CVE-2022-1390
The Admin Word Count Column WordPress plugin through 2.2 does not validate the path parameter given to readfile(), which could allow unauthenticated attackers to read arbitrary files on server running old version of PHP susceptible to the null byte technique. This could also lead to RCE by using a Phar Deserialization technique
Source: CVE-2022-1390
CVE-2022-1391
The Cab fare calculator WordPress plugin through 1.0.3 does not validate the controller parameter before using it in require statements, which could lead to Local File Inclusion issues.
Source: CVE-2022-1391
CVE-2022-1156
The Books & Papers WordPress plugin through 0.20210223 does not escape its Custom DB prefix settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
Source: CVE-2022-1156
CVE-2022-1152
The Menubar WordPress plugin before 5.8 does not sanitise and escape the command parameter before outputting it back in the response via the menubar AJAX action (available to any authenticated users), leading to a Reflected Cross-Site Scripting
Source: CVE-2022-1152
CVE-2022-1228
The Opensea WordPress plugin before 1.0.3 does not sanitize and escape some of its settings, like its "Referer address" field, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
Source: CVE-2022-1228
CVE-2022-1153
The LayerSlider WordPress plugin before 7.1.2 does not sanitise and escape Project’s slug before outputting it back in various place, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed
Source: CVE-2022-1153
CVE-2022-22392
IBM Planning Analytics Local 2.0 could allow an attacker to upload arbitrary executable files which, when executed by an unsuspecting victim could result in code execution. IBM X-Force ID: 222066.
Source: CVE-2022-22392
CVE-2022-0541
The flo-launch WordPress plugin before 2.4.1 injects code into wp-config.php when creating a cloned site, allowing any attacker to initiate a new site install by setting the flo_custom_table_prefix cookie to an arbitrary value.
Source: CVE-2022-0541
CVE-2022-0363
The myCred WordPress plugin before 2.4.4 does not have any authorisation and CSRF checks in the mycred-tools-import-export AJAX action, allowing any authenticated users, such as subscribers, to call it and import mycred setup, thus creating badges, managing points or creating arbitrary posts.
Source: CVE-2022-0363
CVE-2021-25111
The English WordPress Admin WordPress plugin before 1.5.2 does not validate the admin_custom_language_return_url before redirecting users o it, leading to an open redirect issue
Source: CVE-2021-25111