Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): XSS Wordpress
- Search Type: Search All
- CPE Name Search: false
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2019-15869 |
The JobCareer theme before 2.5.1 for WordPress has stored XSS. Published: September 03, 2019; 8:15:11 AM -0400 |
V4.0:(not available) V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
CVE-2019-15864 |
The breadcrumbs-by-menu plugin before 1.0.3 for WordPress has XSS. Published: September 03, 2019; 8:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-15858 |
admin/includes/class.import.snippet.php in the "Woody ad snippets" plugin before 2.2.5 for WordPress allows unauthenticated options import, as demonstrated by storing an XSS payload for remote code execution. Published: September 03, 2019; 3:15:10 AM -0400 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2019-15842 |
The easy-pdf-restaurant-menu-upload plugin before 1.1.2 for WordPress has XSS. Published: August 30, 2019; 1:15:12 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-15838 |
The custom-404-pro plugin before 3.2.8 for WordPress has reflected XSS, a different vulnerability than CVE-2019-14789. Published: August 30, 2019; 1:15:12 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-15837 |
The webp-express plugin before 0.14.8 for WordPress has stored XSS. Published: August 30, 2019; 1:15:12 PM -0400 |
V4.0:(not available) V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
CVE-2019-15836 |
The wp-ultimate-recipe plugin before 3.12.7 for WordPress has stored XSS. Published: August 30, 2019; 1:15:12 PM -0400 |
V4.0:(not available) V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
CVE-2019-15833 |
The simple-mail-address-encoder plugin before 1.7 for WordPress has reflected XSS. Published: August 30, 2019; 10:15:11 AM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-15830 |
The icegram plugin before 1.10.29 for WordPress has ig_cat_list XSS. Published: August 30, 2019; 10:15:10 AM -0400 |
V4.0:(not available) V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
CVE-2019-15829 |
The photoblocks-grid-gallery plugin before 1.1.33 for WordPress has wp-admin/admin.php?page=photoblocks-edit&id= XSS. Published: August 30, 2019; 10:15:10 AM -0400 |
V4.0:(not available) V3.0: 4.8 MEDIUM V2.0: 3.5 LOW |
CVE-2019-15827 |
The onesignal-free-web-push-notifications plugin before 1.17.8 for WordPress has XSS via the subdomain parameter. Published: August 30, 2019; 10:15:10 AM -0400 |
V4.0:(not available) V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
CVE-2019-15817 |
The easy-property-listings plugin before 3.4 for WordPress has XSS. Published: August 30, 2019; 9:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-15778 |
The woo-variation-gallery plugin before 1.1.29 for WordPress has XSS. Published: August 29, 2019; 9:15:11 AM -0400 |
V4.0:(not available) V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
CVE-2019-15777 |
The shapepress-dsgvo plugin before 2.2.19 for WordPress has wp-admin/admin-ajax.php?action=admin-common-settings&admin_email= XSS. Published: August 29, 2019; 8:15:11 AM -0400 |
V4.0:(not available) V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
CVE-2015-9359 |
The Jetpack plugin before 3.4.3 for WordPress has XSS via add_query_arg() and remove_query_arg(). Published: August 28, 2019; 11:15:10 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2015-9379 |
iThemes Builder Style Manager before 0.7.7 for WordPress has XSS via add_query_arg() and remove_query_arg(). Published: August 28, 2019; 9:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2015-9378 |
iThemes Builder Theme Market before 5.1.27 for WordPress has XSS via add_query_arg() and remove_query_arg(). Published: August 28, 2019; 9:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2015-9377 |
iThemes Builder Theme Depot before 5.0.30 for WordPress has XSS via add_query_arg() and remove_query_arg(). Published: August 28, 2019; 9:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2015-9376 |
iThemes Mobile before 1.2.8 for WordPress has XSS via add_query_arg() and remove_query_arg(). Published: August 28, 2019; 9:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2015-9375 |
Table Rate Shipping Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). Published: August 28, 2019; 9:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |