These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2022-50954 is a local file inclusion flaw in the WordPress plugin cab-fare-calculator version 1.0.3. An unauthenticated attacker can manipulate the controller parameter in tblight.php to traverse paths outside the intended controllers directory and include unintended files. In practical terms, this can expose sensitive local files on the server and may also enable file inclusion behavior beyond normal [truncated]
CVE-2022-50947 is a stored cross-site scripting issue in the WordPress plugin Testimonial Slider and Showcase 2.2.6. According to the supplied record, an authenticated editor can place malicious script into the testimonial title field because the post_title parameter is not properly sanitized. When affected content is viewed, the script can execute in a browser, creating a risk of session abuse and other [truncated]
CVE-2021-47933 is a critical unauthenticated arbitrary file upload issue affecting the MStore API WordPress plugin, described as allowing attackers to POST malicious files to a REST API endpoint and potentially reach remote code execution on vulnerable servers. The supplied NVD record maps the issue to CWE-306, and the record’s references point to the plugin page plus external VulnCheck and Exploit-DB mat [truncated]
CVE-2021-47932 is a critical unauthenticated privilege-escalation issue affecting TheCartPress 1.5.3.6. Crafted POST requests to the tcp_register_and_login_ajax action can set tcp_role=administrator, allowing an attacker to create administrator accounts and gain full administrative access without credentials.
CVE-2017-5493 is a WordPress Multisite vulnerability in which key generation in wp-includes/ms-functions.php did not use sufficiently random numbers. In affected WordPress versions before 4.7.1, a remote attacker could abuse crafted site or user signup flows to bypass intended access restrictions. WordPress addressed the issue in the 4.7.1 security and maintenance release.
CVE-2017-5492 is a cross-site request forgery issue in WordPress widget-editing accessibility mode. A remote attacker could trick an authenticated victim into submitting a widgets-access request without consent, potentially changing widget settings in the victim's session. WordPress addressed the issue in version 4.7.1.
CVE-2017-5491 affects WordPress versions before 4.7.1. The issue is described as a possible bypass of intended posting restrictions in wp-mail.php when an attacker uses a spoofed mail server name matching mail.example.com. In practice, this means mail-based posting controls could be weakened under the documented conditions. WordPress addressed the issue in the 4.7.1 security and maintenance release.
CVE-2017-5490 is a cross-site scripting (XSS) issue in WordPress versions before 4.7.1. The vulnerable path involves theme-name fallback handling in wp-includes/class-wp-theme.php, with related admin-side theme installer logic noted in wp-admin/includes/class-theme-installer-skin.php. A crafted theme directory name could be rendered into web output and allow arbitrary script or HTML injection. The NVD rec [truncated]
CVE-2017-5489 is a high-severity Cross-Site Request Forgery issue in WordPress versions before 4.7.1. The published record describes remote attackers potentially hijacking a victim’s authentication through vectors involving a Flash file upload. The NVD entry maps the issue to CWE-352 and a network-reachable, user-interaction-required attack surface, with vendor references pointing to the WordPress 4.7.1 s [truncated]
CVE-2017-5488 covers multiple cross-site scripting (XSS) issues in WordPress’s admin update flow. The vulnerable area is wp-admin/update-core.php, where plugin name or version header data could be injected into an admin-facing page; WordPress addressed the issue in 4.7.1.
CVE-2017-5487 is a WordPress 4.7 REST API information disclosure issue. According to the CVE record, the users controller did not properly restrict listings of post authors, allowing a remote attacker to obtain sensitive information through a wp-json/wp/v2/users request. The issue is rated medium severity and is fixed in WordPress 4.7.1.
