Search criteria
22 vulnerabilities by Magazine3
CVE-2025-11502 (GCVE-0-2025-11502)
Vulnerability from cvelistv5 – Published: 2025-11-01 05:40 – Updated: 2025-11-03 13:30
VLAI?
Title
Schema & Structured Data for WP & AMP <= 1.51 - Authenticated (Contributor+) Stored Cross-Site Scripting
Summary
The Schema & Structured Data for WP & AMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'saswp_tiny_multiple_faq' shortcode in all versions up to, and including, 1.51 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity ?
6.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| magazine3 | Schema & Structured Data for WP & AMP |
Affected:
* , ≤ 1.51
(semver)
|
Credits
Muhammad Yudha - DJ
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11502",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-03T13:10:36.550311Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-03T13:30:58.163Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Schema \u0026 Structured Data for WP \u0026 AMP",
"vendor": "magazine3",
"versions": [
{
"lessThanOrEqual": "1.51",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Muhammad Yudha - DJ"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Schema \u0026 Structured Data for WP \u0026 AMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin\u0027s \u0027saswp_tiny_multiple_faq\u0027 shortcode in all versions up to, and including, 1.51 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-01T05:40:24.552Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d664d1f9-39b1-424f-a95e-7a480d809c79?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/schema-and-structured-data-for-wp/tags/1.50/modules/tinymce/register-shortcodes.php#L120"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3387089/schema-and-structured-data-for-wp/trunk/modules/tinymce/register-shortcodes.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-31T00:00:00.000+00:00",
"value": "Disclosed"
}
],
"title": "Schema \u0026 Structured Data for WP \u0026 AMP \u003c= 1.51 - Authenticated (Contributor+) Stored Cross-Site Scripting"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-11502",
"datePublished": "2025-11-01T05:40:24.552Z",
"dateReserved": "2025-10-08T14:28:01.206Z",
"dateUpdated": "2025-11-03T13:30:58.163Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-49307 (GCVE-0-2025-49307)
Vulnerability from cvelistv5 – Published: 2025-06-06 12:53 – Updated: 2025-06-06 16:05
VLAI?
Title
WordPress WP Multilang <= 2.4.19 - Local File Inclusion Vulnerability
Summary
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Magazine3 WP Multilang allows PHP Local File Inclusion. This issue affects WP Multilang: from n/a through 2.4.19.
Severity ?
7.5 (High)
CWE
- CWE-98 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Magazine3 | WP Multilang |
Affected:
n/a , ≤ 2.4.19
(custom)
|
Credits
muhammad yudha (Patchstack Alliance)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-49307",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-06T15:39:08.439019Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-06T16:05:05.001Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "wp-multilang",
"product": "WP Multilang",
"vendor": "Magazine3",
"versions": [
{
"changes": [
{
"at": "2.4.19.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "2.4.19",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "muhammad yudha (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper Control of Filename for Include/Require Statement in PHP Program (\u0027PHP Remote File Inclusion\u0027) vulnerability in Magazine3 WP Multilang allows PHP Local File Inclusion.\u003c/p\u003e\u003cp\u003eThis issue affects WP Multilang: from n/a through 2.4.19.\u003c/p\u003e"
}
],
"value": "Improper Control of Filename for Include/Require Statement in PHP Program (\u0027PHP Remote File Inclusion\u0027) vulnerability in Magazine3 WP Multilang allows PHP Local File Inclusion. This issue affects WP Multilang: from n/a through 2.4.19."
}
],
"impacts": [
{
"capecId": "CAPEC-252",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-252 PHP Local File Inclusion"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-98",
"description": "CWE-98 Improper Control of Filename for Include/Require Statement in PHP Program (\u0027PHP Remote File Inclusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-06T12:53:49.237Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/wp-multilang/vulnerability/wordpress-wp-multilang-2-4-19-local-file-inclusion-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update the WordPress WP Multilang plugin to the latest available version (at least 2.4.19.1)."
}
],
"value": "Update the WordPress WP Multilang plugin to the latest available version (at least 2.4.19.1)."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress WP Multilang \u003c= 2.4.19 - Local File Inclusion Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-49307",
"datePublished": "2025-06-06T12:53:49.237Z",
"dateReserved": "2025-06-04T09:42:00.390Z",
"dateUpdated": "2025-06-06T16:05:05.001Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7759 (GCVE-0-2024-7759)
Vulnerability from cvelistv5 – Published: 2025-05-15 20:07 – Updated: 2025-05-17 03:35
VLAI?
Title
PWA For WP & AMP < 1.7.72 Administrator+ Stored XSS
Summary
The PWA for WP WordPress plugin before 1.7.72 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
Severity ?
4.8 (Medium)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | PWA for WP |
Affected:
0 , < 1.7.72
(semver)
|
Credits
Krugov Artyom
WPScan
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-7759",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-17T03:35:11.780932Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-17T03:35:35.915Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PWA for WP",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.7.72",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Krugov Artyom"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The PWA for WP WordPress plugin before 1.7.72 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-15T20:07:11.389Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/6e495b39-f9ef-45dd-b839-65c71a082f2b/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "PWA For WP \u0026 AMP \u003c 1.7.72 Administrator+ Stored XSS",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2024-7759",
"datePublished": "2025-05-15T20:07:11.389Z",
"dateReserved": "2024-08-13T17:53:01.430Z",
"dateUpdated": "2025-05-17T03:35:35.915Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-13575 (GCVE-0-2024-13575)
Vulnerability from cvelistv5 – Published: 2025-02-18 07:28 – Updated: 2025-02-18 15:06
VLAI?
