CVE-2025-1570

CVE-2025-1570

Título es
CVE-2025-1570

Vie, 28/02/2025 – 09:15

Tipo
CWE-640

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2025-1570

Descripción en
The Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 8.1. This is due to the directorist_generate_password_reset_pin_code() and reset_user_password() functions not having enough controls to prevent a successful brute force attack of the OTP to change a password, or verify that a password reset request came from an authorized user. This makes it possible for unauthenticated attackers to generate and brute force an OTP that makes it possible to change any users passwords, including an administrator.

28/02/2025

28/02/2025

Vector CVSS:3.1
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Gravedad 3.1 (CVSS 3.1 Base Score)
8.10

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
HIGH

Referencias


  • https://plugins.trac.wordpress.org/changeset/3246340/directorist

  • https://www.wordfence.com/threat-intel/vulnerabilities/id/853562ed-7f2e-453c-b3d0-67c90bd0231f?source=cve

    • Enviar en el boletín
    Off

    CVE-2025-1560

    CVE-2025-1560

    Título es
    CVE-2025-1560

    Vie, 28/02/2025 – 09:15

    Tipo
    CWE-79

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2025-1560

    Descripción en
    The WOW Entrance Effects (WEE!) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wee' shortcode in all versions up to, and including, 0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

    28/02/2025

    28/02/2025

    Vector CVSS:3.1
    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

    Gravedad 3.1 (CVSS 3.1 Base Score)
    6.40

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    MEDIUM

    Referencias


  • https://plugins.trac.wordpress.org/browser/wow-entrance-effects-wee/trunk/wee.php

  • https://wordpress.org/plugins/wow-entrance-effects-wee/

  • https://www.wordfence.com/threat-intel/vulnerabilities/id/423e840e-0bc2-4481-afff-61ace85788d3?source=cve

    • Enviar en el boletín
    Off

    CVE-2024-10860

    CVE-2024-10860

    Título es
    CVE-2024-10860

    Vie, 28/02/2025 – 10:15

    Tipo
    CWE-862

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-10860

    Descripción en
    The NextMove Lite – Thank You Page for WooCommerce plugin for WordPress is vulnerable to unauthorized submission of data due to a missing capability check on the _submit_uninstall_reason_action() function in all versions up to, and including, 2.19.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to submit a deactivation reason on behalf of a site.

    28/02/2025

    28/02/2025

    Vector CVSS:3.1
    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

    Gravedad 3.1 (CVSS 3.1 Base Score)
    4.30

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    MEDIUM

    Referencias


  • https://plugins.trac.wordpress.org/changeset/3246927/

  • https://www.wordfence.com/threat-intel/vulnerabilities/id/5cefecf8-46dc-4ae1-9e94-b724beb7136f?source=cve

    • Enviar en el boletín
    Off

    CVE-2024-12820

    CVE-2024-12820

    Título es
    CVE-2024-12820

    Vie, 28/02/2025 – 06:15

    Tipo
    CWE-79

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-12820

    Descripción en
    The MK Google Directions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'MKGD' shortcode in all versions up to, and including, 3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

    28/02/2025

    28/02/2025

    Vector CVSS:3.1
    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

    Gravedad 3.1 (CVSS 3.1 Base Score)
    6.40

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    MEDIUM

    Referencias


  • https://plugins.trac.wordpress.org/changeset/3246361/google-distance-calculator/tags/3.1.1/mk-google-directions.php?old=3046209&old_path=google-distance-calculator/tags/3.1/mk-google-directions.php

  • https://www.wordfence.com/threat-intel/vulnerabilities/id/23b3570c-cd8e-4dec-bbad-6374c44530bd?source=cve

    • Enviar en el boletín
    Off

    CVE-2025-1513

    CVE-2025-1513

    Título es
    CVE-2025-1513

    Vie, 28/02/2025 – 06:15

    Tipo
    CWE-79

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2025-1513

    Descripción en
    The Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal or Stripe, Social Share Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Name and Comment field when commenting on photo gallery entries in all versions up to, and including, 26.0.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

    28/02/2025

    28/02/2025

    Vector CVSS:3.1
    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

    Gravedad 3.1 (CVSS 3.1 Base Score)
    7.20

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    HIGH

    Referencias


  • https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3245199%40contest-gallery&new=3245199%40contest-gallery

  • https://www.wordfence.com/threat-intel/vulnerabilities/id/1b5cf360-0163-4a7c-8979-ec89ec80ad62?source=cve

