Total
1368 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-2461 | 1 Transposh | 1 Transposh Wordpress Translation | 2022-09-09 | N/A | 5.3 MEDIUM |
| The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions up to, and including, 1.0.8.1. This is due to insufficient permissions checking on the 'tp_translation' AJAX action and default settings which makes it possible for unauthenticated attackers to influence the data shown on the site. | |||||
| CVE-2022-38370 | 1 Apache | 1 Iotdb | 2022-09-09 | N/A | 7.5 HIGH |
| Apache IoTDB grafana-connector version 0.13.0 contains an interface without authorization, which may expose the internal structure of database. Users should upgrade to version 0.13.1 which addresses this issue. | |||||
| CVE-2022-37344 | 1 Accommodation-system Project | 1 Accommodation-system | 2022-09-08 | N/A | 9.8 CRITICAL |
| Missing Access Control vulnerability in PHP Crafts Accommodation System plugin <= 1.0.1 at WordPress. | |||||
| CVE-2022-36427 | 1 About-rentals Project | 1 About-rentals | 2022-09-08 | N/A | 9.8 CRITICAL |
| Missing Access Control vulnerability in About Rentals. Inc. About Rentals plugin <= 1.5 at WordPress. | |||||
| CVE-2022-2657 | 1 Wc-marketplace | 1 Multivendor Marketplace Solution For Woocommerce - Wc Marketplace | 2022-09-08 | N/A | 4.3 MEDIUM |
| The Multivendor Marketplace Solution for WooCommerce WordPress plugin before 3.8.12 is lacking authorisation and CSRF in multiple AJAX actions, which could allow any authenticated users, such as subscriber to call them and suspend vendors (reporter by the submitter) or update arbitrary order status (identified by WPScan when verifying the issue) for example. Other unauthenticated attacks are also possible, either directly or via CSRF | |||||
| CVE-2022-38367 | 1 Netic | 1 User Export For Jira | 2022-09-08 | N/A | 5.3 MEDIUM |
| The Netic User Export add-on before 2.0.6 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all users from Jira by making an HTTP request to the affected endpoint. | |||||
| CVE-2022-2543 | 2022-09-05 | N/A | N/A | ||
| The Visual Portfolio, Photo Gallery & Post Grid WordPress plugin before 2.18.0 does not have proper authorisation checks in some of its REST endpoints, allowing unauthenticated users to call them and inject arbitrary CSS in arbitrary saved layouts | |||||
| CVE-2022-2376 | 2022-09-05 | N/A | N/A | ||
| The Directorist WordPress plugin before 7.3.1 discloses the email address of all users in an AJAX action available to both unauthenticated and any authenticated users | |||||
| CVE-2022-2373 | 1 Nsqua | 1 Simply Schedule Appointments | 2022-08-31 | N/A | 5.3 MEDIUM |
| The Simply Schedule Appointments WordPress plugin before 1.5.7.7 is missing authorisation in a REST endpoint, allowing unauthenticated users to retrieve WordPress users details such as name and email address | |||||
| CVE-2022-2034 | 1 Automattic | 1 Sensei Lms | 2022-08-31 | N/A | 5.3 MEDIUM |
| The Sensei LMS WordPress plugin before 4.5.0 does not have proper permissions set in one of its REST endpoint, allowing unauthenticated users to access private messages sent to teachers | |||||
| CVE-2021-24164 | 1 Ninjaforms | 1 Ninja Forms | 2022-08-30 | 4.0 MEDIUM | 4.3 MEDIUM |
| In the Ninja Forms Contact Form WordPress plugin before 3.4.34.1, low-level users, such as subscribers, were able to trigger the action, wp_ajax_nf_oauth, and retrieve the connection url needed to establish a connection. They could also retrieve the client_id for an already established OAuth connection. | |||||
| CVE-2021-24146 | 1 Webnus | 1 Modern Events Calendar Lite | 2022-08-30 | 5.0 MEDIUM | 7.5 HIGH |
| Lack of authorisation checks in the Modern Events Calendar Lite WordPress plugin, versions before 5.16.5, did not properly restrict access to the export files, allowing unauthenticated users to exports all events data in CSV or XML format for example. | |||||
| CVE-2021-24163 | 1 Ninjaforms | 1 Ninja Forms | 2022-08-30 | 6.5 MEDIUM | 8.8 HIGH |