Title
Web Stories Enhancer – Level Up Your Web Stories <= 1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
Summary
The Web Stories Enhancer – Level Up Your Web Stories plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'web_stories_enhancer' shortcode in all versions up to, and including, 1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity ?
6.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| magazine3 | Web Stories Enhancer – Level Up Your Web Stories |
Affected:
* , ≤ 1.3
(semver)
|
Credits
Peter Thaleikis
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13575",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-18T15:06:38.986481Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-18T15:06:49.114Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Web Stories Enhancer \u2013 Level Up Your Web Stories",
"vendor": "magazine3",
"versions": [
{
"lessThanOrEqual": "1.3",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Peter Thaleikis"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Web Stories Enhancer \u2013 Level Up Your Web Stories plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin\u0027s \u0027web_stories_enhancer\u0027 shortcode in all versions up to, and including, 1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-18T07:28:15.305Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fdc614f2-37a6-474a-828a-1f34f98715c5?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/web-stories-enhancer/trunk/includes/shortcode.php#L99"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3238312%40web-stories-enhancer\u0026new=3238312%40web-stories-enhancer\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-02-17T00:00:00.000+00:00",
"value": "Disclosed"
}
],
"title": "Web Stories Enhancer \u2013 Level Up Your Web Stories \u003c= 1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-13575",
"datePublished": "2025-02-18T07:28:15.305Z",
"dateReserved": "2025-01-21T14:18:02.252Z",
"dateUpdated": "2025-02-18T15:06:49.114Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38751 (GCVE-0-2024-38751)
Vulnerability from cvelistv5 – Published: 2025-01-02 12:01 – Updated: 2025-01-02 16:24
VLAI?
Title
WordPress AdsforWP plugin <= 1.9.28 - Cross Site Request Forgery (CSRF) vulnerability
Summary
Cross-Site Request Forgery (CSRF) vulnerability in Magazine3 Google Adsense & Banner Ads by AdsforWP allows Cross Site Request Forgery.This issue affects Google Adsense & Banner Ads by AdsforWP: from n/a through 1.9.28.
Severity ?
4.3 (Medium)
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Magazine3 | Google Adsense & Banner Ads by AdsforWP |
Affected:
n/a , ≤ 1.9.28
(custom)
|
Credits
Majed Refaea (Patchstack Alliance)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38751",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-02T16:23:58.924345Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-02T16:24:02.723Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "ads-for-wp",
"product": "Google Adsense \u0026 Banner Ads by AdsforWP",
"vendor": "Magazine3",
"versions": [
{
"changes": [
{
"at": "1.9.29",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.9.28",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Majed Refaea (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eCross-Site Request Forgery (CSRF) vulnerability in Magazine3 Google Adsense \u0026 Banner Ads by AdsforWP allows Cross Site Request Forgery.\u003c/p\u003e\u003cp\u003eThis issue affects Google Adsense \u0026 Banner Ads by AdsforWP: from n/a through 1.9.28.\u003c/p\u003e"
}
],
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Magazine3 Google Adsense \u0026 Banner Ads by AdsforWP allows Cross Site Request Forgery.This issue affects Google Adsense \u0026 Banner Ads by AdsforWP: from n/a through 1.9.28."
}
],
"impacts": [
{
"capecId": "CAPEC-62",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-62 Cross Site Request Forgery"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-02T12:01:04.748Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/ads-for-wp/vulnerability/wordpress-adsforwp-plugin-1-9-28-cross-site-request-forgery-csrf-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No patched version is available. This plugin has been closed as of July 10, 2024 and is not available for download. This closure is temporary, pending a full review."
}
],
"value": "No patched version is available. This plugin has been closed as of July 10, 2024 and is not available for download. This closure is temporary, pending a full review."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress AdsforWP plugin \u003c= 1.9.28 - Cross Site Request Forgery (CSRF) vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-38751",
"datePublished": "2025-01-02T12:01:04.748Z",
"dateReserved": "2024-06-19T11:17:14.714Z",
"dateUpdated": "2025-01-02T16:24:02.723Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-25469 (GCVE-0-2023-25469)
Vulnerability from cvelistv5 – Published: 2024-12-09 11:31 – Updated: 2024-12-09 18:42
VLAI?
Title
WordPress Easy Table of Contents plugin <= 2.0.45.2 - Broken Access Control vulnerability
Summary
Missing Authorization vulnerability in Magazine3 Easy Table of Contents allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Table of Contents: from n/a through 2.0.45.2.
Severity ?
5.4 (Medium)
CWE
- CWE-862 - Missing Authorization
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Magazine3 | Easy Table of Contents |
Affected:
n/a , ≤ 2.0.45.2
(custom)
|
Credits
Rafshanzani Suhada (Patchstack Alliance)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-25469",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-09T13:29:00.461743Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-09T18:42:45.251Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "easy-table-of-contents",
"product": "Easy Table of Contents",
"vendor": "Magazine3",
"versions": [
{
"changes": [
{
"at": "2.0.46",
"status": "unaffected"
}
],
"lessThanOrEqual": "2.0.45.2",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Rafshanzani Suhada (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMissing Authorization vulnerability in Magazine3 Easy Table of Contents allows Exploiting Incorrectly Configured Access Control Security Levels.\u003c/p\u003e\u003cp\u003eThis issue affects Easy Table of Contents: from n/a through 2.0.45.2.\u003c/p\u003e"
}
],
"value": "Missing Authorization vulnerability in Magazine3 Easy Table of Contents allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Table of Contents: from n/a through 2.0.45.2."
