Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2024-11-21
CVE-2024-6132 - Wp Pexels Free Stock Photos Plugin
The Pexels: Free Stock Photos plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'pexels_fsp_images_options_validate' function in all versions up to, and including, 1.2.2. This makes it possible for authenticated attackers, with contributor-level and above permissions, to upload arbitrary files on the affected site's server which may make remote code execution possible.
PLUGIN
Wp Pexels Free Stock Photos
CVE-2024-6132
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2024-5343 - Robo Gallery Plugin
The Photo Gallery, Images, Slider in Rbs Image Gallery plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.19. This is due to missing or incorrect nonce validation on the 'rbs_ajax_create_article' and 'rbs_ajax_reset_views' functions. This makes it possible for unauthenticated attackers to create new posts and reset gallery view counts via a forged request granted they can trick a Contributor+ level user into performing an action such as clicking on a link.
PLUGIN
Robo Gallery
CVE-2024-5343
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2024-5574 - Wp Magazine Modules Lite Plugin
The WP Magazine Modules Lite plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.1.2 via the 'blockLayout' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included.
PLUGIN
Wp Magazine Modules Lite
CVE-2024-5574
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2024-5724 - Photo Video Gallery Master Plugin
The Photo Video Gallery Master plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.5.3 via deserialization of untrusted input 'PVGM_all_photos_details' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.
PLUGIN
Photo Video Gallery Master
CVE-2024-5724
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2024-2381 - Aliexpress Dropshipping With Alinext Plugin
The AliExpress Dropshipping with AliNext Lite plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajax_save_image function in all versions up to, and including, 3.3.5. This makes it possible for authenticated attackers, with subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
PLUGIN
Aliexpress Dropshipping With Alinext
CVE-2024-2381
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2024-6125 - Login With Phone Number Plugin
The Login with phone number plugin for WordPress is vulnerable to unauthorized password resets in versions up to, and including 1.7.34. This is due to the plugin generating too weak a reset code, and the code used to reset the password has no attempt or time limit. This makes it possible for unauthenticated attackers to reset the password of arbitrary users by guessing a 6-digit numeric reset code.
PLUGIN
Login With Phone Number
CVE-2024-6125
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2023-5527 - Business Directory Plugin
The Business Directory Plugin plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 6.4.3 via the class-csv-exporter.php file. This allows authenticated attackers, with author-level permissions and above, to embed untrusted input into CSV files exported by administrators, which can result in code execution when these files are downloaded and opened on a local system with a vulnerable configuration.
PLUGIN
Business Directory
CVE-2023-5527
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2024-6000 - Fooevents For Woocommerce Plugin
The FooEvents for WooCommerce plugin for WordPress is vulnerable to unauthorized arbitrary file uploads due to an improper capability setting on the 'display_ticket_themes_page' function in versions up to, and including, 1.19.20. This makes it possible for authenticated attackers with contributor-level capabilities or above, to upload arbitrary files on the affected site's server which may make remote code execution possible. This was partially patched in 1.19.20, and fully patched in 1.19.21.
PLUGIN
Fooevents For Woocommerce
CVE-2024-6000
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2024-3813 - Tagdiv Composer Plugin
The tagDiv Composer plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.8 via the 'td_block_title' shortcode 'block_template_id' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where php file type can be uploaded and included.
PLUGIN
Tagdiv Composer
CVE-2024-3813
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2023-6696 - Popup Builder Plugin
The Popup Builder – Create highly converting, mobile friendly marketing popups. plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on several functions in all versions up to, and including, 4.3.1. While some functions contain a nonce check, the nonce can be obtained from the profile page of a logged-in user. This allows subscribers to perform several actions including deleting subscribers and perform blind Server-Side Request Forgery.
PLUGIN
Popup Builder
CVE-2023-6696
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2024-2544 - Popup Builder Plugin
The Popup Builder plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on all AJAX actions. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform multiple unauthorized actions, such as deleting subscribers, and importing subscribers to conduct stored cross-site scripting attacks.
PLUGIN
Popup Builder
CVE-2024-2544
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2024-2024 - Folders Plugin
The Folders Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'handle_folders_file_upload' function in all versions up to, and including, 3.0.2. This makes it possible for authenticated attackers, with author access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
PLUGIN
Folders
CVE-2024-2024
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2024-5551 - Wp Staging Plugin
The WP STAGING Pro WordPress Backup Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.6.0. This is due to missing or incorrect nonce validation on the 'sub' parameter called from the WP STAGING WordPress Backup Plugin - Backup Duplicator & Migration plugin. This makes it possible for unauthenticated attackers to include any local files that end in '-settings.php' via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
PLUGIN
Wp Staging
CVE-2024-5551
Risk Score
Threat Entry
Updated 2025-01-10
CVE-2024-4404 - Elementskit Plugin
The ElementsKit PRO plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 3.6.2 via the 'render_raw' function. This can allow authenticated attackers, with contributor-level permissions and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
PLUGIN
Elementskit
CVE-2024-4404
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2024-1094 - Owered Appointment Booking With Visual Seat Plan And Ultimate Calendar Scheduling Plugin
The Timetics- AI-powered Appointment Booking with Visual Seat Plan and ultimate Calendar Scheduling plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the make_staff() function in all versions up to, and including, 1.0.21. This makes it possible for unauthenticated attackers to grant users staff permissions.
PLUGIN
Owered Appointment Booking With Visual Seat Plan And Ultimate Calendar Scheduling
CVE-2024-1094
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2024-4145 - Before 3 Plugin
The Search & Replace WordPress plugin before 3.2.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks (such as within a multi-site network).
PLUGIN
Before 3
CVE-2024-4145
Risk Score
Threat Entry
Updated 2025-03-21
CVE-2024-2098 - Download Manager Plugin
The Download Manager plugin for WordPress is vulnerable to unauthorized access of data due to an improper authorization check on the 'protectMediaLibrary' function in all versions up to, and including, 3.2.89. This makes it possible for unauthenticated attackers to download password-protected files.
PLUGIN
Download Manager
CVE-2024-2098
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2024-4845 - Icegram Express Plugin
The Icegram Express plugin for WordPress is vulnerable to SQL Injection via the ‘options[list_id]’ parameter in all versions up to, and including, 5.7.22 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
Icegram Express
CVE-2024-4845
Risk Score
Threat Entry
Updated 2024-11-21
CVE-2024-5543 - Slideshow Gallery Plugin
The Slideshow Gallery LITE plugin for WordPress is vulnerable to time-based SQL Injection via the id parameter in all versions up to, and including, 1.8.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
PLUGIN
Slideshow Gallery
CVE-2024-5543
Risk Score
Threat Entry
Updated 2025-02-05
CVE-2023-7264 - Build App Online Plugin
The Build App Online plugin for WordPress is vulnerable to account takeover due to a weak password reset mechanism in all versions up to, and including, 1.0.21. This makes it possible for unauthenticated attackers to reset the password of arbitrary users by guessing an 4-digit numeric reset code.
PLUGIN
Build App Online
CVE-2023-7264
Risk Score