Search
Total
86024 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-24977 | 2022-02-28 | N/A | N/A | ||
| The Use Any Font | Custom Font Uploader WordPress plugin before 6.2.1 does not have any authorisation checks when assigning a font, allowing unauthenticated users to sent arbitrary CSS which will then be processed by the frontend for all users. Due to the lack of sanitisation and escaping in the backend, it could also lead to Stored XSS issues | |||||
| CVE-2021-24971 | 2022-02-28 | N/A | N/A | ||
| The WP Responsive Menu WordPress plugin before 3.1.7.1 does not have capability and CSRF checks in the wpr_live_update AJAX action, as well as do not sanitise and escape some of the data submitted. As a result, any authenticated, such as subscriber could update the plugin's settings and perform Cross-Site Scripting attacks against all visitor and users on the frontend | |||||
| CVE-2021-24933 | 2022-02-28 | N/A | N/A | ||
| The Dynamic Widgets WordPress plugin through 1.5.16 does not escape the prefix parameter before outputting it back in an attribute when using the term_tree AJAX action (available to any authenticated users), leading to a Reflected Cross-Site Scripting issue | |||||
| CVE-2021-24920 | 2022-02-28 | N/A | N/A | ||
| The StatCounter WordPress plugin before 2.0.7 does not sanitise and escape the Project ID and Secure Code settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed | |||||
| CVE-2021-24913 | 2022-02-28 | N/A | N/A | ||
| The Logo Showcase with Slick Slider WordPress plugin before 2.0.1 does not have CSRF check in the lswss_save_attachment_data AJAX action, allowing attackers to make a logged in high privilege user, change title, description, alt text, and URL of arbitrary uploaded media. | |||||
| CVE-2021-24903 | 2022-02-28 | N/A | N/A | ||
| The GRAND FlaGallery WordPress plugin through 6.1.2 does not sanitise and escape some of its gallery settings, which could allow high privilege users to perform Cross-Site scripting attacks even when the unfiltered_html capability is disallowed. | |||||
| CVE-2021-24901 | 2022-02-28 | N/A | N/A | ||
| The Security Audit WordPress plugin through 1.0.0 does not sanitise and escape the Data Id setting, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | |||||
| CVE-2021-24898 | 2022-02-28 | N/A | N/A | ||
| The EditableTable WordPress plugin through 0.1.4 does not sanitise and escape any of the Table and Column fields, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed | |||||
| CVE-2021-24864 | 2022-02-28 | N/A | N/A | ||
| The WP Cloudy, weather plugin WordPress plugin before 4.4.9 does not escape the post_id parameter before using it in a SQL statement in the admin dashboard, leading to a SQL Injection issue | |||||
| CVE-2021-24823 | 2022-02-28 | N/A | N/A | ||
| The Support Board WordPress plugin before 3.3.6 does not have any CSRF checks in actions handled by the include/ajax.php file, which could allow attackers to make logged in users do unwanted actions. For example, make an admin delete arbitrary files | |||||
| CVE-2021-24820 | 2022-02-28 | N/A | N/A | ||
| The Cost Calculator WordPress plugin through 1.4 allows users with a role as low as Contributor to perform path traversal and local PHP file inclusion on Windows Web Servers via the Cost Calculator post's Layout | |||||
| CVE-2021-24803 | 2022-02-28 | N/A | N/A | ||
| The Core Tweaks WP Setup WordPress plugin through 4.1 allows to bulk-set many settings in WordPress, including the admin email, as well as creating a new admin account. There is no CSRF protection in place, allowing an attacker to arbitrary change the admin email or create another admin account and takeover the website via CSRF attacks | |||||
| CVE-2021-24704 | 2022-02-28 | N/A | N/A | ||
| In the Orange Form WordPress plugin through 1.0, the process_bulk_action() function in "admin/orange-form-email.php" performs an unprepared SQL query with an unsanitized parameter ($id). Only admin can access the page that invokes the function, but because of lack of CSRF protection, it is actually exploitable and could allow attackers to make a logged in admin delete arbitrary posts for example | |||||
| CVE-2021-24689 | 2022-02-28 | N/A | N/A | ||
| The Contact Forms - Drag & Drop Contact Form Builder WordPress plugin through 1.0.5 allows high privilege users to download arbitrary files from the web server via a path traversal attack | |||||
| CVE-2021-24688 | 2022-02-28 | N/A | N/A | ||
| The Orange Form WordPress plugin through 1.0.1 does not have any authorisation and CSRF checks in all of its AJAX calls, for example the or_delete_filed one which is available to both unauthenticated and authenticated users could allow attackers to delete arbitrary posts.The AJAX calls performing actions on posts also do not ensure that the post belong to them (or that they are allowed to perform such action on it) | |||||
| CVE-2020-36510 | 2022-02-28 | N/A | N/A | ||
| The 15Zine WordPress theme before 3.3.0 does not sanitise and escape the cbi parameter before outputing it back in the response via the cb_s_a AJAX action, leading to a Reflected Cross-Site Scripting | |||||
| CVE-2021-43945 | 2022-02-28 | N/A | N/A | ||
| Affected versions of Atlassian Jira Server and Data Center allow remote attackers with Roadmaps Administrator permissions to inject arbitrary HTML or JavaScript via a Stored Cross-Site Scripting (SXSS) vulnerability in the /rest/jpo/1.0/hierarchyConfiguration endpoint. The affected versions are before version 8.20.3. | |||||
| CVE-2022-0772 | 2022-02-28 | N/A | N/A | ||
| Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.2.2. | |||||
| CVE-2021-21708 | 2022-02-28 | N/A | N/A | ||
| In PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3, when using filter functions with FILTER_VALIDATE_FLOAT filter and min/max limits, if the filter fails, there is a possibility to trigger use of allocated memory after free, which can result it crashes, and potentially in overwrite of other memory chunks and RCE. This issue affects: code that uses FILTER_VALIDATE_FLOAT with min/max limits. | |||||
| CVE-2021-3967 | 2022-02-28 | N/A | N/A | ||
| Improper Access Control in GitHub repository zulip/zulip prior to 4.10. | |||||
| CVE-2022-22908 | 2022-02-28 | N/A | N/A | ||
| SangforCSClient.exe in Sangfor VDI Client 5.4.2.1006 allows attackers, when they are able to read process memory, to discover the contents of the Username and Password fields. | |||||
| CVE-2022-26149 | 2022-02-28 | N/A | N/A | ||
| MODX Revolution through 2.8.3-pl allows remote authenticated administrators to execute arbitrary code by uploading an executable file, because the Uploadable File Types setting can be changed by an administrator. | |||||
| CVE-2022-26146 | 2022-02-28 | N/A | N/A | ||
| Tricentis qTest before 10.4 allows stored XSS by an authenticated attacker. | |||||
| CVE-2022-0723 | 2022-02-28 | N/A | N/A | ||
| Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.2.11. | |||||
| CVE-2022-0763 | 2022-02-28 | N/A | N/A | ||
| Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3. | |||||
| CVE-2021-46702 | 2022-02-28 | N/A | N/A | ||
| Tor Browser 9.0.7 on Windows 10 build 10586 is vulnerable to information disclosure. This could allow local attackers to bypass the intended anonymity feature and obtain information regarding the onion services visited by a local user. This can be accomplished by analyzing RAM memory even several hours after the local user used the product. This occurs because the product doesn't properly free memory. | |||||
| CVE-2022-0768 | 2022-02-28 | N/A | N/A | ||
| Server-Side Request Forgery (SSRF) in GitHub repository rudloff/alltube prior to 3.0.2. | |||||
| CVE-2022-23988 | 2022-02-28 | N/A | N/A | ||
| The WS Form LITE and Pro WordPress plugins before 1.8.176 do not sanitise and escape submitted form data, allowing unauthenticated attacker to submit XSS payloads which will get executed when a privileged user will view the related submission | |||||
| CVE-2022-23987 | 2022-02-28 | N/A | N/A | ||
| The WS Form LITE and Pro WordPress plugins before 1.8.176 do not sanitise and escape their Form Name, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | |||||
| CVE-2022-23912 | 2022-02-28 | N/A | N/A | ||
| The Testimonial WordPress Plugin WordPress plugin before 1.4.7 does not sanitise and escape the id parameter before outputting it back in an attribute, leading to a Reflected cross-Site Scripting | |||||
| CVE-2022-23911 | 2022-02-28 | N/A | N/A | ||
| The Testimonial WordPress Plugin WordPress plugin before 1.4.7 does not validate and escape the id parameter before using it in a SQL statement when retrieving a testimonial to edit, leading to a SQL Injection | |||||
| CVE-2022-0412 | 2022-02-28 | N/A | N/A | ||
| The TI WooCommerce Wishlist WordPress plugin before 1.40.1, TI WooCommerce Wishlist Pro WordPress plugin before 1.40.1 do not sanitise and escape the item_id parameter before using it in a SQL statement via the wishlist/remove_product REST endpoint, allowing unauthenticated attackers to perform SQL injection attacks | |||||
| CVE-2022-0411 | 2022-02-28 | N/A | N/A | ||
| The Asgaros Forum WordPress plugin before 2.0.0 does not sanitise and escape the post_id parameter before using it in a SQL statement via a REST route of the plugin (accessible to any authenticated user), leading to a SQL injection | |||||
| CVE-2022-0385 | 2022-02-28 | N/A | N/A | ||
| The Crazy Bone WordPress plugin through 0.6.0 does not sanitise and escape the username submitted via the login from when displaying them back in the log dashboard, leading to an unauthenticated Stored Cross-Site scripting | |||||
| CVE-2022-0383 | 2022-02-28 | N/A | N/A | ||
| The WP Review Slider WordPress plugin before 11.0 does not sanitise and escape the pid parameter when copying a Twitter source, which could allow a high privilege users to perform SQL Injections attacks | |||||
| CVE-2022-0360 | 2022-02-28 | N/A | N/A | ||
| The Easy Drag And drop All Import : WP Ultimate CSV Importer WordPress plugin before 6.4.3 does not sanitise and escaped imported comments, which could allow high privilege users to import malicious ones (either intentionnaly or not) and lead to Stored Cross-Site Scripting issues | |||||
| CVE-2022-0328 | 2022-02-28 | N/A | N/A | ||
| The Simple Membership WordPress plugin before 4.0.9 does not have CSRF check when deleting members in bulk, which could allow attackers to make a logged in admin delete them via a CSRF attack | |||||
| CVE-2022-0189 | 2022-02-28 | N/A | N/A | ||
| The WP RSS Aggregator WordPress plugin before 4.20 does not sanitise and escape the id parameter in the wprss_fetch_items_row_action AJAX action before outputting it back in the response, leading to a Reflected Cross-Site Scripting | |||||
| CVE-2022-0150 | 2022-02-28 | N/A | N/A | ||
| The WP Accessibility Helper (WAH) WordPress plugin before 0.6.0.7 does not sanitise and escape the wahi parameter before outputting back its base64 decode value in the page, leading to a Reflected Cross-Site Scripting issue | |||||
| CVE-2021-4222 | 2022-02-28 | N/A | N/A | ||
| The WP-Paginate WordPress plugin before 2.1.4 does not sanitise and escape its preset settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed | |||||
| CVE-2021-25118 | 2022-02-28 | N/A | N/A | ||
| The Yoast SEO WordPress plugin before 17.3 discloses the full internal path of featured images in posts via the wp/v2/posts REST endpoints which could help an attacker identify other vulnerabilities or help during the exploitation of other identified vulnerabilities. | |||||
| CVE-2021-25112 | 2022-02-28 | N/A | N/A | ||
| The WHMCS Bridge WordPress plugin before 6.4b does not sanitise and escape the error parameter before outputting it back in admin dashboard, leading to a Reflected Cross-Site Scripting | |||||
| CVE-2021-25081 | 2022-02-28 | N/A | N/A | ||
| The Maps Plugin using Google Maps for WordPress plugin before 1.8.4 does not have CSRF checks in most of its AJAX actions, which could allow attackers to make logged in admins delete arbitrary posts and update the plugin's settings via a CSRF attack | |||||
| CVE-2021-25042 | 2022-02-28 | N/A | N/A | ||
| The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 5.5 does not have authorisation and CSRF checks in the updateIpAddress AJAX action, allowing any authenticated user to call it, or make a logged in user do it via a CSRF attack and add an arbitrary IP address to exclude. Furthermore, due to the lack of validation, sanitisation and escaping, users could set a malicious value and perform Cross-Site Scripting attacks against logged in admin | |||||
| CVE-2021-42952 | 2022-02-26 | N/A | N/A | ||
| Zepl Notebooks before 2021-10-25 are affected by a sandbox escape vulnerability. Upon launching Remote Code Execution from the Notebook, users can then use that to subsequently escape the running context sandbox and proceed to access internal Zepl assets including cloud metadata services. | |||||
| CVE-2007-0802 | 2 Mozilla, Opera | 2 Firefox, Opera Browser | 2022-02-26 | 6.4 MEDIUM | N/A |
| Mozilla Firefox 2.0.0.1 allows remote attackers to bypass the Phishing Protection mechanism by adding certain characters to the end of the domain name, as demonstrated by the "." and "/" characters, which is not caught by the Phishing List blacklist filter. | |||||
| CVE-2007-1377 | 4 Adobe, Mozilla, Netscape and 1 more | 4 Acrobat Reader, Firefox, Navigator and 1 more | 2022-02-26 | 5.0 MEDIUM | N/A |
| AcroPDF.DLL in Adobe Reader 8.0, when accessed from Mozilla Firefox, Netscape, or Opera, allows remote attackers to cause a denial of service (unspecified resource consumption) via a .pdf URL with an anchor identifier that begins with search= followed by many %n sequences, a different vulnerability than CVE-2006-6027 and CVE-2006-6236. | |||||
| CVE-2007-2274 | 1 Opera | 1 Opera Browser | 2022-02-26 | 7.8 HIGH | N/A |
| The BitTorrent implementation in Opera 9.2 allows remote attackers to cause a denial of service (CPU consumption and application crash) via a malformed torrent file. NOTE: the original disclosure refers to this as a memory leak, but it is not certain. | |||||
| CVE-2007-2809 | 1 Opera | 1 Opera Browser | 2022-02-26 | 9.3 HIGH | N/A |
| Buffer overflow in the transfer manager in Opera before 9.21 for Windows allows user-assisted remote attackers to execute arbitrary code via a crafted torrent file. NOTE: due to the lack of details, it is not clear if this is the same issue as CVE-2007-2274. | |||||
| CVE-2007-4367 | 1 Opera | 1 Opera Browser | 2022-02-26 | 9.3 HIGH | N/A |
| Opera before 9.23 allows remote attackers to execute arbitrary code via crafted Javascript that triggers a "virtual function call on an invalid pointer." | |||||