}
],
"impacts": [
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-09T11:31:32.664Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/wordpress/plugin/easy-table-of-contents/vulnerability/wordpress-easy-table-of-contents-plugin-2-0-45-2-broken-access-control-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update the WordPress Easy Table of Contents plugin to the latest available version (at least 2.0.46)."
}
],
"value": "Update the WordPress Easy Table of Contents plugin to the latest available version (at least 2.0.46)."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Easy Table of Contents plugin \u003c= 2.0.45.2 - Broken Access Control vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2023-25469",
"datePublished": "2024-12-09T11:31:32.664Z",
"dateReserved": "2023-02-06T12:38:06.874Z",
"dateUpdated": "2024-12-09T18:42:45.251Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47318 (GCVE-0-2024-47318)
Vulnerability from cvelistv5 – Published: 2024-11-01 14:17 – Updated: 2024-11-04 19:05
VLAI?
Title
WordPress PWA for WP & AMP plugin <= 1.7.72 - Broken Access Control vulnerability
Summary
Missing Authorization vulnerability in Magazine3 PWA for WP & AMP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PWA for WP & AMP: from n/a through 1.7.72.
Severity ?
4.3 (Medium)
CWE
- CWE-862 - Missing Authorization
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Magazine3 | PWA for WP & AMP |
Affected:
n/a , ≤ 1.7.72
(custom)
|
Credits
Trương Hữu Phúc (truonghuuphuc) (Patchstack Alliance)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47318",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-04T19:05:32.059034Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T19:05:42.217Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "pwa-for-wp",
"product": "PWA for WP \u0026 AMP",
"vendor": "Magazine3",
"versions": [
{
"changes": [
{
"at": "1.7.73",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.7.72",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tr\u01b0\u01a1ng H\u1eefu Ph\u00fac (truonghuuphuc) (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Missing Authorization vulnerability in Magazine3 PWA for WP \u0026amp; AMP allows Exploiting Incorrectly Configured Access Control Security Levels.\u003cp\u003eThis issue affects PWA for WP \u0026amp; AMP: from n/a through 1.7.72.\u003c/p\u003e"
}
],
"value": "Missing Authorization vulnerability in Magazine3 PWA for WP \u0026 AMP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PWA for WP \u0026 AMP: from n/a through 1.7.72."
}
],
"impacts": [
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T14:17:05.493Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/pwa-for-wp/wordpress-pwa-for-wp-amp-plugin-1-7-72-broken-access-control-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 1.7.73 or a higher version."
}
],
"value": "Update to 1.7.73 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress PWA for WP \u0026 AMP plugin \u003c= 1.7.72 - Broken Access Control vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-47318",
"datePublished": "2024-11-01T14:17:05.493Z",
"dateReserved": "2024-09-24T13:00:35.587Z",
"dateUpdated": "2024-11-04T19:05:42.217Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7082 (GCVE-0-2024-7082)
Vulnerability from cvelistv5 – Published: 2024-08-06 06:00 – Updated: 2024-10-27 16:18
VLAI?
Title
easy-table-of-contents < 2.0.68 - Editor+ Stored XSS
Summary
The Easy Table of Contents WordPress plugin before 2.0.68 does not sanitise and escape some parameters, which could allow users with a role as low as Editor to perform Cross-Site Scripting attacks.
Severity ?
6.1 (Medium)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Easy Table of Contents |
Affected:
0 , < 2.0.68
(semver)
|
Credits
Dmitrii Ignatyev
WPScan
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-7082",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-06T15:31:08.329353Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-27T16:18:02.374Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Easy Table of Contents",
"vendor": "Unknown",
"versions": [
{
"lessThan": "2.0.68",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dmitrii Ignatyev"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Easy Table of Contents WordPress plugin before 2.0.68 does not sanitise and escape some parameters, which could allow users with a role as low as Editor to perform Cross-Site Scripting attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-06T06:00:07.251Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/8f30e685-00fa-4dbb-b516-2d14e4b13697/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "easy-table-of-contents \u003c 2.0.68 - Editor+ Stored XSS",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2024-7082",
"datePublished": "2024-08-06T06:00:07.251Z",
"dateReserved": "2024-07-24T16:15:49.492Z",
"dateUpdated": "2024-10-27T16:18:02.374Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5582 (GCVE-0-2024-5582)
Vulnerability from cvelistv5 – Published: 2024-07-17 07:32 – Updated: 2024-08-01 21:18
VLAI?
Title
Schema & Structured Data for WP & AMP <= 1.33 - Authenticated (Contributor+) Stored Cross-Site Scripting via url Attribute
Summary
The Schema & Structured Data for WP & AMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'url' attribute within the Q&A Block widget in all versions up to, and including, 1.33 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity ?
