Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
10 vulnerabilities by getigniteup
CVE-2022-0898 (GCVE-0-2022-0898)
Vulnerability from nvd – Published: 2022-05-09 16:50 – Updated: 2024-08-02 23:47
VLAI
Title
IgniteUp <= 3.4.1 - Admin+ Stored Cross-Site Scripting
Summary
The IgniteUp WordPress plugin through 3.4.1 does not sanitise and escape some fields when high privilege users don't have the unfiltered_html capability, which could lead to Stored Cross-Site Scripting issues
Severity
No CVSS data available.
CWE
- CWE-79 - Cross-site Scripting (XSS)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/f51d8345-3927-4b… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | IgniteUp – Coming Soon and Maintenance Mode |
Affected:
3.4.1 , ≤ 3.4.1
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:47:42.923Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/f51d8345-3927-4be2-8145-e201371c8c43"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "IgniteUp \u2013 Coming Soon and Maintenance Mode",
"vendor": "Unknown",
"versions": [
{
"lessThanOrEqual": "3.4.1",
"status": "affected",
"version": "3.4.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Kaushalendra Dubey"
}
],
"descriptions": [
{
"lang": "en",
"value": "The IgniteUp WordPress plugin through 3.4.1 does not sanitise and escape some fields when high privilege users don\u0027t have the unfiltered_html capability, which could lead to Stored Cross-Site Scripting issues"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-09T16:50:39.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/f51d8345-3927-4be2-8145-e201371c8c43"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "IgniteUp \u003c= 3.4.1 - Admin+ Stored Cross-Site Scripting",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2022-0898",
"STATE": "PUBLIC",
"TITLE": "IgniteUp \u003c= 3.4.1 - Admin+ Stored Cross-Site Scripting"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "IgniteUp \u2013 Coming Soon and Maintenance Mode",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "3.4.1",
"version_value": "3.4.1"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Kaushalendra Dubey"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The IgniteUp WordPress plugin through 3.4.1 does not sanitise and escape some fields when high privilege users don\u0027t have the unfiltered_html capability, which could lead to Stored Cross-Site Scripting issues"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/f51d8345-3927-4be2-8145-e201371c8c43",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/f51d8345-3927-4be2-8145-e201371c8c43"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2022-0898",
"datePublished": "2022-05-09T16:50:40.000Z",
"dateReserved": "2022-03-09T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:47:42.923Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-17237 (GCVE-0-2019-17237)
Vulnerability from nvd – Published: 2019-11-12 16:53 – Updated: 2024-08-05 01:33
VLAI
Summary
includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows CSRF.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://wordpress.org/plugins/igniteup/#developers | x_refsource_MISC |
| https://blog.nintechnet.com/multiple-vulnerabilit… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:33:17.304Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/igniteup/#developers"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-igniteup-coming-soon-and-maintenance-mode-plugin/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows CSRF."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-12T16:53:32.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/igniteup/#developers"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-igniteup-coming-soon-and-maintenance-mode-plugin/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17237",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows CSRF."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/igniteup/#developers",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/igniteup/#developers"
},
{
"name": "https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-igniteup-coming-soon-and-maintenance-mode-plugin/",
"refsource": "MISC",
"url": "https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-igniteup-coming-soon-and-maintenance-mode-plugin/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-17237",
"datePublished": "2019-11-12T16:53:32.000Z",
"dateReserved": "2019-10-06T00:00:00.000Z",
"dateUpdated": "2024-08-05T01:33:17.304Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-17236 (GCVE-0-2019-17236)
Vulnerability from nvd – Published: 2019-11-12 16:52 – Updated: 2024-08-05 01:33
VLAI
Summary
includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress is vulnerable to stored XSS.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://wordpress.org/plugins/igniteup/#developers | x_refsource_MISC |
| https://blog.nintechnet.com/multiple-vulnerabilit… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:33:17.308Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/igniteup/#developers"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-igniteup-coming-soon-and-maintenance-mode-plugin/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress is vulnerable to stored XSS."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-12T16:52:46.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/igniteup/#developers"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-igniteup-coming-soon-and-maintenance-mode-plugin/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17236",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress is vulnerable to stored XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/igniteup/#developers",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/igniteup/#developers"
},
{
"name": "https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-igniteup-coming-soon-and-maintenance-mode-plugin/",
"refsource": "MISC",
"url": "https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-igniteup-coming-soon-and-maintenance-mode-plugin/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-17236",
"datePublished": "2019-11-12T16:52:46.000Z",
"dateReserved": "2019-10-06T00:00:00.000Z",
"dateUpdated": "2024-08-05T01:33:17.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-17235 (GCVE-0-2019-17235)
Vulnerability from nvd – Published: 2019-11-12 16:50 – Updated: 2024-08-05 01:33
VLAI
Summary
includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows information disclosure.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://wordpress.org/plugins/igniteup/#developers | x_refsource_MISC |
