WordPress Plugin Vulnerabilities Multi Scheduler <= 1.0.0 – Arbitrary Record Deletion via CSRFMapPress Maps < 2.54.6 – Improper Capability Checks in AJAX CallsbbPress < 2.6.5 – Authenticated Stored Cross-Site Scripting via the forums list tablebbPress 2.6-2.6.5 – Authenticated Privilege Escalation via the Super Moderator featurebbPress < 2.6.5 – Unauthenticated Privilege Escalation when New User Registration… More

WordPress Core Vulnerabilities WordPress < 5.4.1 – Stored Cross-Site Scripting (XSS) in CustomizerWordPress < 5.4.1 – Authenticated Cross-Site Scripting (XSS) in File UploadsWordPress < 5.4.1 – Cross-Site Scripting (XSS) in wp-object-cacheWordPress < 5.4.1 – Authenticated Cross-Site Scripting (XSS) in Search BlockWordPress < 5.4.1 – Authenticated Cross-Site Scripting (XSS) in CustomizerWordPress < 5.4.1 – Unauthenticated Users… More

Since we launched our WordPress vulnerability database in 2014, we have been lacking one important factor, vulnerability risk scores. This was partly due to not being able to decide on which risk scoring system to use, not having the time to implement the system, and not having the time to assign risk scores to new vulnerabilities, if… More

For the past few weeks we have been busy working on new features and improvements to our WordPress Vulnerability Database, which went live today. Even though the whole world is going through difficult times right now, we are still here adding vulnerabilities to our databases and improving our services. So, what do we have for you! More

WordPress Plugin Vulnerabilities LifterLMS < 3.37.15 – Arbitrary File WritingWordPress SEO Plugin – Rank Math < 1.0.41 – Redirect Creation via Unprotected REST API EndpointWordPress SEO Plugin – Rank Math < 1.0.41 – Privilege Escalation via Unprotected REST API EndpointElementor Page Builder < 2.9.6 – Authenticated Safe Mode Privilege EscalationCM Pop-Up banners < 1.4.11 -… More

From today all Enterprise users have access to Slack Incoming Webhook Notifications functionality. The new notifications allow Enterprise users to set a Slack Incoming Webhook URL within their profile page that will send a Slack notification with the vulnerability title and URL every time a new vulnerability is added to our database. More

While checking fixes of critical issues in a premium plugin, we stumbled across an insufficient filename entropy where the PHP function time() was used to generate a part of the md5 hashed string to form the filename. These files generally contain sensitive data, such as log, PII etc and as it’s not the first we see such… More

WordPress Plugin Vulnerabilities wpdefault – Backdoor PluginAsync Javascript < 2.20.02.27 – Subscriber+ Stored XSS via Plugin Settings Change10Web Map Builder for Google Maps < 1.0.64 – Unauthenticated Stored XSS via Plugin Settings ChangeModern Events Calendar Lite <= 5.1.6 – Multiple Subscriber+ Stored XSSExport Users to CSV <= 1.4.2 – CSV InjectionPhoto Gallery < 1.5.46 -… More

From today we have two new fields output in our API for enterprise users, the description and poc fields. We have been displaying this data on the wpvulndb.com website since almost the beginning of the project, but excluded the data from the API due to concerns of the extra bandwidth costs. We have had a number of users request the data… More

On March 2nd 2020 we will be introducing paid vulnerability email alerts for instant and daily emails. Traditionally we have been giving these away free of charge to our users, but the number of subscribers has increased steadily over the years and they are starting to become a significant monthly cost to us. More