| The AJAX action, wp_ajax_ninja_forms_sendwp_remote_install_handler, did not have a capability check on it, nor did it have any nonce protection, therefore making it possible for low-level users, such as subscribers, to install and activate the SendWP Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin before 3.4.34 and retrieve the client_secret key needed to establish the SendWP connection while also installing the SendWP plugin. | |||||
| CVE-2021-24839 | 1 Supportcandy | 1 Supportcandy | 2022-08-30 | 5.0 MEDIUM | 7.5 HIGH |
| The SupportCandy WordPress plugin before 2.2.5 does not have authorisation and CSRF checks in its wpsc_tickets AJAX action, which could allow unauthenticated users to call it and delete arbitrary tickets via the set_delete_permanently_bulk_ticket setting_action. Other actions may be affected as well. | |||||
| CVE-2021-24851 | 1 Insert Pages Project | 1 Insert Pages | 2022-08-30 | 4.0 MEDIUM | 4.3 MEDIUM |
| The Insert Pages WordPress plugin before 3.7.0 allows users with a role as low as Contributor to access content and metadata from arbitrary posts/pages regardless of their author and status (ie private), using a shortcode. Password protected posts/pages are not affected by such issue. | |||||
| CVE-2021-24906 | 1 Wp-experts | 1 Protect Wp Admin | 2022-08-29 | 5.0 MEDIUM | 7.5 HIGH |
| The Protect WP Admin WordPress plugin before 3.6.2 does not check for authorisation in the lib/pwa-deactivate.php file, which could allow unauthenticated users to disable the plugin (and therefore the protection offered) via a crafted request | |||||
| CVE-2022-34770 | 1 Tabit Technologies | 1 Tabit | 2022-08-26 | N/A | 7.5 HIGH |
| Tabit - sensitive information disclosure. Several APIs on the web system display, without authorization, sensitive information such as health statements, previous bills in a specific restaurant, alcohol consumption and smoking habits. Each of the described API’s, has in its URL one or more MongoDB ID which is not so simple to enumerate. However, they each receive a ‘tiny URL’ in Tabit’s domain, in the form of https://tbit.be/{suffix} with suffix being a 5 characters long string containing numbers, lower- and upper-case letters. It is not so simple to enumerate them all, but really easy to find some that work and lead to a personal endpoint. This is both an example of OWASP: API4 - rate limiting and OWASP: API1 - Broken object level authorization. Furthermore, the redirect URL disclosed the MongoDB IDs discussed above, and we could use them to query other endpoints disclosing more personal information. For example: The URL https://tabitisrael.co.il/online-reservations/health-statement?orgId={org_id}&healthStatementId={health_statement_id} is used to invite friends to fill a health statement before attending the restaurant. We can use the health_statement_id to access the https://tgm-api.tabit.cloud/health-statement/{health_statement_id} API which disclose medical information as well as id number. | |||||
| CVE-2022-2389 | 1 Buildwoofunnels | 1 Autonami | 2022-08-24 | N/A | 4.3 MEDIUM |
| The Abandoned Cart Recovery for WooCommerce, Follow Up Emails, Newsletter Builder & Marketing Automation By Autonami WordPress plugin before 2.1.2 does not have authorisation and CSRF checks in one of its AJAX action, allowing any authenticated users, such as subscriber to create automations | |||||
| CVE-2022-2382 | 1 Shapedplugin | 1 Product Slider For Woocommerce | 2022-08-24 | N/A | 4.3 MEDIUM |
| The Product Slider for WooCommerce WordPress plugin before 2.5.7 has flawed CSRF checks and lack authorisation in some of its AJAX actions, allowing any authenticated users, such as subscriber to call them. One in particular could allow them to delete arbitrary blog options. | |||||
| CVE-2022-2377 | 1 Wpwax | 1 Directorist | 2022-08-24 | N/A | 4.3 MEDIUM |
| The Directorist WordPress plugin before 7.3.0 does not have authorisation and CSRF checks in an AJAX action, allowing any authenticated users to send arbitrary emails on behalf of the blog | |||||