Vulnerabilities and security researches forluckywp-table-of-contents luckywp-table-of-contents

Jun 06, 2024

CVE, Research URL: CVE-2023-6487
Home page URL: Security reports for LuckyWP Table of Contents
Application: LuckyWP Table of Contents
Date: May 22, 2024
Research Description: The LuckyWP Table of Contents plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Header Title' field in all versions up to and including 2.1.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2024-2119
Home page URL: Security reports for LuckyWP Table of Contents
Application: LuckyWP Table of Contents
Date: May 22, 2024
Research Description: The LuckyWP Table of Contents plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the attrs parameter in all versions up to, and including, 2.1.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2024-2953
Home page URL: Security reports for LuckyWP Table of Contents
Application: LuckyWP Table of Contents
Date: May 22, 2024
Research Description: The LuckyWP Table of Contents plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters in versions up to, and including, 2.1.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with Contributor permissions and above to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected versions: Min -, max -.
Status: vulnerable

Jun 17, 2024

CVE, Research URL: CVE-2024-2218
Home page URL: Security reports for LuckyWP Table of Contents
Application: LuckyWP Table of Contents
Date: Jun 14, 2024
Research Description: The LuckyWP Table of Contents WordPress plugin through 2.1.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Affected versions: Min -, max -.
Status: vulnerable

Dec 12, 2024

CVE, Research URL: CVE-2024-9641
Home page URL: Security reports for LuckyWP Table of Contents
Application: LuckyWP Table of Contents
Date: Dec 12, 2024
Research Description: The LuckyWP Table of Contents WordPress plugin before 2.1.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
Affected versions: Min -, max -.
Status: vulnerable

Apr 04, 2025

CVE, Research URL: CVE-2025-2299
Home page URL: Security reports for LuckyWP Table of Contents
Application: LuckyWP Table of Contents
Date: Apr 03, 2025
Research Description: The LuckyWP Table of Contents plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.10. This is due to missing or incorrect nonce validation on the 'ajaxEdit' function. This makes it possible for unauthenticated attackers to inject arbitrary web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Affected versions: Min -, max -.
Status: vulnerable