Search criteria
4 vulnerabilities by TODO
CVE-2022-3154 (GCVE-0-2022-3154)
Vulnerability from cvelistv5 – Published: 2022-10-10 00:00 – Updated: 2024-08-03 01:00
VLAI?
Title
Multiple Plugins from Viszt Peter - Multiple CSRF
Summary
The Woo Billingo Plus WordPress plugin before 4.4.5.4, Integration for Billingo & Gravity Forms WordPress plugin before 1.0.4, Integration for Szamlazz.hu & Gravity Forms WordPress plugin before 1.2.7 are lacking CSRF checks in various AJAX actions, which could allow attackers to make logged in Shop Managers and above perform unwanted actions, such as deactivate the plugin's license
Severity ?
No CVSS data available.
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| TODO | Woo Billingo Plus |
Affected:
4.4.5.4 , < 4.4.5.4
(custom)
|
||||||||||||
|
||||||||||||||
Credits
Lana Codes
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:00:10.538Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/cda978b2-b31f-495d-8601-0aaa3e4b45cd"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Woo Billingo Plus",
"vendor": "TODO",
"versions": [
{
"lessThan": "4.4.5.4",
"status": "affected",
"version": "4.4.5.4",
"versionType": "custom"
}
]
},
{
"product": "Integration for Billingo \u0026 Gravity Forms",
"vendor": "TODO",
"versions": [
{
"lessThan": "1.0.4",
"status": "affected",
"version": "1.0.4",
"versionType": "custom"
}
]
},
{
"product": "Integration for Szamlazz.hu \u0026 Gravity Forms",
"vendor": "TODO",
"versions": [
{
"lessThan": "1.2.7",
"status": "affected",
"version": "1.2.7",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Lana Codes"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Woo Billingo Plus WordPress plugin before 4.4.5.4, Integration for Billingo \u0026 Gravity Forms WordPress plugin before 1.0.4, Integration for Szamlazz.hu \u0026 Gravity Forms WordPress plugin before 1.2.7 are lacking CSRF checks in various AJAX actions, which could allow attackers to make logged in Shop Managers and above perform unwanted actions, such as deactivate the plugin\u0027s license"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-10T00:00:00",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"url": "https://wpscan.com/vulnerability/cda978b2-b31f-495d-8601-0aaa3e4b45cd"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple Plugins from Viszt Peter - Multiple CSRF",
"x_generator": "WPScan CVE Generator"
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2022-3154",
"datePublished": "2022-10-10T00:00:00",
"dateReserved": "2022-09-07T00:00:00",
"dateUpdated": "2024-08-03T01:00:10.538Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-2594 (GCVE-0-2022-2594)
Vulnerability from cvelistv5 – Published: 2022-08-22 15:05 – Updated: 2024-08-03 00:39
VLAI?
Title
Advanced Custom Fields 5.0-5.12.2 - Unauthenticated File Upload
Summary
The Advanced Custom Fields WordPress plugin before 5.12.3, Advanced Custom Fields Pro WordPress plugin before 5.12.3 allows unauthenticated users to upload files allowed in a default WP configuration (so PHP is not possible) if there is a frontend form available. This vulnerability was introduced in the 5.0 rewrite and did not exist prior to that release.
Severity ?
No CVSS data available.
