WordPress Duplicator plugin version 3.8.7 appears to leave backups in a world accessible directory under the document root.

    ====================================================================================================================================| # Title     : WordPress - Duplicator 3.8.7 Backup Disclosure Vulnerability                                                       || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 108.0.2(64-bit)                                            | | # Vendor    : https://snapcreek.com/duplicator/docs/changelog/                                                                   |  | # Dork      : "/wp-content/backups-dup-pro/"                                                                                     |====================================================================================================================================P0C :[+] appears to leave backups in a world accessible directory under the document root & The plugin exports a backup exported as a text file and contains sensitive informations.[+] Dorking İn Google Or Other Search Enggine.[+] Use payload : "/wp-content/backups-dup-pro/"[+] https://127.0.0.1/pfauen.de/wp-content/backups-dup-pro/Greetings to :=========================================================================================================================jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm * thelastvvv *Zigoo.eg                      |=======================================================================================================================================

WordPress Duplicator 3.8.7 Backup Disclosure

Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Neha Goel Recent Posts Slider plugin <= 1.1 versions.

**Solution**

 No fix

No patched version is available. The WordPress plugins review team was notified on 2023 April 25.

LEE SE HYOUNG (hackintoanetwork) discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Recent Posts Slider Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has not been known to be fixed yet.

**Other vulnerabilities in this plugin**

 2 present

 0 patched

View all

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2023-35043: WordPress Recent Posts Slider plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability - Patchstack

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in PluginForage WooCommerce Product Categories Selection Widget plugin <= 2.0 versions.

**Solution**

 No fix

No patched version is available. The WordPress plugins review team was notified on Apr 14, 2023.

Nguyen Xuan Chien discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress WooCommerce Product Categories Selection Widget Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has not been known to be fixed yet.

**No other known vulnerabilities for this plugin**Report

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2023-33925: WordPress WooCommerce Product Categories Selection Widget plugin <= 2.0 - Reflected Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Steven Henty Drop Shadow Boxes plugin <= 1.7.10 versions.

**Solution**

 Fixed

Update the WordPress Drop Shadow Boxes plugin to the latest available version (at least 1.7.11).

Found this useful? Thank Lana Codes for reporting this vulnerability. Buy a coffee ☕

Lana Codes discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Drop Shadow Boxes Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 1.7.11.

**Other vulnerabilities in this plugin**

 0 present

 4 patched

View all

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2023-23833: WordPress Drop Shadow Boxes plugin <= 1.7.10 - Cross Site Scripting (XSS) vulnerability - Patchstack

REDCap 12.0.26 LTS and 12.3.2 Standard allows SQL Injection via scheduling, repeatforms, purpose, app_title, or randomization.

CVE-2023-37361: Trustwave Security Advisories

WordPress Page Builder KingComposer plugin version 2.9.6 suffers from an open redirection vulnerability.

    ====================================================================================================================================| # Title     : WordPress Page Builder KingComposer 2.9.6 Open Redirect Vulnerability                                              || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 69.0(32-bit)                                               | | # Vendor    : https://kingcomposer.com/                                                                                          |  ====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] use payload : /wp-admin/admin-ajax.php?action=kc_get_thumbn&id=https://packetstormsecurity.com/[+] https://example.com/wp-admin/admin-ajax.php?action=kc_get_thumbn&id=https://packetstormsecurity.com/Greetings to :=================================================================jericho * Larry W. Cashdollar * shadow_00715 * LiquidWorm * Hussin-X * D4NB4R |===============================================================================

WordPress Page Builder KingComposer 2.9.6 Open Redirection

WordPress Image Optimization plugin version 3.8.2 suffers from an open redirection vulnerability.

    ====================================================================================================================================| # Title     : WordPress Image Optimization 3.8.2 Open Redirect Vulnerability                                                     || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 69.0(32-bit)                                               | | # Vendor    : https://wordpress.org/plugins/optimole-wp/                                                                         |  ====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] use payload : /w:auto/h:auto/q:90/https://packetstatic.com/uimg1675889793/156867/150.jpg[+] https://mlsxkssu4flj.i.optimolecom/nyJIGCw._y-W~3254a/w:auto/h:auto/q:90/https://packetstatic.com/uimg1675889793/156867/150.jpgGreetings to :=================================================================jericho * Larry W. Cashdollar * shadow_00715 * LiquidWorm * Hussin-X * D4NB4R |===============================================================================

WordPress Image Optimization 3.8.2 Open Redirection

The Auto Location for WP Job Manager via Google WordPress plugin before 1.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

CVE-2023-3344

The All-in-one Floating Contact Form WordPress plugin before 2.1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

CVE-2023-3248

The User Activity Log WordPress plugin before 1.6.3 does not properly sanitise and escape the `txtsearch` parameter before using it in a SQL statement in some admin pages, leading to a SQL injection exploitable by high privilege users such as admin.

Tag

#wordpress