Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2024-11-21
CVE-2021-24188 - Before 3 Plugin
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WP Content Copy Protection & No Right Click WordPress plugin before 3.1.5, to install any plugin (including a specific version) from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install vulnerable plugins and could lead to more critical vulnerabilities like RCE.
PLUGIN
Before 3
CVE-2021-24188
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2021-24293 - Before 3 Plugin
In the eCommerce module of the NextGEN Gallery Pro WordPress plugin before 3.1.11, there is an action to call get_cart_items via photocrati_ajax , after that the settings[shipping_address][name] is able to inject malicious javascript.
PLUGIN
Before 3
CVE-2021-24293
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2021-24269 - Before 3 Plugin
The “Sina Extension for Elementor” WordPress Plugin before 3.3.12 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
PLUGIN
Before 3
CVE-2021-24269
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2021-24239 - Before 3 Plugin
The Pie Register – User Registration Forms. Invitation based registrations, Custom Login, Payments WordPress plugin before 3.7.0.1 does not sanitise the invitaion_code GET parameter when outputting it in the Activation Code page, leading to a reflected Cross-Site Scripting issue.
PLUGIN
Before 3
CVE-2021-24239
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2021-24218 - Before 3 Plugin
The wp_ajax_save_fbe_settings and wp_ajax_delete_fbe_settings AJAX actions of the Facebook for WordPress plugin before 3.0.4 were vulnerable to CSRF due to a lack of nonce protection. The settings in the saveFbeSettings function had no sanitization allowing for script tags to be saved.
PLUGIN
Before 3
CVE-2021-24218
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2021-24217 - Before 3 Plugin
The run_action function of the Facebook for WordPress plugin before 3.0.0 deserializes user supplied data making it possible for PHP objects to be supplied creating an Object Injection vulnerability. There was also a useable magic method in the plugin that could be used to achieve remote code execution.
PLUGIN
Before 3
CVE-2021-24217
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2021-24226 - Before 3 Plugin
In the AccessAlly WordPress plugin before 3.5.7, the file "resource/frontend/product/product-shortcode.php" responsible for the [accessally_order_form] shortcode is dumping serialize($_SERVER), which contains all environment variables. The leakage occurs on all public facing pages containing the [accessally_order_form] shortcode, no login or administrator role is required.
PLUGIN
Before 3
CVE-2021-24226
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2021-24200 - Before 3 Plugin
The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the endpoint /wp-admin/admin-ajax.php?action=get_wdtable&table_id=1, on the 'length' HTTP POST parameter. This allows an attacker to access all the data in the database and obtain access to the WordPress application.
PLUGIN
Before 3
CVE-2021-24200
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2021-24198 - Before 3 Plugin
The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can tamper the parameters to delete the data of another user that are present in the same table through id_key and id_val parameters. By exploiting this issue an attacker is able to delete the data of all users in the same table.
PLUGIN
Before 3
CVE-2021-24198
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2021-24197 - Before 3 Plugin
The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can tamper the parameters to access the data of another user that are present in the same table by taking over the user permissions on the table through formdata[wdt_ID] parameter. By exploiting this issue an attacker is able to access and manage the data of all users in the same table.
PLUGIN
Before 3
CVE-2021-24197
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2021-24199 - Before 3 Plugin
The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the endpoint /wp-admin/admin-ajax.php?action=get_wdtable&table_id=1, on the 'start' HTTP POST parameter. This allows an attacker to access all the data in the database and obtain access to the WordPress application.
PLUGIN
Before 3
CVE-2021-24199
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2021-24206 - Before 3 Plugin
In the Elementor Website Builder WordPress plugin before 3.1.4, the image box widget (includes/widgets/image-box.php) accepts a ‘title_size’ parameter. Although the element control lists a fixed set of possible html tags, it is possible for a user with Contributor or above permissions to send a modified ‘save_builder’ request containing JavaScript in the ‘title_size’ parameter, which is not filtered and is output without escaping. This JavaScript will then be executed when the saved page is viewed or previewed.
