Common Vulnerabilities

In the Lana Codes Common Vulnerability Database (LANACOMMONVDB), we collect the vulnerabilities we discover in other systems and provide standard descriptions.

CVE ID:

CVE-2022-43472

WordPress Plugin

eroom-zoom-meetings-webinar <= 1.4.6

Vulnerability Type:

Broken Access Control, Cross-Site Request Forgery (CSRF), Sensitive Data Disclosure

The plugin does not have authorisation and Cross-Site Request Forgery (CSRF) check in the stm_wpcfto_get_settings AJAX action, which could allow any authenticated users to call it and retrieve meeting’s data.

CVE ID:

CVE-2022-41655

WordPress Plugin

phone-orders-for-woocommerce <= 3.7.1

Vulnerability Type:

Broken Access Control, Cross-Site Request Forgery (CSRF), Sensitive Data Disclosure

The plugin does not have authorisation and Cross-Site Request Forgery (CSRF) check in the phone-orders-for-woocommerce AJAX action, which could allow any authenticated users to call it and retrieve user’s personal data.

CVE ID:

CVE-2020-36656

WordPress Plugin

ultimate-addons-for-gutenberg <= 1.14.11

Vulnerability Type:

Cross-Site Scripting (XSS)

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

CVE ID:

CVE-2023-0220

WordPress Plugin

booking-system <= 2.9.9.2.8

Vulnerability Type:

SQL Injection

The plugin does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber.

CVE ID:

CVE-2023-0335

WordPress Plugin

wp-shamsi <= 4.3.3

Vulnerability Type:

Broken Access Control, Cross-Site Request Forgery (CSRF)

The plugin has Cross-Site Request Forgery (CSRF) and broken access control vulnerabilities which leads user with role as low as subscriber to delete attachment.

CVE ID:

CVE-2023-0080

WordPress Plugin

customer-reviews-woocommerce <= 5.15.0

Vulnerability Type:

Local File Inclusion (LFI)

The plugin does not validate one of its shortcode attribute, which could allow users with a contributor role and above to include arbitrary files via a traversal attack. This could also allow them to read non PHP files and retrieve their content. RCE could also be achieved if the attacker manage to upload a malicious image containing PHP code, and then include it via the affected attribute, on a default WordPress install, authors could easily achieve that given that they have the upload_file capability.

CVE ID:

CVE-2023-0282

WordPress Plugin

yourchannel <= 1.2.1

Vulnerability Type:

Broken Access Control, Cross-Site Request Forgery (CSRF), Cross-Site Scripting (XSS)

The plugin does not sanitize and escape some parameters, which could allow users with a role as low as subscriber to perform Cross-Site Scripting (XSS) attacks.

CVE ID:

CVE-2023-0336

WordPress Plugin

ooohboi-steroids-for-elementor <= 2.1.4

Vulnerability Type:

Broken Access Control, Cross-Site Request Forgery (CSRF)

The plugin has Cross-Site Request Forgery (CSRF) and broken access control vulnerabilities which leads user with role as low as subscriber to delete attachment.

CVE ID:

CVE-2023-0505

WordPress Plugin

ever-compare <= 1.2.3

Vulnerability Type:

Cross-Site Request Forgery (CSRF)

The plugin does not have Cross-Site Request Forgery (CSRF) check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a Cross-Site Request Forgery (CSRF) attack.

CVE ID:

CVE-2023-0504

WordPress Plugin

wp-politic <= 2.3.7

Vulnerability Type:

Cross-Site Request Forgery (CSRF)

The plugin does not have Cross-Site Request Forgery (CSRF) check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a Cross-Site Request Forgery (CSRF) attack.