6.4 (Medium)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| magazine3 | Schema & Structured Data for WP & AMP |
Affected:
* , ≤ 1.33
(semver)
|
Credits
wesley
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5582",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-17T13:29:55.967487Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T13:30:11.216Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:18:06.605Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ab650b99-ab15-4ddc-a622-cb43ab554ba7?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/schema-and-structured-data-for-wp/tags/1.31/modules/elementor/widgets/qanda-block.php#L355"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/schema-and-structured-data-for-wp/trunk/modules/elementor/widgets/class-qanda-block.php#L369"
},
{
"tags": [
"x_transferred"
],
"url": "https://wordpress.org/plugins/schema-and-structured-data-for-wp/#developers"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Schema \u0026 Structured Data for WP \u0026 AMP",
"vendor": "magazine3",
"versions": [
{
"lessThanOrEqual": "1.33",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "wesley"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Schema \u0026 Structured Data for WP \u0026 AMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin\u0027s \u0027url\u0027 attribute within the Q\u0026A Block widget in all versions up to, and including, 1.33 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T07:32:19.774Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ab650b99-ab15-4ddc-a622-cb43ab554ba7?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/schema-and-structured-data-for-wp/tags/1.31/modules/elementor/widgets/qanda-block.php#L355"
},
{
"url": "https://plugins.trac.wordpress.org/browser/schema-and-structured-data-for-wp/trunk/modules/elementor/widgets/class-qanda-block.php#L369"
},
{
"url": "https://wordpress.org/plugins/schema-and-structured-data-for-wp/#developers"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-07-16T18:46:17.000+00:00",
"value": "Disclosed"
}
],
"title": "Schema \u0026 Structured Data for WP \u0026 AMP \u003c= 1.33 - Authenticated (Contributor+) Stored Cross-Site Scripting via url Attribute"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-5582",
"datePublished": "2024-07-17T07:32:19.774Z",
"dateReserved": "2024-05-31T21:19:34.381Z",
"dateUpdated": "2024-08-01T21:18:06.605Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6334 (GCVE-0-2024-6334)
Vulnerability from cvelistv5 – Published: 2024-07-09 06:00 – Updated: 2024-11-21 14:57
VLAI?
Title
Easy Table of Contents < 2.0.67 - Editor+ Stored XSS
Summary
The Easy Table of Contents WordPress plugin before 2.0.67.1 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed.
Severity ?
6.1 (Medium)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Easy Table of Contents |
Affected:
0 , < 2.0.67.1
(semver)
|
Credits
Dmitrii Ignatyev
WPScan
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-6334",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-15T20:54:47.594655Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T14:57:54.683Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:33:05.449Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/6c09083c-6960-4369-8c5c-ad20e34aaa8b/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Easy Table of Contents",
"vendor": "Unknown",
"versions": [
{
"lessThan": "2.0.67.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dmitrii Ignatyev"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Easy Table of Contents WordPress plugin before 2.0.67.1 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T06:00:05.147Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/6c09083c-6960-4369-8c5c-ad20e34aaa8b/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": " Easy Table of Contents \u003c 2.0.67 - Editor+ Stored XSS",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2024-6334",
"datePublished": "2024-07-09T06:00:05.147Z",
"dateReserved": "2024-06-25T19:04:22.548Z",
"dateUpdated": "2024-11-21T14:57:54.683Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5573 (GCVE-0-2024-5573)
Vulnerability from cvelistv5 – Published: 2024-06-26 06:00 – Updated: 2024-08-01 21:18
VLAI?
Title
Easy Table of Contents < 2.0.66 - Admin+ Stored XSS
Summary
The Easy Table of Contents WordPress plugin before 2.0.66 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed
Severity ?
5.9 (Medium)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Easy Table of Contents |
Affected:
0 , < 2.0.66
(semver)
|
Credits
Dmitrii Ignatyev
WPScan
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:magazine3:easy_table_of_contents:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "easy_table_of_contents",
"vendor": "magazine3",
"versions": [
{
"lessThan": "2.0.66",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-5573",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-31T20:42:23.783853Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-31T20:48:17.484Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:18:06.816Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/3b01044b-355f-40d3-8e11-23a890f98c76/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Easy Table of Contents",
"vendor": "Unknown",
"versions": [
{
"lessThan": "2.0.66",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dmitrii Ignatyev"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Easy Table of Contents WordPress plugin before 2.0.66 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-26T06:00:05.425Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/3b01044b-355f-40d3-8e11-23a890f98c76/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Easy Table of Contents \u003c 2.0.66 - Admin+ Stored XSS",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2024-5573",
"datePublished": "2024-06-26T06:00:05.425Z",
"dateReserved": "2024-05-31T18:52:49.486Z",
"dateUpdated": "2024-08-01T21:18:06.816Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-3491 (GCVE-0-2024-3491)
Vulnerability from cvelistv5 – Published: 2024-04-23 11:07 – Updated: 2024-08-01 20:12
VLAI?
Summary
The Schema & Structured Data for WP & AMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's "How To" and "FAQ" Blocks in all versions up to, and including, 1.29 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity ?
6.4 (Medium)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| magazine3 | Schema & Structured Data for WP & AMP |
Affected:
* , ≤ 1.29
(semver)
|
Credits
Matthew Rollings
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3491",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-25T13:16:54.433980Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-25T13:19:26.396Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:12:07.656Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e004bba3-d281-4f84-a941-a6c5b64b9dcd?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/3071620/schema-and-structured-data-for-wp"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Schema \u0026 Structured Data for WP \u0026 AMP",
"vendor": "magazine3",
"versions": [
{
"lessThanOrEqual": "1.29",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Matthew Rollings"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Schema \u0026 Structured Data for WP \u0026 AMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin\u0027s \"How To\" and \"FAQ\" Blocks in all versions up to, and including, 1.29 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-23T11:07:23.883Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e004bba3-d281-4f84-a941-a6c5b64b9dcd?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3071620/schema-and-structured-data-for-wp"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-04-10T00:00:00.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2024-04-22T00:00:00.000+00:00",
"value": "Disclosed"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-3491",
"datePublished": "2024-04-23T11:07:23.883Z",
"dateReserved": "2024-04-08T21:22:37.568Z",
"dateUpdated": "2024-08-01T20:12:07.656Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-1288 (GCVE-0-2024-1288)
Vulnerability from cvelistv5 – Published: 2024-02-20 18:56 – Updated: 2024-08-01 18:33
VLAI?