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| TODO | Advanced Custom Fields |
Affected:
5.0 , < 5.0*
(custom)
Affected: 5.12.3 , < 5.12.3 (custom) |
|||||||
|
|||||||||
Credits
James Golovich
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:39:08.043Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/3fde5336-552c-4861-8b4d-89a16735c0e2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.pritect.net/blog/advanced-custom-fields-5-12-3-can-allow-unauthenticated-users-to-upload-arbitrary-files"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Advanced Custom Fields",
"vendor": "TODO",
"versions": [
{
"lessThan": "5.0*",
"status": "affected",
"version": "5.0",
"versionType": "custom"
},
{
"lessThan": "5.12.3",
"status": "affected",
"version": "5.12.3",
"versionType": "custom"
}
]
},
{
"product": "Advanced Custom Fields Pro",
"vendor": "TODO",
"versions": [
{
"lessThan": "5.0*",
"status": "affected",
"version": "5.0",
"versionType": "custom"
},
{
"lessThan": "5.12.3",
"status": "affected",
"version": "5.12.3",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "James Golovich"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Advanced Custom Fields WordPress plugin before 5.12.3, Advanced Custom Fields Pro WordPress plugin before 5.12.3 allows unauthenticated users to upload files allowed in a default WP configuration (so PHP is not possible) if there is a frontend form available. This vulnerability was introduced in the 5.0 rewrite and did not exist prior to that release."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-22T15:05:02",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/3fde5336-552c-4861-8b4d-89a16735c0e2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.pritect.net/blog/advanced-custom-fields-5-12-3-can-allow-unauthenticated-users-to-upload-arbitrary-files"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Advanced Custom Fields 5.0-5.12.2 - Unauthenticated File Upload",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2022-2594",
"STATE": "PUBLIC",
"TITLE": "Advanced Custom Fields 5.0-5.12.2 - Unauthenticated File Upload"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Advanced Custom Fields",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_name": "5.0",
"version_value": "5.0"
},
{
"version_affected": "\u003c",
"version_name": "5.12.3",
"version_value": "5.12.3"
}
]
}
},
{
"product_name": "Advanced Custom Fields Pro",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_name": "5.0",
"version_value": "5.0"
},
{
"version_affected": "\u003c",
"version_name": "5.12.3",
"version_value": "5.12.3"
}
]
}
}
]
},
"vendor_name": "TODO"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "James Golovich"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Advanced Custom Fields WordPress plugin before 5.12.3, Advanced Custom Fields Pro WordPress plugin before 5.12.3 allows unauthenticated users to upload files allowed in a default WP configuration (so PHP is not possible) if there is a frontend form available. This vulnerability was introduced in the 5.0 rewrite and did not exist prior to that release."
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-434 Unrestricted Upload of File with Dangerous Type"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/3fde5336-552c-4861-8b4d-89a16735c0e2",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/3fde5336-552c-4861-8b4d-89a16735c0e2"
},
{
"name": "https://www.pritect.net/blog/advanced-custom-fields-5-12-3-can-allow-unauthenticated-users-to-upload-arbitrary-files",
"refsource": "MISC",
"url": "https://www.pritect.net/blog/advanced-custom-fields-5-12-3-can-allow-unauthenticated-users-to-upload-arbitrary-files"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2022-2594",
"datePublished": "2022-08-22T15:05:03",
"dateReserved": "2022-08-01T00:00:00",
"dateUpdated": "2024-08-03T00:39:08.043Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-24892 (GCVE-0-2021-24892)
Vulnerability from cvelistv5 – Published: 2021-11-23 19:16 – Updated: 2024-08-03 19:49
VLAI?
Title
Advanced Forms < 1.6.9 - Subscriber+ Arbitrary User Email Address Update via IDOR
Summary
Insecure Direct Object Reference in edit function of Advanced Forms (Free & Pro) before 1.6.9 allows authenticated remote attacker to change arbitrary user's email address and request for reset password, which could lead to take over of WordPress's administrator account. To exploit this vulnerability, an attacker must register to obtain a valid WordPress's user and use such user to authenticate with WordPress in order to exploit the vulnerable edit function.
Severity ?
No CVSS data available.
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| TODO | Advanced Forms Ppro |
Affected:
1.6.9 , < 1.6.9
(custom)
|
|||||||
|
|||||||||
Credits
Suppawit Punhakit
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:49:13.470Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/364b0843-a990-4204-848a-60c928cc5bc0"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/advancedforms/advanced-forms/commit/2ce3ab6985c3a909eefb01c562995bc6a994d3a2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Advanced Forms Ppro",
"vendor": "TODO",
"versions": [
{
"lessThan": "1.6.9",
"status": "affected",
"version": "1.6.9",
"versionType": "custom"
}
]
},
{
"product": "Advanced Forms",
"vendor": "TODO",
"versions": [
{
"lessThan": "1.6.9",
"status": "affected",
"version": "1.6.9",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Suppawit Punhakit"
}
],
"descriptions": [
{
"lang": "en",
"value": "Insecure Direct Object Reference in edit function of Advanced Forms (Free \u0026 Pro) before 1.6.9 allows authenticated remote attacker to change arbitrary user\u0027s email address and request for reset password, which could lead to take over of WordPress\u0027s administrator account. To exploit this vulnerability, an attacker must register to obtain a valid WordPress\u0027s user and use such user to authenticate with WordPress in order to exploit the vulnerable edit function."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-23T19:16:23",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/364b0843-a990-4204-848a-60c928cc5bc0"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/advancedforms/advanced-forms/commit/2ce3ab6985c3a909eefb01c562995bc6a994d3a2"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Advanced Forms \u003c 1.6.9 - Subscriber+ Arbitrary User Email Address Update via IDOR",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24892",
"STATE": "PUBLIC",
"TITLE": "Advanced Forms \u003c 1.6.9 - Subscriber+ Arbitrary User Email Address Update via IDOR"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Advanced Forms Ppro",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "1.6.9",
"version_value": "1.6.9"
}
]
}
},
{
"product_name": "Advanced Forms",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "1.6.9",
"version_value": "1.6.9"
}
]
}
}
]
},
"vendor_name": "TODO"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Suppawit Punhakit"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insecure Direct Object Reference in edit function of Advanced Forms (Free \u0026 Pro) before 1.6.9 allows authenticated remote attacker to change arbitrary user\u0027s email address and request for reset password, which could lead to take over of WordPress\u0027s administrator account. To exploit this vulnerability, an attacker must register to obtain a valid WordPress\u0027s user and use such user to authenticate with WordPress in order to exploit the vulnerable edit function."
