CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In November 2021

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1101 CVE-2021-24708 79 XSS 2021-11-08 2021-11-10
3.5
None Remote Medium ??? None Partial None
The Export any WordPress data to XML/CSV WordPress plugin before 1.3.1 does not escape its Export's Name before outputting it in Manage Exports settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
1102 CVE-2021-24706 79 XSS 2021-11-08 2021-11-10
3.5
None Remote Medium ??? None Partial None
The Qwizcards – online quizzes and flashcards WordPress plugin before 3.62 does not properly sanitize and escape some of its settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
1103 CVE-2021-24703 732 CSRF 2021-11-23 2021-12-15
3.5
None Remote Medium ??? None Partial None
The Download Plugin WordPress plugin before 1.6.1 does not have capability and CSRF checks in the dpwap_plugin_activate AJAX action, allowing any authenticated users, such as subscribers, to activate plugins that are already installed.
1104 CVE-2021-24701 79 XSS 2021-11-08 2021-11-10
3.5
None Remote Medium ??? None Partial None
The Quiz Tool Lite WordPress plugin through 2.3.15 does not sanitize multiple input fields used when creating or managing quizzes and in other setting options, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
1105 CVE-2021-24700 79 XSS 2021-11-23 2021-11-24
3.5
None Remote Medium ??? None Partial None
The Forminator WordPress plugin before 1.15.4 does not sanitize and escape the email field label, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed
1106 CVE-2021-24698 2021-11-08 2021-11-11
4.0
None Remote Low ??? None Partial None
The Simple Download Monitor WordPress plugin before 3.9.6 allows users with a role as low as Contributor to remove thumbnails from downloads they do not own, even if they cannot normally edit the download.
1107 CVE-2021-24697 79 XSS 2021-11-08 2021-11-11
4.3
None Remote Medium Not required None Partial None
The Simple Download Monitor WordPress plugin before 3.9.5 does not escape the 1) sdm_active_tab GET parameter and 2) sdm_stats_start_date/sdm_stats_end_date POST parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues
1108 CVE-2021-24695 200 +Info 2021-11-08 2021-11-10
5.0
None Remote Low Not required Partial None None
The Simple Download Monitor WordPress plugin before 3.9.6 saves logs in a predictable location, and does not have any authentication or authorisation in place to prevent unauthenticated users to download and read the logs containing Sensitive Information such as IP Addresses and Usernames
1109 CVE-2021-24693 79 Exec Code XSS 2021-11-08 2021-11-10
6.0
None Remote Medium ??? Partial Partial Partial
The Simple Download Monitor WordPress plugin before 3.9.5 does not escape the "File Thumbnail" post meta before outputting it in some pages, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks. Given the that XSS is triggered even when the Download is in a review state, contributor could make JavaScript code execute in a context of a reviewer such as admin and make them create a rogue admin account, or install a malicious plugin
1110 CVE-2021-24685 352 XSS 2021-11-01 2021-11-02
5.0
None Remote Low Not required None Partial None
The Flat Preloader WordPress plugin before 1.5.4 does not enforce nonce checks when saving its settings, as well as does not sanitise and escape them, which could allow attackers to a make logged in admin change them with a Cross-Site Scripting payload (triggered either in the frontend or backend depending on the payload)
1111 CVE-2021-24682 79 XSS 2021-11-01 2021-11-02
3.5
None Remote Medium ??? None Partial None
The Cool Tag Cloud WordPress plugin before 2.26 does not escape the style attribute of the cool_tag_cloud shortcode, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks.
1112 CVE-2021-24674 352 CSRF 2021-11-08 2021-11-10
4.3
None Remote Medium Not required None Partial None
The Genie WP Favicon WordPress plugin through 0.5.2 does not have CSRF in place when updating the favicon, which could allow attackers to make a logged in admin change it via a CSRF attack
1113 CVE-2021-24669 89 Sql 2021-11-08 2021-11-10
6.5
None Remote Low ??? Partial Partial Partial
The MAZ Loader – Preloader Builder for WordPress plugin before 1.3.3 does not validate or escape the loader_id parameter of the mzldr shortcode, which allows users with a role as low as Contributor to perform SQL injection.