Summary
The Schema & Structured Data for WP & AMP plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'saswp_reviews_form_render' function in all versions up to, and including, 1.26. This makes it possible for authenticated attackers, with contributor access and above, to modify the plugin's stored reCaptcha site and secret keys, potentially breaking the reCaptcha functionality.
Severity ?
4.3 (Medium)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| magazine3 | Schema & Structured Data for WP & AMP |
Affected:
* , ≤ 1.26
(semver)
|
Credits
Ngô Thiên An
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-1288",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-01T18:34:02.594078Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:59:53.932Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:33:25.375Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ac13f402-8a36-448f-87d4-48179a9699c6?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.svn.wordpress.org/schema-and-structured-data-for-wp/trunk/modules/reviews/reviews_form.php"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset?old_path=/schema-and-structured-data-for-wp/tags/1.26\u0026old=3038020\u0026new_path=/schema-and-structured-data-for-wp/tags/1.27\u0026new=3038020\u0026sfp_email=\u0026sfph_mail="
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Schema \u0026 Structured Data for WP \u0026 AMP",
"vendor": "magazine3",
"versions": [
{
"lessThanOrEqual": "1.26",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ng\u00f4 Thi\u00ean An"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Schema \u0026 Structured Data for WP \u0026 AMP plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the \u0027saswp_reviews_form_render\u0027 function in all versions up to, and including, 1.26. This makes it possible for authenticated attackers, with contributor access and above, to modify the plugin\u0027s stored reCaptcha site and secret keys, potentially breaking the reCaptcha functionality."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-284 Improper Access Control",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-20T18:56:39.988Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ac13f402-8a36-448f-87d4-48179a9699c6?source=cve"
},
{
"url": "https://plugins.svn.wordpress.org/schema-and-structured-data-for-wp/trunk/modules/reviews/reviews_form.php"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?old_path=/schema-and-structured-data-for-wp/tags/1.26\u0026old=3038020\u0026new_path=/schema-and-structured-data-for-wp/tags/1.27\u0026new=3038020\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2024-02-19T00:00:00.000+00:00",
"value": "Disclosed"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-1288",
"datePublished": "2024-02-20T18:56:39.988Z",
"dateReserved": "2024-02-06T19:19:47.362Z",
"dateUpdated": "2024-08-01T18:33:25.375Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-1586 (GCVE-0-2024-1586)
Vulnerability from cvelistv5 – Published: 2024-02-20 18:56 – Updated: 2024-08-01 18:40
VLAI?
Summary
The Schema & Structured Data for WP & AMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom schema in all versions up to, and including, 1.26 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. By default the required authentication level is admin, but administrators have the ability to assign role based access to users as low as subscriber.
Severity ?
6.4 (Medium)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| magazine3 | Schema & Structured Data for WP & AMP |
Affected:
* , ≤ 1.26
(semver)
|
Credits
Sh
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-1586",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-29T18:50:40.502379Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T18:00:08.744Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:40:21.416Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7e7e6ea7-4e0b-4d8a-9306-45b55d41fbb5?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset?old_path=/schema-and-structured-data-for-wp/tags/1.26\u0026old=3038020\u0026new_path=/schema-and-structured-data-for-wp/tags/1.27\u0026new=3038020\u0026sfp_email=\u0026sfph_mail="
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Schema \u0026 Structured Data for WP \u0026 AMP",
"vendor": "magazine3",
"versions": [
{
"lessThanOrEqual": "1.26",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sh"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Schema \u0026 Structured Data for WP \u0026 AMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom schema in all versions up to, and including, 1.26 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. By default the required authentication level is admin, but administrators have the ability to assign role based access to users as low as subscriber."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-20T18:56:36.199Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7e7e6ea7-4e0b-4d8a-9306-45b55d41fbb5?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?old_path=/schema-and-structured-data-for-wp/tags/1.26\u0026old=3038020\u0026new_path=/schema-and-structured-data-for-wp/tags/1.27\u0026new=3038020\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2024-02-19T00:00:00.000+00:00",
"value": "Disclosed"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-1586",
"datePublished": "2024-02-20T18:56:36.199Z",
"dateReserved": "2024-02-16T16:04:51.323Z",
"dateUpdated": "2024-08-01T18:40:21.416Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51677 (GCVE-0-2023-51677)
Vulnerability from cvelistv5 – Published: 2024-02-01 10:28 – Updated: 2024-08-02 22:40
VLAI?
Title
WordPress Schema & Structured Data for WP & AMP Plugin <= 1.23 is vulnerable to Cross Site Scripting (XSS)
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Magazine3 Schema & Structured Data for WP & AMP allows Stored XSS.This issue affects Schema & Structured Data for WP & AMP: from n/a through 1.23.
Severity ?
