Archives: Vulnerabilities
Input validation vulnerability in RESTful Content Syndication 1.5.0
The RESTful Content Syndication plugin for WordPress has a security vulnerability that could allow attackers to upload any type of file to a website using the plugin. This could potentially lead to remote code execution, but only if the attacker has Author-level access or higher. This vulnerability is more likely to be exploited by administrators who can also access the plugin’s settings, rather than contributor-level users.
Input validation vulnerability in Schema Scalpel 1.6.1
The plugin called Schema Scalpel for WordPress has a security issue called Stored Cross-Site Scripting. This happens when the plugin does not properly clean or protect user-supplied information before using it to create a type of code called JSON-LD schema markup. This could allow someone who is logged in with Contributor or higher access to put harmful code into a page that will run whenever someone else visits that page.
Access violation vulnerability in Folderly 0.3
The Folderly plugin for WordPress has a security issue that allows unauthorized changes to be made to data. This happens because the plugin does not have proper checks in place for the /wp-json/folderly/v1/config/clear-all-data REST API endpoint. This vulnerability exists in all versions up to and including 0.3. As a result, attackers with Author-level access or higher can potentially delete important data such as terms and categories.
Access violation vulnerability in Doccure Core 1.5.4
The Doccure Core plugin for WordPress has a security issue that could allow someone to gain more privileges than they should have. This is because the plugin lets new users set their own role or use a specific field to do so. As a result, someone who isn’t logged in could create an account with the highest level of access, giving them more control than they should have.
Access violation vulnerability in Service Finder Bookings 6.1
The Service Finder Bookings plugin for WordPress has a security issue that can allow unauthorized access to user accounts. This is because the plugin does not properly check a user’s identity before allowing them to change their email address. This means that attackers with certain levels of access can change the email address of any user, including administrators, and use that to reset their password and gain access to their account.