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-639 Authorization Bypass Through User-Controlled Key"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/364b0843-a990-4204-848a-60c928cc5bc0",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/364b0843-a990-4204-848a-60c928cc5bc0"
},
{
"name": "https://github.com/advancedforms/advanced-forms/commit/2ce3ab6985c3a909eefb01c562995bc6a994d3a2",
"refsource": "MISC",
"url": "https://github.com/advancedforms/advanced-forms/commit/2ce3ab6985c3a909eefb01c562995bc6a994d3a2"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24892",
"datePublished": "2021-11-23T19:16:23",
"dateReserved": "2021-01-14T00:00:00",
"dateUpdated": "2024-08-03T19:49:13.470Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-24713 (GCVE-0-2021-24713)
Vulnerability from cvelistv5 – Published: 2021-11-23 19:16 – Updated: 2024-08-03 19:42
VLAI?
Title
Video Lessons Manager - Admin+ Stored Cross-Site Scripting
Summary
The Video Lessons Manager WordPress plugin before 1.7.2 and Video Lessons Manager Pro WordPress plugin before 3.5.9 do not properly sanitize and escape values when updating their settings, which could allow high privilege users to perform Cross-Site Scripting attacks
Severity ?
No CVSS data available.
CWE
- CWE-79 - Cross-site Scripting (XSS)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| TODO | Video Lessons Manager – Best Video Course LMS |
Affected:
1.7.2 , < 1.7.2
(custom)
|
|||||||
|
|||||||||
Credits
Shivam Rai
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:42:16.189Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/4a90be69-41eb-43e9-962d-34316497b4df"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Video Lessons Manager \u2013 Best Video Course LMS",
"vendor": "TODO",
"versions": [
{
"lessThan": "1.7.2",
"status": "affected",
"version": "1.7.2",
"versionType": "custom"
}
]
},
{
"product": "Video Lessons Manager Pro \u2013 Best Video Course LMS",
"vendor": "TODO",
"versions": [
{
"lessThan": "3.5.9",
"status": "affected",
"version": "3.5.9",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Shivam Rai"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Video Lessons Manager WordPress plugin before 1.7.2 and Video Lessons Manager Pro WordPress plugin before 3.5.9 do not properly sanitize and escape values when updating their settings, which could allow high privilege users to perform Cross-Site Scripting attacks"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-23T19:16:09",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/4a90be69-41eb-43e9-962d-34316497b4df"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Video Lessons Manager - Admin+ Stored Cross-Site Scripting",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24713",
"STATE": "PUBLIC",
"TITLE": "Video Lessons Manager - Admin+ Stored Cross-Site Scripting"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Video Lessons Manager \u2013 Best Video Course LMS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "1.7.2",
"version_value": "1.7.2"
}
]
}
},
{
"product_name": "Video Lessons Manager Pro \u2013 Best Video Course LMS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "3.5.9",
"version_value": "3.5.9"
}
]
}
}
]
},
"vendor_name": "TODO"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Shivam Rai"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Video Lessons Manager WordPress plugin before 1.7.2 and Video Lessons Manager Pro WordPress plugin before 3.5.9 do not properly sanitize and escape values when updating their settings, which could allow high privilege users to perform Cross-Site Scripting attacks"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/4a90be69-41eb-43e9-962d-34316497b4df",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/4a90be69-41eb-43e9-962d-34316497b4df"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24713",
"datePublished": "2021-11-23T19:16:09",
"dateReserved": "2021-01-14T00:00:00",
"dateUpdated": "2024-08-03T19:42:16.189Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}