Common Vulnerabilities
In the Lana Codes Common Vulnerability Database (LANACOMMONVDB), we collect the vulnerabilities we discover in other systems and provide standard descriptions.
CVE ID:
CVE-2022-43472
WordPress Plugin
eroom-zoom-meetings-webinar <= 1.4.6
Vulnerability Type:
Broken Access Control, Cross-Site Request Forgery (CSRF), Sensitive Data Disclosure
The plugin does not have authorisation and Cross-Site Request Forgery (CSRF) check in the stm_wpcfto_get_settings AJAX action, which could allow any authenticated users to call it and retrieve meeting’s data.
CVE ID:
CVE-2022-41655
WordPress Plugin
phone-orders-for-woocommerce <= 3.7.1
Vulnerability Type:
Broken Access Control, Cross-Site Request Forgery (CSRF), Sensitive Data Disclosure
The plugin does not have authorisation and Cross-Site Request Forgery (CSRF) check in the phone-orders-for-woocommerce AJAX action, which could allow any authenticated users to call it and retrieve user’s personal data.
CVE ID:
CVE-2020-36656
WordPress Plugin
ultimate-addons-for-gutenberg <= 1.14.11
Vulnerability Type:
Cross-Site Scripting (XSS)
The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2023-0220
WordPress Plugin
booking-system <= 2.9.9.2.8
Vulnerability Type:
SQL Injection
The plugin does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber.
CVE ID:
CVE-2023-0335
WordPress Plugin
wp-shamsi <= 4.3.3
Vulnerability Type:
Broken Access Control, Cross-Site Request Forgery (CSRF)
The plugin has Cross-Site Request Forgery (CSRF) and broken access control vulnerabilities which leads user with role as low as subscriber to delete attachment.
CVE ID:
CVE-2023-0080
WordPress Plugin
customer-reviews-woocommerce <= 5.15.0
Vulnerability Type:
Local File Inclusion (LFI)
The plugin does not validate one of its shortcode attribute, which could allow users with a contributor role and above to include arbitrary files via a traversal attack. This could also allow them to read non PHP files and retrieve their content. RCE could also be achieved if the attacker manage to upload a malicious image containing PHP code, and then include it via the affected attribute, on a default WordPress install, authors could easily achieve that given that they have the upload_file capability.
CVE ID:
CVE-2023-0282
WordPress Plugin
yourchannel <= 1.2.1
Vulnerability Type:
Broken Access Control, Cross-Site Request Forgery (CSRF), Cross-Site Scripting (XSS)
The plugin does not sanitize and escape some parameters, which could allow users with a role as low as subscriber to perform Cross-Site Scripting (XSS) attacks.
CVE ID:
CVE-2023-0336
WordPress Plugin
ooohboi-steroids-for-elementor <= 2.1.4
Vulnerability Type:
Broken Access Control, Cross-Site Request Forgery (CSRF)
The plugin has Cross-Site Request Forgery (CSRF) and broken access control vulnerabilities which leads user with role as low as subscriber to delete attachment.
CVE ID:
CVE-2023-0505
WordPress Plugin
ever-compare <= 1.2.3
Vulnerability Type:
Cross-Site Request Forgery (CSRF)
The plugin does not have Cross-Site Request Forgery (CSRF) check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a Cross-Site Request Forgery (CSRF) attack.
CVE ID:
CVE-2023-0504
WordPress Plugin
wp-politic <= 2.3.7
Vulnerability Type:
Cross-Site Request Forgery (CSRF)
The plugin does not have Cross-Site Request Forgery (CSRF) check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a Cross-Site Request Forgery (CSRF) attack.