABCAT Processing Projects processing-projects allows Upload a Web Shell to a Web Server.This issue affects Processing Projects: from n/a through <= 1.0.2.
by Boshe99
CVSS 9.1
Nirmal Kumar Ram WP Remote Thumbnail <1.3.1 - RCE
Unrestricted Upload of File with Dangerous Type vulnerability in Nirmal Kumar Ram WP Remote Thumbnail wp-remote-thumbnail allows Upload a Web Shell to a Web Server.This issue affects WP Remote Thumbnail: from n/a through <= 1.3.2.
by Boshe99
CVSS 9.9
NiteoThemes CMP - Unrestricted Upload
Unrestricted Upload of File with Dangerous Type vulnerability in NiteoThemes CMP – Coming Soon & Maintenance cmp-coming-soon-maintenance allows Using Malicious Files.This issue affects CMP – Coming Soon & Maintenance: from n/a through <= 4.1.14.
by Boshe99
CVSS 9.1
Buddypress Humanity <= 1.2 - Cross-Site Request Forgery
Cross-Site Request Forgery (CSRF) vulnerability in Adam Nowak Buddypress Humanity buddypress-humanity allows Cross Site Request Forgery.This issue affects Buddypress Humanity: from n/a through <= 1.2.
by Boshe99
CVSS 9.8
SureTriggers - All-in-One Automation Platform < 1.0.78 - Authentication Bypass
The SureTriggers: All-in-One Automation Platform plugin for WordPress is vulnerable to an authentication bypass leading to administrative account creation due to a missing empty value check on the 'secret_key' value in the 'autheticate_user' function in all versions up to, and including, 1.0.78. This makes it possible for unauthenticated attackers to create administrator accounts on the target website when the plugin is installed and activated but not configured with an API key.
by Boshe99
CVSS 8.1
Rometheme RomethemeKit For Elementor <1.5.4 - Code Injection
Improper Control of Generation of Code ('Code Injection') vulnerability in Rometheme RTMKit rometheme-for-elementor allows Command Injection.This issue affects RTMKit: from n/a through <= 1.5.4.
by Boshe99
CVSS 9.9
WPClever WPC Smart Upsell Funnel for WooCommerce <3.0.4 - Missing Authorization
Missing Authorization vulnerability in WPClever WPC Smart Upsell Funnel for WooCommerce wpc-smart-upsell-funnel allows Privilege Escalation.This issue affects WPC Smart Upsell Funnel for WooCommerce: from n/a through <= 3.0.4.
by Boshe99
CVSS 8.8
ThemeEgg ToolKit <= 1.2.9 - Arbitrary File Upload
Unrestricted Upload of File with Dangerous Type vulnerability in Theme Egg ThemeEgg ToolKit themeegg-toolkit allows Upload a Web Shell to a Web Server.This issue affects ThemeEgg ToolKit: from n/a through <= 1.2.9.
by Boshe99
CVSS 9.1
Motors Plugin <= 1.4.64 - Authenticated Arbitrary Plugin Installation
The Motors – Car Dealership & Classified Listings Plugin plugin for WordPress is vulnerable to arbitrary plugin installations due to a missing capability check in the mvl_setup_wizard_install_plugin() function in all versions up to, and including, 1.4.64. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install and activate arbitrary plugins on the affected site's server which may make remote code execution possible.
by Boshe99
CVSS 8.8
Celestial Aura < 2.2 - Unrestricted Upload of File with Dangerous Type
Unrestricted Upload of File with Dangerous Type vulnerability in dkszone Celestial Aura allows Using Malicious Files.This issue affects Celestial Aura: from n/a through 2.2.
by Boshe99
CVSS 9.9
By Source