6.5 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Magazine3 | Schema & Structured Data for WP & AMP |
Affected:
n/a , ≤ 1.23
(custom)
|
Credits
LVT-tholv2k (Patchstack Alliance)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-51677",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-01T13:59:48.795696Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-27T19:36:35.288Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:40:34.224Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/schema-and-structured-data-for-wp/wordpress-schema-structured-data-for-wp-amp-plugin-1-23-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "schema-and-structured-data-for-wp",
"product": "Schema \u0026 Structured Data for WP \u0026 AMP",
"vendor": "Magazine3",
"versions": [
{
"changes": [
{
"at": "1.24",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.23",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "LVT-tholv2k (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in Magazine3 Schema \u0026amp; Structured Data for WP \u0026amp; AMP allows Stored XSS.\u003cp\u003eThis issue affects Schema \u0026amp; Structured Data for WP \u0026amp; AMP: from n/a through 1.23.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in Magazine3 Schema \u0026 Structured Data for WP \u0026 AMP allows Stored XSS.This issue affects Schema \u0026 Structured Data for WP \u0026 AMP: from n/a through 1.23.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-01T10:28:57.719Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/schema-and-structured-data-for-wp/wordpress-schema-structured-data-for-wp-amp-plugin-1-23-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to\u0026nbsp;1.24 or a higher version."
}
],
"value": "Update to\u00a01.24 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Schema \u0026 Structured Data for WP \u0026 AMP Plugin \u003c= 1.23 is vulnerable to Cross Site Scripting (XSS)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2023-51677",
"datePublished": "2024-02-01T10:28:57.719Z",
"dateReserved": "2023-12-21T14:51:43.923Z",
"dateUpdated": "2024-08-02T22:40:34.224Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22146 (GCVE-0-2024-22146)
Vulnerability from cvelistv5 – Published: 2024-01-31 18:24 – Updated: 2024-08-01 22:35
VLAI?
Title
WordPress Schema & Structured Data for WP & AMP Plugin <= 1.25 is vulnerable to Cross Site Scripting (XSS)
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Magazine3 Schema & Structured Data for WP & AMP allows Stored XSS.This issue affects Schema & Structured Data for WP & AMP: from n/a through 1.25.
Severity ?
6.5 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Magazine3 | Schema & Structured Data for WP & AMP |
Affected:
n/a , ≤ 1.25
(custom)
|
Credits
LVT-tholv2k (Patchstack Alliance)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22146",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-01T14:16:25.303806Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-23T17:23:46.557Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:35:34.945Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/schema-and-structured-data-for-wp/wordpress-schema-structured-data-for-wp-amp-plugin-1-25-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "schema-and-structured-data-for-wp",
"product": "Schema \u0026 Structured Data for WP \u0026 AMP",
"vendor": "Magazine3",
"versions": [
{
"changes": [
{
"at": "1.26",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.25",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "LVT-tholv2k (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in Magazine3 Schema \u0026amp; Structured Data for WP \u0026amp; AMP allows Stored XSS.\u003cp\u003eThis issue affects Schema \u0026amp; Structured Data for WP \u0026amp; AMP: from n/a through 1.25.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in Magazine3 Schema \u0026 Structured Data for WP \u0026 AMP allows Stored XSS.This issue affects Schema \u0026 Structured Data for WP \u0026 AMP: from n/a through 1.25.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-31T18:24:18.049Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/schema-and-structured-data-for-wp/wordpress-schema-structured-data-for-wp-amp-plugin-1-25-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to\u0026nbsp;1.26 or a higher version."
}
],
"value": "Update to\u00a01.26 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Schema \u0026 Structured Data for WP \u0026 AMP Plugin \u003c= 1.25 is vulnerable to Cross Site Scripting (XSS)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-22146",
"datePublished": "2024-01-31T18:24:18.049Z",
"dateReserved": "2024-01-05T11:18:25.467Z",
"dateUpdated": "2024-08-01T22:35:34.945Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6782 (GCVE-0-2023-6782)
Vulnerability from cvelistv5 – Published: 2024-01-11 08:32 – Updated: 2025-06-17 21:09
VLAI?
Summary
The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 1.0.92 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity ?
6.4 (Medium)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mohammed_kaludi | AMP for WP – Accelerated Mobile Pages |
Affected:
* , ≤ 1.0.92
(semver)
|
Credits
Ngô Thiên An
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:07.426Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c1cae64e-caed-43c0-9a75-9aa4234946a0?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.svn.wordpress.org/accelerated-mobile-pages/trunk/templates/features.php"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3010797%40accelerated-mobile-pages%2Ftrunk\u0026old=2998126%40accelerated-mobile-pages%2Ftrunk\u0026sfp_email=\u0026sfph_mail="
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6782",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-11T14:46:55.979242Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T21:09:14.450Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AMP for WP \u2013 Accelerated Mobile Pages",
"vendor": "mohammed_kaludi",
"versions": [
{
"lessThanOrEqual": "1.0.92",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ng\u00f4 Thi\u00ean An"
}
],
"descriptions": [
{
"lang": "en",
"value": "The AMP for WP \u2013 Accelerated Mobile Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin\u0027s shortcode(s) in all versions up to, and including, 1.0.92 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-11T08:32:55.986Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c1cae64e-caed-43c0-9a75-9aa4234946a0?source=cve"
},
{
"url": "https://plugins.svn.wordpress.org/accelerated-mobile-pages/trunk/templates/features.php"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3010797%40accelerated-mobile-pages%2Ftrunk\u0026old=2998126%40accelerated-mobile-pages%2Ftrunk\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2023-12-18T00:00:00.000+00:00",
"value": "Disclosed"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2023-6782",
"datePublished": "2024-01-11T08:32:55.986Z",
"dateReserved": "2023-12-13T15:02:41.145Z",
"dateUpdated": "2025-06-17T21:09:14.450Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35883 (GCVE-0-2023-35883)
Vulnerability from cvelistv5 – Published: 2023-12-19 20:11 – Updated: 2024-08-02 16:37
VLAI?