1114 CVE-2021-24668 352 CSRF 2021-11-23 2022-03-24
4.3
None Remote Medium Not required None Partial None
The MAZ Loader WordPress plugin before 1.4.1 does not enforce nonce checks, which allows attackers to make administrators delete arbitrary loaders via a CSRF attack
1115 CVE-2021-24664 79 XSS 2021-11-08 2021-11-17
3.5
None Remote Medium ??? None Partial None
The School Management System – WPSchoolPress WordPress plugin before 2.1.17 sanitise some fields using sanitize_text_field() but does not escape them before outputting in attributes, resulting in Stored Cross-Site Scripting issues.
1116 CVE-2021-24647 287 2021-11-08 2021-11-10
6.8
None Remote Medium Not required Partial Partial Partial
The Registration Forms – User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes WordPress plugin before 3.1.7.6 has a flaw in the social login implementation, allowing unauthenticated attacker to login as any user on the site by only knowing their user ID or username
1117 CVE-2021-24646 79 XSS 2021-11-08 2022-01-04
3.5
None Remote Medium ??? None Partial None
The Booking.com Banner Creator WordPress plugin before 1.4.3 does not properly sanitize inputs when creating banners, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
1118 CVE-2021-24645 79 XSS 2021-11-08 2022-01-04
3.5
None Remote Medium ??? None Partial None
The Booking.com Product Helper WordPress plugin before 1.0.2 does not sanitize and escape Product Code when creating Product Shortcode, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
1119 CVE-2021-24644 22 Dir. Trav. File Inclusion 2021-11-23 2021-11-24
5.0
None Remote Low Not required Partial None None
The Images to WebP WordPress plugin before 1.9 does not validate or sanitise the tab parameter before passing it to the include() function, which could lead to a Local File Inclusion issue
1120 CVE-2021-24641 352 CSRF 2021-11-23 2021-11-24
5.8
None Remote Medium Not required None Partial Partial
The Images to WebP WordPress plugin before 1.9 does not have CSRF checks in place when performing some administrative actions, which could result in modification of plugin settings, Denial-of-Service, as well as arbitrary image conversion
1121 CVE-2021-24631 89 Sql 2021-11-08 2021-11-10
6.5
None Remote Low ??? Partial Partial Partial
The Unlimited PopUps WordPress plugin through 4.5.3 does not sanitise or escape the did GET parameter before using it in a SQL statement, available to users as low as editor, leading to an authenticated SQL Injection
1122 CVE-2021-24630 89 Sql 2021-11-08 2021-11-10
6.5
None Remote Low ??? Partial Partial Partial
The Schreikasten WordPress plugin through 0.14.18 does not sanitise or escape the id GET parameter before using it in SQL statements in the comments dashboard from various actions, leading to authenticated SQL Injections which can be exploited by users as low as author
1123 CVE-2021-24629 89 Sql 2021-11-08 2021-11-10
6.5
None Remote Low ??? Partial Partial Partial
The Post Content XMLRPC WordPress plugin through 1.0 does not sanitise or escape multiple GET/POST parameters before using them in SQL statements in the admin dashboard, leading to an authenticated SQL Injections
1124 CVE-2021-24628 89 Sql 2021-11-08 2021-11-10
6.5
None Remote Low ??? Partial Partial Partial
The Wow Forms WordPress plugin through 3.1.3 does not sanitise or escape a 'did' GET parameter before using it in a SQL statement, when deleting a form in the admin dashboard, leading to an authenticated SQL injection
1125 CVE-2021-24627 89 Sql 2021-11-08 2021-11-10
6.5
None Remote Low ??? Partial Partial Partial
The G Auto-Hyperlink WordPress plugin through 1.0.1 does not sanitise or escape an 'id' GET parameter before using it in a SQL statement, to select data to be displayed in the admin dashboard, leading to an authenticated SQL injection
1126 CVE-2021-24626 89 Sql CSRF 2021-11-08 2021-11-10
6.5
None Remote Low ??? Partial Partial Partial
The Chameleon CSS WordPress plugin through 1.2 does not have any CSRF and capability checks in all its AJAX calls, allowing any authenticated user, such as subscriber to call them and perform unauthorised actions. One of AJAX call, remove_css, also does not sanitise or escape the css_id POST parameter before using it in a SQL statement, leading to a SQL Injection
