Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-11082
Tumult Hype Animations <= 1.9.15 - Authenticated (Author+) Arbitrary File Upload via hypeanimations_panel Function
Description: The Tumult Hype Animations plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the hypeanimations_panel() function in all versions up to, and including, 1.9.15. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

CVSS: CRITICAL (9.9)

EPSS Score: 0.05%

Source: CVE
November 29th, 2024 (5 months ago)

CVE-2024-8672
Widget Options – The #1 WordPress Widget & Block Control Plugin <= 4.0.7 - Authenticated (Contributor+) Remote Code Execution
Description: The Widget Options – The #1 WordPress Widget & Block Control Plugin plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.0.7 via the display logic functionality that extends several page builders. This is due to the plugin allowing users to supply input that will be passed through eval() without any filtering or capability checks. This makes it possible for authenticated attackers, with contributor-level access and above, to execute code on the server. Special note: We suggested the vendor implement an allowlist of functions and limit the ability to execute commands to just administrators, however, they did not take our advice. We are considering this patched, however, we believe it could still be further hardened and there may be residual risk with how the issue is currently patched.

CVSS: CRITICAL (9.9)

EPSS Score: 0.05%

Source: CVE
November 29th, 2024 (5 months ago)

CVE-2024-52490
WordPress Pathomation plugin <= 2.5.1 - Arbitrary File Upload vulnerability
Description: Unrestricted Upload of File with Dangerous Type vulnerability in Pathomation allows Upload a Web Shell to a Web Server.This issue affects Pathomation: from n/a through 2.5.1.

CVSS: CRITICAL (10.0)

EPSS Score: 0.04%

Source: CVE
November 29th, 2024 (5 months ago)

CVE-2024-52475
WordPress Wawp plugin < 3.0.18 - Account Takeover vulnerability
Description: Authentication Bypass Using an Alternate Path or Channel vulnerability in Automation Web Platform Wawp allows Authentication Bypass.This issue affects Wawp: from n/a before 3.0.18.

CVSS: CRITICAL (9.8)

EPSS Score: 0.04%

Source: CVE
November 29th, 2024 (5 months ago)

CVE-2024-52474
WordPress Express Payments plugin <= 1.1.8 - SQL Injection vulnerability
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LLC «TriIncom» Express Payments Module allows Blind SQL Injection.This issue affects Express Payments Module: from n/a through 1.1.8.

CVSS: CRITICAL (9.3)

EPSS Score: 0.04%

Source: CVE
November 29th, 2024 (5 months ago)

CVE-2024-11103
Contest Gallery <= 24.0.7 - Unauthenticated Arbitrary Password Reset to Privilege Escalation/Account Takeover
Description: The Contest Gallery plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 24.0.7. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account.

CVSS: CRITICAL (9.8)

EPSS Score: 0.06%

Source: CVE
November 29th, 2024 (5 months ago)

CVE-2023-3197
Description: The MStore API plugin for WordPress is vulnerable to Unauthenticated Blind SQL Injection via the 'id' parameter in versions up to, and including, 4.0.1 due to insufficient escaping on the user supplied parameters and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

CVSS: CRITICAL (9.8)

EPSS Score: 0.04%

Source: CVE
November 28th, 2024 (5 months ago)

CVE-2023-2982
Description: The WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 7.6.4. This is due to insufficient encryption on the user being supplied during a login validated through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they know the email address associated with that user. This was partially patched in version 7.6.4 and fully patched in version 7.6.5.

CVSS: CRITICAL (9.8)

EPSS Score: 0.19%

Source: CVE
November 28th, 2024 (5 months ago)

CVE-2023-2834
Description: The BookIt plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.3.7. This is due to insufficient verification on the user being supplied during booking an appointment through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email.

CVSS: CRITICAL (9.8)

EPSS Score: 0.05%

Source: CVE
November 27th, 2024 (5 months ago)

CVE-2024-11024
AppPresser – Mobile App Framework <= 4.4.6 - Unauthenticated Privilege Escalation via Password Reset
Description: The AppPresser – Mobile App Framework plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.4.6. This is due to the plugin not properly validating a user's password reset code prior to updating their password. This makes it possible for unauthenticated attackers, with knowledge of a user's email address, to reset the user's password and gain access to their account.

CVSS: CRITICAL (9.8)

EPSS Score: 0.04%

Source: CVE
November 27th, 2024 (5 months ago)