Title
WordPress Core Web Vitals & PageSpeed Booster Plugin <= 1.0.12 is vulnerable to Open Redirection
Summary
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Magazine3 Core Web Vitals & PageSpeed Booster.This issue affects Core Web Vitals & PageSpeed Booster: from n/a through 1.0.12.
Severity ?
4.7 (Medium)
CWE
- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Magazine3 | Core Web Vitals & PageSpeed Booster |
Affected:
n/a , ≤ 1.0.12
(custom)
|
Credits
Le Ngoc Anh (Patchstack Alliance)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:37:39.908Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/core-web-vitals-pagespeed-booster/wordpress-core-web-vitals-pagespeed-booster-plugin-1-0-12-open-redirection-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "core-web-vitals-pagespeed-booster",
"product": "Core Web Vitals \u0026 PageSpeed Booster",
"vendor": "Magazine3",
"versions": [
{
"changes": [
{
"at": "1.0.13",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.0.12",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Le Ngoc Anh (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027) vulnerability in Magazine3 Core Web Vitals \u0026amp; PageSpeed Booster.\u003cp\u003eThis issue affects Core Web Vitals \u0026amp; PageSpeed Booster: from n/a through 1.0.12.\u003c/p\u003e"
}
],
"value": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027) vulnerability in Magazine3 Core Web Vitals \u0026 PageSpeed Booster.This issue affects Core Web Vitals \u0026 PageSpeed Booster: from n/a through 1.0.12.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-19T20:11:11.659Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/core-web-vitals-pagespeed-booster/wordpress-core-web-vitals-pagespeed-booster-plugin-1-0-12-open-redirection-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to\u0026nbsp;1.0.13 or a higher version."
}
],
"value": "Update to\u00a01.0.13 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Core Web Vitals \u0026 PageSpeed Booster Plugin \u003c= 1.0.12 is vulnerable to Open Redirection",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2023-35883",
"datePublished": "2023-12-19T20:11:11.659Z",
"dateReserved": "2023-06-19T13:54:57.634Z",
"dateUpdated": "2024-08-02T16:37:39.908Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-48321 (GCVE-0-2023-48321)
Vulnerability from cvelistv5 – Published: 2023-11-30 16:28 – Updated: 2024-08-02 21:23
VLAI?
Title
WordPress Accelerated Mobile Pages Plugin <= 1.0.88.1 is vulnerable to Cross Site Scripting (XSS)
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ahmed Kaludi, Mohammed Kaludi AMP for WP – Accelerated Mobile Pages allows Stored XSS.This issue affects AMP for WP – Accelerated Mobile Pages: from n/a through 1.0.88.1.
Severity ?
6.5 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ahmed Kaludi, Mohammed Kaludi | AMP for WP – Accelerated Mobile Pages |
Affected:
n/a , ≤ 1.0.88.1
(custom)
|
Credits
NGÔ THIÊN AN / ancorn_ from VNPT-VCI (Patchstack Alliance)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:23:39.603Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/accelerated-mobile-pages/wordpress-amp-for-wp-accelerated-mobile-pages-plugin-1-0-88-1-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "accelerated-mobile-pages",
"product": "AMP for WP \u2013 Accelerated Mobile Pages",
"vendor": "Ahmed Kaludi, Mohammed Kaludi",
"versions": [
{
"changes": [
{
"at": "1.0.89",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.0.88.1",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "NG\u00d4 THI\u00caN AN / ancorn_ from VNPT-VCI (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in Ahmed Kaludi, Mohammed Kaludi AMP for WP \u2013 Accelerated Mobile Pages allows Stored XSS.\u003cp\u003eThis issue affects AMP for WP \u2013 Accelerated Mobile Pages: from n/a through 1.0.88.1.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in Ahmed Kaludi, Mohammed Kaludi AMP for WP \u2013 Accelerated Mobile Pages allows Stored XSS.This issue affects AMP for WP \u2013 Accelerated Mobile Pages: from n/a through 1.0.88.1.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-30T16:28:35.721Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/accelerated-mobile-pages/wordpress-amp-for-wp-accelerated-mobile-pages-plugin-1-0-88-1-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to\u0026nbsp;1.0.89 or a higher version."
}
],
"value": "Update to\u00a01.0.89 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Accelerated Mobile Pages Plugin \u003c= 1.0.88.1 is vulnerable to Cross Site Scripting (XSS)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2023-48321",
"datePublished": "2023-11-30T16:28:35.721Z",
"dateReserved": "2023-11-14T21:42:18.496Z",
"dateUpdated": "2024-08-02T21:23:39.603Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-4366 (GCVE-0-2021-4366)
Vulnerability from cvelistv5 – Published: 2023-06-07 01:51 – Updated: 2024-12-20 23:51
VLAI?
Summary
The PWA for WP & AMP plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the pwaforwp_update_features_options function in versions up to, and including, 1.7.32. This makes it possible for authenticated attackers to change the otherwise restricted settings within the plugin.
Severity ?