1127 CVE-2021-24625 89 Sql 2021-11-08 2021-11-10
6.5
None Remote Low ??? Partial Partial Partial
The SpiderCatalog WordPress plugin through 1.7.3 does not sanitise or escape the 'parent' and 'ordering' parameters from the admin dashboard before using them in a SQL statement, leading to a SQL injection when adding a category
1128 CVE-2021-24624 79 XSS 2021-11-01 2021-11-02
3.5
None Remote Medium ??? None Partial None
The MP3 Audio Player for Music, Radio & Podcast by Sonaar WordPress plugin before 2.4.2 does not properly sanitize or escape data in some of its Playlist settings, allowing high privilege users to perform Cross-Site Scripting attacks
1129 CVE-2021-24616 79 XSS 2021-11-08 2021-11-10
3.5
None Remote Medium ??? None Partial None
The AddToAny Share Buttons WordPress plugin before 1.7.48 does not escape its Image URL button setting, which could lead allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
1130 CVE-2021-24607 79 XSS 2021-11-08 2021-11-10
3.5
None Remote Medium ??? None Partial None
The Storefront Footer Text WordPress plugin through 1.0.1 does not sanitize and escape the "Footer Credit Text" added to pages, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered-html capability is disallowed.
1131 CVE-2021-24598 79 XSS 2021-11-17 2021-11-19
3.5
None Remote Medium ??? None Partial None
The Testimonial WordPress plugin before 1.6.0 does not escape some testimonial fields which could allow high privilege users to perform Cross Site Scripting attacks even when the unfiltered_html capability is disallowed
1132 CVE-2021-24594 79 XSS 2021-11-08 2021-11-10
3.5
None Remote Medium ??? None Partial None
The Translate WordPress – Google Language Translator WordPress plugin before 6.0.12 does not sanitise and escape some of its settings before outputting it in various pages, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
1133 CVE-2021-24575 89 Sql 2021-11-08 2021-11-10
6.5
None Remote Low ??? Partial Partial Partial
The School Management System – WPSchoolPress WordPress plugin before 2.1.10 does not properly sanitize or use prepared statements before using POST variable in SQL queries, leading to SQL injection in multiple actions available to various authenticated users, from simple subscribers/students to teachers and above.
1134 CVE-2021-24572 352 CSRF 2021-11-01 2021-11-03
4.3
None Remote Medium Not required None Partial None
The Accept Donations with PayPal WordPress plugin before 1.3.1 provides a function to create donation buttons which are internally stored as posts. The deletion of a button is not CSRF protected and there is no control to check if the deleted post was a button post. As a result, an attacker could make logged in admins delete arbitrary posts
1135 CVE-2021-24570 352 XSS CSRF 2021-11-01 2021-11-03
4.3
None Remote Medium Not required None Partial None
The Accept Donations with PayPal WordPress plugin before 1.3.1 offers a function to create donation buttons, which internally are posts. The process to create a new button is lacking a CSRF check. An attacker could use this to make an authenticated admin create a new button. Furthermore, one of the Button field is not escaped before being output in an attribute when editing a Button, leading to a Stored Cross-Site Scripting issue as well.
1136 CVE-2021-24539 79 XSS 2021-11-01 2021-11-03
2.1
None Remote High ??? None Partial None
The Coming Soon, Under Construction & Maintenance Mode By Dazzler WordPress plugin before 1.6.7 does not sanitise or escape its description setting when outputting it in the frontend when the Coming Soon mode is enabled, even when the unfiltered_html capability is disallowed, leading to an authenticated Stored Cross-Site Scripting issue
1137 CVE-2021-24537 94 Exec Code 2021-11-08 2021-11-10
6.0
None Remote Medium ??? Partial Partial Partial
The Similar Posts WordPress plugin through 3.1.5 allow high privilege users to execute arbitrary PHP code in an hardened environment (ie with DISALLOW_FILE_EDIT, DISALLOW_FILE_MODS and DISALLOW_UNFILTERED_HTML set to true) via the 'widget_rrm_similar_posts_condition' widget setting of the plugin.
