Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-12313
Compare Products for WooCommerce <= 3.2.1 - Unauthenticated PHP Object Injection
Description: The Compare Products for WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.2.1 via deserialization of untrusted input from the 'woo_compare_list' cookie. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.

CVSS: HIGH (8.1)

EPSS Score: 0.06%

Source: CVE
January 8th, 2025 (3 months ago)

CVE-2024-12202
Croma Music <= 3.6 - Authenticated (Subscriber+) Arbitrary Options Update in ironMusic_ajax
Description: The Croma Music plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'ironMusic_ajax' function in all versions up to, and including, 3.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site.

CVSS: HIGH (8.8)

EPSS Score: 0.05%

Source: CVE
January 8th, 2025 (3 months ago)

CVE-2024-12157
Popup – MailChimp, GetResponse and ActiveCampaign Intergrations <= 3.2.6 - Unauthenticated SQL Injection
Description: The Popup – MailChimp, GetResponse and ActiveCampaign Intergrations plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter of the 'upc_delete_db_record' AJAX action in all versions up to, and including, 3.2.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

CVSS: HIGH (7.5)

EPSS Score: 0.09%

Source: CVE
January 8th, 2025 (3 months ago)

CVE-2024-12152
MIPL WC Multisite Sync <= 1.1.5 - Unauthenticated Arbitrary File Download
Description: The MIPL WC Multisite Sync plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.1.5 via the 'mipl_wc_sync_download_log' action. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information.

CVSS: HIGH (7.5)

EPSS Score: 0.06%

Source: CVE
January 8th, 2025 (3 months ago)

CVE-2024-11725
SMS Alert Order Notifications – WooCommerce <= 3.7.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update
Description: The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the updateWcWarrantySettings() function in all versions up to, and including, 3.7.6. This makes it possible for authenticated attackers, with subscriber-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site. Please note this requires the woocommerce-warranty plugin to be installed in order to be exploited.

CVSS: HIGH (8.8)

EPSS Score: 0.09%

Source: CVE
January 8th, 2025 (3 months ago)

CVE-2024-11465
Custom Product Tabs for WooCommerce <= 1.8.5 - Authenticated (Shop Manager+) PHP Object Injection
Description: The Custom Product Tabs for WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.8.5 via deserialization of untrusted input in the 'yikes_woo_products_tabs' post meta parameter. This makes it possible for authenticated attackers, with Shop Manager-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.

CVSS: HIGH (7.2)

EPSS Score: 0.09%

Source: CVE
January 8th, 2025 (3 months ago)

CVE-2024-8066
File Manager Pro – Filester <= 1.8.6- Authenticated (Subscriber+) Arbitrary File Upload
Description: The File Manager Pro – Filester plugin for WordPress is vulnerable to arbitrary file uploads due to missing validation in the 'fsConnector' function in all versions up to, and including, 1.8.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, and granted permissions by an Administrator, to upload a new .htaccess file allowing them to subsequently upload arbitrary files on the affected site's server which may make remote code execution possible.

CVSS: HIGH (7.5)

EPSS Score: 0.05%

Source: CVE
January 7th, 2025 (3 months ago)

CVE-2024-11010
FileOrganizer <= 1.1.4 - Authenticated (Administrator+) Local JavaScript File Inclusion
Description: The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to Local JavaScript File Inclusion in all versions up to, and including, 1.1.4 via the 'default_lang' parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, to include and execute arbitrary JavaScript files on the server, allowing the execution of any JavaScript code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included.

CVSS: HIGH (7.2)

EPSS Score: 0.05%

Source: CVE
January 7th, 2025 (3 months ago)

CVE-2024-10957
UpdraftPlus: WP Backup & Migration Plugin 1.23.8 - 1.24.11 - Unauthenticated PHP Object Injection
Description: The UpdraftPlus: WP Backup & Migration Plugin plugin for WordPress is vulnerable to PHP Object Injection in all versions from 1.23.8 to 1.24.11 via deserialization of untrusted input in the 'recursive_unserialized_replace' function. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present. An administrator must perform a search and replace action to trigger the exploit.

CVSS: HIGH (8.8)

EPSS Score: 0.05%

Source: CVE
January 7th, 2025 (3 months ago)

CVE-2024-10957
Critical Flaw in UpdraftPlus Threatens 3 Million WordPress Sites
Description: A vulnerability has been discovered in UpdraftPlus, a popular WordPress plugin used for backup and migration tasks, potentially exposing millions of websites to attacks. The flaw, tracked as CVE-2024-10957, affects all versions up to 1.24.11 and allows unauthenticated attackers to exploit PHP Object Injection vulnerabilities, provided certain conditions are met. A patch addressing the issue … The post Critical Flaw in UpdraftPlus Threatens 3 Million WordPress Sites appeared first on CyberInsider.

CVSS: HIGH (8.8)

EPSS Score: 0.05%

Source: CyberInsider
January 6th, 2025 (3 months ago)