WP ALL Export Pro < 1.7.9 – Authenticated SQLi

Vulnerability WP ALL Export Pro < 1.7.9 – Authenticated SQLi Description The plugin does not limit some functionality during exports only to users with the Administrator role, allowing any logged in user which has been given privileges to perform exports to execute arbitrary code on the site. By default only administrators can run exports, but […]

WP ALL Export Pro < 1.7.9 – Authenticated Code Injection

Vulnerability WP ALL Export Pro < 1.7.9 – Authenticated Code Injection Description The plugin does not limit some functionality during exports only to users with the Administrator role, allowing any logged in user which has been given privileges to perform exports to execute arbitrary code on the site. By default only administrators can run exports, […]

Import all XML, CSV & TXT into WordPress < 6.5.8 – Missing Authorisation

Vulnerability Import all XML, CSV & TXT into WordPress < 6.5.8 – Missing Authorisation Description The plugin does not have authorisation in some places, which could allow any authenticated users to access some of the plugin features if they manage to get the related nonce CVE-ID CVE-2022-3244 Vendor Smackcoders Product WP Ultimate CSV Importer Disclosure […]

Import all XML, CSV & TXT into WordPress < 6.5.8 – Admin+ SQLi

Vulnerability Import all XML, CSV & TXT into WordPress < 6.5.8 – Admin+ SQLi Description The plugin does not properly sanitise and escape imported data before using them back SQL statements, leading to SQL injection exploitable by high privilege users such as admin CVE-ID CVE-2022-3243 Vendor Smackcoders Product WP Ultimate CSV Importer Disclosure Timeline Reported […]

Stored Cross Site Scripting in FluentSMTP prior to 2.2.2.

Vulnerability Stored Cross Site Scripting in FluentSMTP plugin prior to 2.2.2. Description The plugin has a functionality that allows the admin to view logs of all emails sent using wpmail function. No sanitization while rendering the email content leads to stored cross-site scripting. CVE-ID CVE-2023-0219 Vendor WPManageNinja Product FluentSMTP prior to 2.2.2 Disclosure Timeline Reported […]

CloudSchool v3.0.1 is vulnerable to Cross Site Scripting (XSS)

Vulnerability CloudSchool v3.0.1 is vulnerable to Cross Site Scripting (XSS). A normal user can steal session cookies of the admin users through notification received by the admin user. Description CloudSchool v3.0.1 in GitHub repo hrshadhin/school-management-system This vulnerability causes the attacker to execute XSS payloads in the session of another user which may result to cookie […]

SQL injection in School Management System 1.0

Vulnerability SQL injection in School Management System 1.0 allows remote attackers to modify or delete data, causing persistent changes to the application’s content or behavior by using malicious SQL queries. Description SQL injection in School Management System 1.0 in GitHub repo lahirudanushka/School-Management-System—PHP-MySQL allows remote attackers to modify or delete data, causing persistent changes to the […]

Flatpress v1.2.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the page parameter at /flatpress/admin.php.

Vulnerability Reflected XSS on page parameter in Flatpress 1.2.1 Description: Page parameter does not sanitize input properly and reflect as it leads to reflected XSS attacks. CVE-ID CVE-2022-40047 Vendor Flatpress Product FlatPress v1.2.1 Disclosure Timeline Reported On: 27th July 2022 Made Public On: 28th Sep 2022 Fixed On: Fix in Progress Credits Sandeep Wawdane

Remote code execution (RCE) via Upload File bypass in Flatpress 1.2.1

Vulnerability Remote code execution (RCE) vulnerability in the Upload File functionality in Flatpress 1.2.1 Description The application has the functionality to upload images and download them further. The download functionality is not sandboxed, and it does not have proper security control which can be bypassed by tricking webserver and uploading dangerous file types which leads […]

Command Injection in GitHub repository Nuitka/Nuitka prior to 0.9.

Vulnerability Command Injection in GitHub repository Nuitka prior to 0.9. Description The main() function uses the eval() function which can lead to contextual code execution, allowing an attacker to gain access to a system and execute commands with the privileges of the running program by setting NUITKA_PYTHONPATH, NUITKA_NAMESPACES, or NUITKA_PTH_IMPORTED to a malicious payload string. This can lead to backdoors, reverse shells or […]