6.3 (Medium)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| magazine3 | PWA for WP & AMP |
Affected:
* , ≤ 1.7.32
(semver)
|
Credits
Jerome Bruandet
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:23:10.746Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a9892dd1-3939-41a9-a828-fa1bf7d96eb8?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.nintechnet.com/wordpress-pwa-for-wp-and-amp-plugin-fixed-vulnerabilities/"
},
{
"tags": [
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/b38a51d7-375e-4cca-88ba-ccab796ac134"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-4366",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-20T23:27:52.297815Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-20T23:51:22.814Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PWA for WP \u0026 AMP",
"vendor": "magazine3",
"versions": [
{
"lessThanOrEqual": "1.7.32",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jerome Bruandet"
}
],
"descriptions": [
{
"lang": "en",
"value": "The PWA for WP \u0026 AMP plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the pwaforwp_update_features_options function in versions up to, and including, 1.7.32. This makes it possible for authenticated attackers to change the otherwise restricted settings within the plugin."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-862 Missing Authorization",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-07T01:51:36.574Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a9892dd1-3939-41a9-a828-fa1bf7d96eb8?source=cve"
},
{
"url": "https://blog.nintechnet.com/wordpress-pwa-for-wp-and-amp-plugin-fixed-vulnerabilities/"
},
{
"url": "https://wpscan.com/vulnerability/b38a51d7-375e-4cca-88ba-ccab796ac134"
}
],
"timeline": [
{
"lang": "en",
"time": "2021-07-01T00:00:00.000+00:00",
"value": "Disclosed"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2021-4366",
"datePublished": "2023-06-07T01:51:36.574Z",
"dateReserved": "2023-06-06T13:04:04.082Z",
"dateUpdated": "2024-12-20T23:51:22.814Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-4354 (GCVE-0-2021-4354)
Vulnerability from cvelistv5 – Published: 2023-06-07 01:51 – Updated: 2024-12-23 16:21
VLAI?
Summary
The PWA for WP & AMP for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the pwaforwp_splashscreen_uploader function in versions up to, and including, 1.7.32. This makes it possible for authenticated attackers to upload arbitrary files on the affected sites server which may make remote code execution possible.
Severity ?
8.8 (High)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| magazine3 | PWA for WP & AMP |
Affected:
* , ≤ 1.7.32
(semver)
|
Credits
Jerome Bruandet
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:23:10.712Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6082791e-feac-41f7-b565-9d98624ddf50?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.nintechnet.com/wordpress-pwa-for-wp-and-amp-plugin-fixed-vulnerabilities/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-4354",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-23T16:01:18.245804Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-23T16:21:58.528Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PWA for WP \u0026 AMP",
"vendor": "magazine3",
"versions": [
{
"lessThanOrEqual": "1.7.32",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jerome Bruandet"
}
],
"descriptions": [
{
"lang": "en",
"value": "The PWA for WP \u0026 AMP for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the pwaforwp_splashscreen_uploader function in versions up to, and including, 1.7.32. This makes it possible for authenticated attackers to upload arbitrary files on the affected sites server which may make remote code execution possible."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-07T01:51:22.946Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6082791e-feac-41f7-b565-9d98624ddf50?source=cve"
},
{
"url": "https://blog.nintechnet.com/wordpress-pwa-for-wp-and-amp-plugin-fixed-vulnerabilities/"
}
],
"timeline": [
{
"lang": "en",
"time": "2021-07-01T00:00:00.000+00:00",
"value": "Disclosed"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2021-4354",
"datePublished": "2023-06-07T01:51:22.946Z",
"dateReserved": "2023-06-06T12:46:34.734Z",
"dateUpdated": "2024-12-23T16:21:58.528Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-20838 (GCVE-0-2018-20838)
Vulnerability from cvelistv5 – Published: 2019-05-13 04:04 – Updated: 2024-08-05 12:12
VLAI?
Summary
ampforwp_save_steps_data in the AMP for WP plugin before 0.9.97.21 for WordPress allows stored XSS.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:12:28.338Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.wordfence.com/blog/2018/11/xss-injection-campaign-exploits-wordpress-amp-plugin/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/accelerated-mobile-pages/trunk/changelog.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/accelerated-mobile-pages/#developers"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ampforwp.com/critical-security-issues-has-been-fixed-in-0-9-97-20-version/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ampforwp_save_steps_data in the AMP for WP plugin before 0.9.97.21 for WordPress allows stored XSS."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-14T20:01:20",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.wordfence.com/blog/2018/11/xss-injection-campaign-exploits-wordpress-amp-plugin/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://plugins.trac.wordpress.org/browser/accelerated-mobile-pages/trunk/changelog.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/accelerated-mobile-pages/#developers"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ampforwp.com/critical-security-issues-has-been-fixed-in-0-9-97-20-version/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20838",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ampforwp_save_steps_data in the AMP for WP plugin before 0.9.97.21 for WordPress allows stored XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.wordfence.com/blog/2018/11/xss-injection-campaign-exploits-wordpress-amp-plugin/",
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2018/11/xss-injection-campaign-exploits-wordpress-amp-plugin/"
},
{
"name": "https://plugins.trac.wordpress.org/browser/accelerated-mobile-pages/trunk/changelog.txt",
"refsource": "MISC",
"url": "https://plugins.trac.wordpress.org/browser/accelerated-mobile-pages/trunk/changelog.txt"
},
{
"name": "https://wordpress.org/plugins/accelerated-mobile-pages/#developers",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/accelerated-mobile-pages/#developers"
},
{
"name": "https://ampforwp.com/critical-security-issues-has-been-fixed-in-0-9-97-20-version/",
"refsource": "MISC",
"url": "https://ampforwp.com/critical-security-issues-has-been-fixed-in-0-9-97-20-version/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-20838",
"datePublished": "2019-05-13T04:04:18",
"dateReserved": "2019-05-12T00:00:00",
"dateUpdated": "2024-08-05T12:12:28.338Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}