| https://blog.nintechnet.com/multiple-vulnerabilit… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:33:17.295Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/igniteup/#developers"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-igniteup-coming-soon-and-maintenance-mode-plugin/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows information disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-12T16:50:29.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/igniteup/#developers"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-igniteup-coming-soon-and-maintenance-mode-plugin/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17235",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows information disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/igniteup/#developers",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/igniteup/#developers"
},
{
"name": "https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-igniteup-coming-soon-and-maintenance-mode-plugin/",
"refsource": "MISC",
"url": "https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-igniteup-coming-soon-and-maintenance-mode-plugin/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-17235",
"datePublished": "2019-11-12T16:50:29.000Z",
"dateReserved": "2019-10-06T00:00:00.000Z",
"dateUpdated": "2024-08-05T01:33:17.295Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-17234 (GCVE-0-2019-17234)
Vulnerability from nvd – Published: 2019-11-12 16:48 – Updated: 2024-08-05 01:33
VLAI
Summary
includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows unauthenticated arbitrary file deletion.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://wordpress.org/plugins/igniteup/#developers | x_refsource_MISC |
| https://blog.nintechnet.com/multiple-vulnerabilit… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:33:17.309Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/igniteup/#developers"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-igniteup-coming-soon-and-maintenance-mode-plugin/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows unauthenticated arbitrary file deletion."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-12T16:48:54.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/igniteup/#developers"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-igniteup-coming-soon-and-maintenance-mode-plugin/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17234",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows unauthenticated arbitrary file deletion."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/igniteup/#developers",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/igniteup/#developers"
},
{
"name": "https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-igniteup-coming-soon-and-maintenance-mode-plugin/",
"refsource": "MISC",
"url": "https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-igniteup-coming-soon-and-maintenance-mode-plugin/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-17234",
"datePublished": "2019-11-12T16:48:54.000Z",
"dateReserved": "2019-10-06T00:00:00.000Z",
"dateUpdated": "2024-08-05T01:33:17.309Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0898 (GCVE-0-2022-0898)
Vulnerability from cvelistv5 – Published: 2022-05-09 16:50 – Updated: 2024-08-02 23:47
VLAI
Title
IgniteUp <= 3.4.1 - Admin+ Stored Cross-Site Scripting
Summary
The IgniteUp WordPress plugin through 3.4.1 does not sanitise and escape some fields when high privilege users don't have the unfiltered_html capability, which could lead to Stored Cross-Site Scripting issues
Severity
No CVSS data available.
CWE
- CWE-79 - Cross-site Scripting (XSS)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/f51d8345-3927-4b… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | IgniteUp – Coming Soon and Maintenance Mode |
Affected:
3.4.1 , ≤ 3.4.1
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:47:42.923Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/f51d8345-3927-4be2-8145-e201371c8c43"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "IgniteUp \u2013 Coming Soon and Maintenance Mode",
"vendor": "Unknown",
"versions": [
{
"lessThanOrEqual": "3.4.1",
"status": "affected",
"version": "3.4.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Kaushalendra Dubey"
}
],
"descriptions": [
{
"lang": "en",
"value": "The IgniteUp WordPress plugin through 3.4.1 does not sanitise and escape some fields when high privilege users don\u0027t have the unfiltered_html capability, which could lead to Stored Cross-Site Scripting issues"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-09T16:50:39.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/f51d8345-3927-4be2-8145-e201371c8c43"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "IgniteUp \u003c= 3.4.1 - Admin+ Stored Cross-Site Scripting",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2022-0898",
"STATE": "PUBLIC",
"TITLE": "IgniteUp \u003c= 3.4.1 - Admin+ Stored Cross-Site Scripting"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "IgniteUp \u2013 Coming Soon and Maintenance Mode",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "3.4.1",
"version_value": "3.4.1"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Kaushalendra Dubey"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The IgniteUp WordPress plugin through 3.4.1 does not sanitise and escape some fields when high privilege users don\u0027t have the unfiltered_html capability, which could lead to Stored Cross-Site Scripting issues"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/f51d8345-3927-4be2-8145-e201371c8c43",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/f51d8345-3927-4be2-8145-e201371c8c43"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2022-0898",
"datePublished": "2022-05-09T16:50:40.000Z",
"dateReserved": "2022-03-09T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:47:42.923Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-17237 (GCVE-0-2019-17237)
Vulnerability from cvelistv5 – Published: 2019-11-12 16:53 – Updated: 2024-08-05 01:33
VLAI
Summary
includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows CSRF.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://wordpress.org/plugins/igniteup/#developers | x_refsource_MISC |