1138 CVE-2021-23820 843 Bypass 2021-11-03 2021-11-05
7.5
None Remote Low Not required Partial Partial Partial
This affects all versions of package json-pointer. A type confusion vulnerability can lead to a bypass of CVE-2020-7709 when the pointer components are arrays.
1139 CVE-2021-23807 843 Bypass 2021-11-03 2021-11-05
7.5
None Remote Low Not required Partial Partial Partial
This affects the package jsonpointer before 5.0.0. A type confusion vulnerability can lead to a bypass of a previous Prototype Pollution fix when the pointer components are arrays.
1140 CVE-2021-23784 79 XSS 2021-11-03 2021-11-05
4.3
None Remote Medium Not required None Partial None
This affects the package tempura before 0.4.0. If the input to the esc function is of type object (i.e an array) it is returned without being escaped/sanitized, leading to a potential Cross-Site Scripting vulnerability.
1141 CVE-2021-23732 78 Exec Code 2021-11-22 2022-03-29
9.3
None Remote Medium Not required Complete Complete Complete
This affects all versions of package docker-cli-js. If the command parameter of the Docker.command method can at least be partially controlled by a user, they will be in a position to execute any arbitrary OS commands on the host system.
1142 CVE-2021-23718 918 2021-11-22 2021-12-15
5.0
None Remote Low Not required Partial None None
The package ssrf-agent before 1.0.5 are vulnerable to Server-side Request Forgery (SSRF) via the defaultIpChecker function. It fails to properly validate if the IP requested is private.
1143 CVE-2021-23673 79 Exec Code XSS 2021-11-22 2021-11-24
4.3
None Remote Medium Not required None Partial None
This affects all versions of package pekeupload. If an attacker induces a user to upload a file whose name contains javascript code, the javascript code will be executed.
1144 CVE-2021-23654 1236 Exec Code 2021-11-26 2021-12-20
7.5
None Remote Low Not required Partial Partial Partial
This affects all versions of package html-to-csv. When there is a formula embedded in a HTML page, it gets accepted without any validation and the same would be pushed while converting it into a CSV file. Through this a malicious actor can embed or generate a malicious link or execute commands via CSV files.
1145 CVE-2021-23624 843 Bypass 2021-11-03 2021-11-05
7.5
None Remote Low Not required Partial Partial Partial
This affects the package dotty before 0.1.2. A type confusion vulnerability can lead to a bypass of CVE-2021-25912 when the user-provided keys used in the path parameter are arrays.
1146 CVE-2021-23509 843 Bypass 2021-11-03 2021-11-05
7.5
None Remote Low Not required Partial Partial Partial
This affects the package json-ptr before 3.0.0. A type confusion vulnerability can lead to a bypass of CVE-2020-7766 when the user-provided keys used in the pointer parameter are arrays.
1147 CVE-2021-23472 843 Bypass 2021-11-03 2021-11-28
4.3
None Remote Medium Not required None Partial None
This affects versions before 1.19.1 of package bootstrap-table. A type confusion vulnerability can lead to a bypass of input sanitization when the input provided to the escapeHTML function is an array (instead of a string) even if the escape attribute is set.
1148 CVE-2021-23433 915 2021-11-19 2021-11-23
6.8
None Remote Medium Not required Partial Partial Partial
The package algoliasearch-helper before 3.6.2 are vulnerable to Prototype Pollution due to use of the merge function in src/SearchParameters/index.jsSearchParameters._parseNumbers without any protection against prototype properties. Note that this vulnerability is only exploitable if the implementation allows users to define arbitrary search patterns.
1149 CVE-2021-23219 2021-11-20 2022-02-24
1.9
None Local Medium Not required Partial None None
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to access protected information by identifying, exploiting, and loading vulnerable microcode. Such an attack may lead to information disclosure.
1150 CVE-2021-23217 Exec Code 2021-11-20 2022-02-24
6.9
None Local Medium Not required Complete Complete Complete
NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to instantiate a DMA write operation only within a specific time window timed to corrupt code execution, which may impact confidentiality, integrity, or availability. The scope impact may extend to other components.
Total number of vulnerabilities : 1511   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (This Page)24 25 26 27 28 29 30 31
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.