Security Vulnerabilities - CVEs Published In October 2022
The WordPress Classifieds Plugin WordPress plugin before 4.3 does not properly sanitise and escape some parameters before using them in a SQL statement via an AJAX action available to unauthenticated users and when a specific premium module is active, leading to a SQL injection
CVSS Score
9.8
EPSS Score
0.167
Published
2022-10-31
The Easy WP SMTP WordPress plugin before 1.5.0 unserialises the content of an imported file, which could lead to PHP object injection issue when an admin import (intentionally or not) a malicious file and a suitable gadget chain is present on the blog.
CVSS Score
7.2
EPSS Score
0.003
Published
2022-10-31
The Smart Slider 3 WordPress plugin before 3.5.1.11 unserialises the content of an imported file, which could lead to PHP object injection issues when a user import (intentionally or not) a malicious file, and a suitable gadget chain is present on the site.
CVSS Score
8.8
EPSS Score
0.131
Published
2022-10-31
The LearnPress WordPress plugin before 4.1.7.2 unserialises user input in a REST API endpoint available to unauthenticated users, which could lead to PHP Object Injection when a suitable gadget is present, leadint to remote code execution (RCE). To successfully exploit this vulnerability attackers must have knowledge of the site secrets, allowing them to generate a valid hash via the wp_hash() function.
CVSS Score
8.1
EPSS Score
0.09
Published
2022-10-31
The PublishPress Capabilities WordPress plugin before 2.5.2, PublishPress Capabilities Pro WordPress plugin before 2.5.2 unserializes the content of imported files, which could lead to PHP object injection attacks by administrators, on multisite WordPress configurations. Successful exploitation in this case requires other plugins with a suitable gadget chain to be present on the site.
CVSS Score
7.2
EPSS Score
0.003
Published
2022-10-31
The Ocean Extra WordPress plugin before 2.0.5 unserialises the content of an imported file, which could lead to PHP object injections issues when a high privilege user import (intentionally or not) a malicious Customizer Styling file and a suitable gadget chain is present on the blog.
CVSS Score
7.2
EPSS Score
0.002
Published
2022-10-31
The Customizer Export/Import WordPress plugin before 0.9.5 unserializes the content of an imported file, which could lead to PHP object injection issues when an admin imports (intentionally or not) a malicious file and a suitable gadget chain is present on the blog.
CVSS Score
7.2
EPSS Score
0.003
Published
2022-10-31
The WP Word Count WordPress plugin through 3.2.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed.
CVSS Score
4.8
EPSS Score
0.001
Published
2022-10-31
The Automatic User Roles Switcher WordPress plugin before 1.1.2 does not have authorisation and proper CSRF checks, allowing any authenticated users like subscriber to add any role to themselves, such as administrator
CVSS Score
6.5
EPSS Score
0.001
Published
2022-10-31
The Official Integration for Billingo WordPress plugin before 3.4.0 does not sanitise and escape some of its settings, which could allow high privilege users with a role as low as Shop Manager to perform Stored Cross-Site Scripting attacks.
CVSS Score
4.8
EPSS Score
0.001
Published
2022-10-31