Security Vulnerabilities - CVEs Published In April 2021
When visiting a site running Web-Stat < 1.4.0, the "wts_web_stat_load_init" function used the visitor’s browser to send an XMLHttpRequest request to https://wts2.one/ajax.htm?action=lookup_WP_account.
CVSS Score
7.5
EPSS Score
0.006
Published
2021-04-05
The Easy Contact Form Pro WordPress plugin before 1.1.1.9 did not properly sanitise the text fields (such as Email Subject, Email Recipient, etc) when creating or editing a form, leading to an authenticated (author+) stored cross-site scripting issue. This could allow medium privilege accounts (such as author and editor) to perform XSS attacks against high privilege ones like administrator.
CVSS Score
5.4
EPSS Score
0.003
Published
2021-04-05
This Advanced Order Export For WooCommerce WordPress plugin before 3.1.8 helps you to easily export WooCommerce order data. The tab parameter in the Admin Panel is vulnerable to reflected XSS.
CVSS Score
6.1
EPSS Score
0.051
Published
2021-04-05
The REST API endpoint get_users in the User Profile Picture WordPress plugin before 2.5.0 returned more information than was required for its functionality to users with the upload_files capability. This included password hashes, hashed user activation keys, usernames, emails, and other less sensitive information.
CVSS Score
7.5
EPSS Score
0.287
Published
2021-04-05
The WooCommerce Upload Files WordPress plugin before 59.4 ran a single sanitization pass to remove blocked extensions such as .php. It was possible to bypass this and upload a file with a PHP extension by embedding a "blocked" extension within another "blocked" extension in the "wcuf_file_name" parameter. It was also possible to perform a double extension attack and upload files to a different location via path traversal using the "wcuf_current_upload_session_id" parameter.
CVSS Score
9.8
EPSS Score
0.009
Published
2021-04-05
The VM Backups WordPress plugin through 1.0 does not have CSRF checks, allowing attackers to make a logged in user unwanted actions, such as generate backups of the DB, plugins, and current .
CVSS Score
4.3
EPSS Score
0.001
Published
2021-04-05
The VM Backups WordPress plugin through 1.0 does not have CSRF checks, allowing attackers to make a logged in user unwanted actions, such as update the plugin's options, leading to a Stored Cross-Site Scripting issue.
CVSS Score
6.1
EPSS Score
0.001
Published
2021-04-05
The LikeBtn WordPress Like Button Rating ♥ LikeBtn WordPress plugin before 2.6.32 was vulnerable to Unauthenticated Full-Read Server-Side Request Forgery (SSRF).
CVSS Score
7.5
EPSS Score
0.417
Published
2021-04-05
The "All Subscribers" setting page of Popup Builder was vulnerable to reflected Cross-Site Scripting.
CVSS Score
6.1
EPSS Score
0.002
Published
2021-04-05
A Stored Cross-Site Scripting vulnerability was discovered in the Yoast SEO WordPress plugin before 3.4.1, which had built-in blacklist filters which were blacklisting Parenthesis as well as several functions such as alert but bypasses were found.
CVSS Score
5.4
EPSS Score
0.003
Published
2021-04-05