PLUGIN
Before 3
CVE-2021-24206
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2021-24205 - Before 3 Plugin
In the Elementor Website Builder WordPress plugin before 3.1.4, the icon box widget (includes/widgets/icon-box.php) accepts a ‘title_size’ parameter. Although the element control lists a fixed set of possible html tags, it is possible for a user with Contributor or above permissions to send a modified ‘save_builder’ request containing JavaScript in the ‘title_size’ parameter, which is not filtered and is output without escaping. This JavaScript will then be executed when the saved page is viewed or previewed.
PLUGIN
Before 3
CVE-2021-24205
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2021-24204 - Before 3 Plugin
In the Elementor Website Builder WordPress plugin before 3.1.4, the accordion widget (includes/widgets/accordion.php) accepts a ‘title_html_tag’ parameter. Although the element control lists a fixed set of possible html tags, it is possible for a user with Contributor or above permissions to send a modified ‘save_builder’ request containing JavaScript in the ‘title_html_tag’ parameter, which is not filtered and is output without escaping. This JavaScript will then be executed when the saved page is viewed or previewed.
PLUGIN
Before 3
CVE-2021-24204
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2021-24203 - Before 3 Plugin
In the Elementor Website Builder WordPress plugin before 3.1.4, the divider widget (includes/widgets/divider.php) accepts an ‘html_tag’ parameter. Although the element control lists a fixed set of possible html tags, it is possible for a user with Contributor or above permissions to send a modified ‘save_builder’ request with this parameter set to ‘script’ and combined with a ‘text’ parameter containing JavaScript, which will then be executed when the saved page is viewed or previewed.
PLUGIN
Before 3
CVE-2021-24203
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2021-24202 - Before 3 Plugin
In the Elementor Website Builder WordPress plugin before 3.1.4, the heading widget (includes/widgets/heading.php) accepts a ‘header_size’ parameter. Although the element control lists a fixed set of possible html tags, it is possible for a user with Contributor or above permissions to send a modified ‘save_builder’ request with this parameter set to ‘script’ and combined with a ‘title’ parameter containing JavaScript, which will then be executed when the saved page is viewed or previewed.
PLUGIN
Before 3
CVE-2021-24202
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2021-24201 - Before 3 Plugin
In the Elementor Website Builder WordPress plugin before 3.1.4, the column element (includes/elements/column.php) accepts an ‘html_tag’ parameter. Although the element control lists a fixed set of possible html tags, it is possible for a user with Contributor or above permissions to send a modified ‘save_builder’ request containing JavaScript in the ‘html_tag’ parameter, which is not filtered and is output without escaping. This JavaScript will then be executed when the saved page is viewed or previewed.
PLUGIN
Before 3
CVE-2021-24201
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2021-24163 - Before 3 Plugin
The AJAX action, wp_ajax_ninja_forms_sendwp_remote_install_handler, did not have a capability check on it, nor did it have any nonce protection, therefore making it possible for low-level users, such as subscribers, to install and activate the SendWP Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin before 3.4.34 and retrieve the client_secret key needed to establish the SendWP connection while also installing the SendWP plugin.
PLUGIN
Before 3
CVE-2021-24163
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2021-24169 - Before 3 Plugin
This Advanced Order Export For WooCommerce WordPress plugin before 3.1.8 helps you to easily export WooCommerce order data. The tab parameter in the Admin Panel is vulnerable to reflected XSS.
PLUGIN
Before 3
CVE-2021-24169
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2021-24165 - Before 3 Plugin
In the Ninja Forms Contact Form WordPress plugin before 3.4.34, the wp_ajax_nf_oauth_connect AJAX action was vulnerable to open redirect due to the use of a user supplied redirect parameter and no protection in place.
PLUGIN
Before 3
CVE-2021-24165
Risk Score