    • Enviar en el boletín
    Off

    CVE-2025-1511

    CVE-2025-1511

    Título es
    CVE-2025-1511

    Vie, 28/02/2025 – 06:15

    Tipo
    CWE-79

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2025-1511

    Descripción en
    The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 's' parameter in all versions up to, and including, 4.0.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

    28/02/2025

    28/02/2025

    Vector CVSS:3.1
    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

    Gravedad 3.1 (CVSS 3.1 Base Score)
    6.10

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    MEDIUM

    Referencias


  • https://plugins.trac.wordpress.org/browser/user-registration/tags/4.0.2/modules/membership/includes/Admin/Membership/ListTable.php#L246

  • https://plugins.trac.wordpress.org/changeset/3246826/user-registration/tags/4.1.0/modules/membership/includes/Admin/Membership/ListTable.php

  • https://www.wordfence.com/threat-intel/vulnerabilities/id/0e0bee7c-8dce-421c-af16-7e5152797e6c?source=cve

    • Enviar en el boletín
    Off

    CVE-2025-1506

    CVE-2025-1506

    Título es
    CVE-2025-1506

    Vie, 28/02/2025 – 06:15

    Tipo
    CWE-352

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2025-1506

    Descripción en
    The Wp Social Login and Register Social Counter plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.0. This is due to missing or incorrect nonce validation on the counter_access_key_setup() function. This makes it possible for unauthenticated attackers to update social login provider settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

    28/02/2025

    28/02/2025

    Vector CVSS:3.1
    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

    Gravedad 3.1 (CVSS 3.1 Base Score)
    4.30

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    MEDIUM

    Referencias


  • https://plugins.trac.wordpress.org/browser/wp-social/tags/3.0.9/inc/counter.php#L189

  • https://plugins.trac.wordpress.org/changeset/3246155/wp-social/trunk/inc/counter.php

  • https://www.wordfence.com/threat-intel/vulnerabilities/id/669833b3-1689-4051-8990-c6eddae4858f?source=cve

    • Enviar en el boletín
    Off

    CVE-2025-0764

    CVE-2025-0764

    Título es
    CVE-2025-0764

    Vie, 28/02/2025 – 07:15

    Tipo
    CWE-20

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2025-0764

    Descripción en
    The wpForo Forum plugin for WordPress is vulnerable to arbitrary file read due to insufficient input validation in the 'update' method of the 'Members' class in all versions up to, and including, 2.4.1. This makes it possible for authenticated attackers, with subscriber-level privileges or higher, to read arbitrary files on the server.

    28/02/2025

    28/02/2025

    Vector CVSS:3.1
    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

    Gravedad 3.1 (CVSS 3.1 Base Score)
    6.50

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    MEDIUM

    Referencias


  • https://plugins.trac.wordpress.org/changeset/3245711/wpforo

  • https://www.wordfence.com/threat-intel/vulnerabilities/id/8cd8ffcb-0a24-4e0a-a9f9-23501742715f?source=cve

    • Enviar en el boletín
    Off

    CVE-2025-1571

    CVE-2025-1571

    Título es
    CVE-2025-1571

    Vie, 28/02/2025 – 07:15

    Tipo
    CWE-79

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2025-1571

    Descripción en
    The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Animated Text and Image Comparison Widgets in all versions up to, and including, 2.7.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

    28/02/2025

    28/02/2025

    Vector CVSS:3.1
    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

    Gravedad 3.1 (CVSS 3.1 Base Score)
    6.40

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    MEDIUM

    Referencias


  • https://plugins.trac.wordpress.org/changeset/3245128/

  • Exclusive Addons for Elementor



  • https://www.wordfence.com/threat-intel/vulnerabilities/id/dd2ec0b3-2784-4506-99f4-05187527fe6d?source=cve

    • Enviar en el boletín
    Off

    CVE-2025-1405

    CVE-2025-1405

    Título es
    CVE-2025-1405

    Vie, 28/02/2025 – 07:15

    Tipo
    CWE-79

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2025-1405

    Descripción en
    The Product Catalog Simple plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's show_products shortcode in all versions up to, and including, 1.7.11 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

    28/02/2025

    28/02/2025

    Vector CVSS:3.1
    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

    Gravedad 3.1 (CVSS 3.1 Base Score)
    6.40

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    MEDIUM

    Referencias


  • https://plugins.trac.wordpress.org/changeset/3246414/

  • Product Catalog Simple



  • https://www.wordfence.com/threat-intel/vulnerabilities/id/c2ddd9a2-79d7-4f9c-9832-25c3363d3ce9?source=cve

    • Enviar en el boletín
    Off