| https://blog.nintechnet.com/multiple-vulnerabilit… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:33:17.304Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/igniteup/#developers"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-igniteup-coming-soon-and-maintenance-mode-plugin/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows CSRF."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-12T16:53:32.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/igniteup/#developers"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-igniteup-coming-soon-and-maintenance-mode-plugin/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17237",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows CSRF."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/igniteup/#developers",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/igniteup/#developers"
},
{
"name": "https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-igniteup-coming-soon-and-maintenance-mode-plugin/",
"refsource": "MISC",
"url": "https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-igniteup-coming-soon-and-maintenance-mode-plugin/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-17237",
"datePublished": "2019-11-12T16:53:32.000Z",
"dateReserved": "2019-10-06T00:00:00.000Z",
"dateUpdated": "2024-08-05T01:33:17.304Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-17236 (GCVE-0-2019-17236)
Vulnerability from cvelistv5 – Published: 2019-11-12 16:52 – Updated: 2024-08-05 01:33
VLAI
Summary
includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress is vulnerable to stored XSS.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://wordpress.org/plugins/igniteup/#developers | x_refsource_MISC |
| https://blog.nintechnet.com/multiple-vulnerabilit… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:33:17.308Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/igniteup/#developers"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-igniteup-coming-soon-and-maintenance-mode-plugin/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress is vulnerable to stored XSS."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-12T16:52:46.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/igniteup/#developers"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-igniteup-coming-soon-and-maintenance-mode-plugin/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17236",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress is vulnerable to stored XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/igniteup/#developers",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/igniteup/#developers"
},
{
"name": "https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-igniteup-coming-soon-and-maintenance-mode-plugin/",
"refsource": "MISC",
"url": "https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-igniteup-coming-soon-and-maintenance-mode-plugin/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-17236",
"datePublished": "2019-11-12T16:52:46.000Z",
"dateReserved": "2019-10-06T00:00:00.000Z",
"dateUpdated": "2024-08-05T01:33:17.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-17235 (GCVE-0-2019-17235)
Vulnerability from cvelistv5 – Published: 2019-11-12 16:50 – Updated: 2024-08-05 01:33
VLAI
Summary
includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows information disclosure.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://wordpress.org/plugins/igniteup/#developers | x_refsource_MISC |
| https://blog.nintechnet.com/multiple-vulnerabilit… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:33:17.295Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/igniteup/#developers"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-igniteup-coming-soon-and-maintenance-mode-plugin/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows information disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-12T16:50:29.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/igniteup/#developers"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-igniteup-coming-soon-and-maintenance-mode-plugin/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17235",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows information disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/igniteup/#developers",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/igniteup/#developers"
},
{
"name": "https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-igniteup-coming-soon-and-maintenance-mode-plugin/",
"refsource": "MISC",
"url": "https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-igniteup-coming-soon-and-maintenance-mode-plugin/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-17235",
"datePublished": "2019-11-12T16:50:29.000Z",
"dateReserved": "2019-10-06T00:00:00.000Z",
"dateUpdated": "2024-08-05T01:33:17.295Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-17234 (GCVE-0-2019-17234)
Vulnerability from cvelistv5 – Published: 2019-11-12 16:48 – Updated: 2024-08-05 01:33
VLAI
Summary
includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows unauthenticated arbitrary file deletion.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://wordpress.org/plugins/igniteup/#developers | x_refsource_MISC |
| https://blog.nintechnet.com/multiple-vulnerabilit… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:33:17.309Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/igniteup/#developers"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-igniteup-coming-soon-and-maintenance-mode-plugin/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows unauthenticated arbitrary file deletion."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-12T16:48:54.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/igniteup/#developers"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-igniteup-coming-soon-and-maintenance-mode-plugin/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17234",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows unauthenticated arbitrary file deletion."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/igniteup/#developers",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/igniteup/#developers"
},
{
"name": "https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-igniteup-coming-soon-and-maintenance-mode-plugin/",
"refsource": "MISC",
"url": "https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-igniteup-coming-soon-and-maintenance-mode-plugin/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-17234",
"datePublished": "2019-11-12T16:48:54.000Z",
"dateReserved": "2019-10-06T00:00:00.000Z",
"dateUpdated": "2024-08-05T01:33:17.309Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}