) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): XSS Wordpress
- Search Type: Search All
- CPE Name Search: false
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2017-18503 |
The twitter-cards-meta plugin before 2.5.0 for WordPress has XSS. Published: August 12, 2019; 12:15:13 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2017-18502 |
The subscriber plugin before 1.3.5 for WordPress has multiple XSS issues. Published: August 12, 2019; 12:15:13 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2017-18501 |
The social-login-bws plugin before 0.2 for WordPress has multiple XSS issues. Published: August 12, 2019; 12:15:13 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2017-18500 |
The social-buttons-pack plugin before 1.1.1 for WordPress has multiple XSS issues. Published: August 12, 2019; 12:15:13 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2017-18499 |
The simple-membership plugin before 3.5.7 for WordPress has XSS. Published: August 12, 2019; 12:15:12 PM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2016-10872 |
The ultimate-member plugin before 1.3.40 for WordPress has XSS on the login form. Published: August 12, 2019; 12:15:12 PM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2015-9304 |
The ultimate-member plugin before 1.3.18 for WordPress has XSS via text input. Published: August 12, 2019; 12:15:12 PM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2015-9303 |
The simple-share-buttons-adder plugin before 6.0.0 for WordPress has XSS. Published: August 12, 2019; 12:15:12 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2019-14950 |
The wp-live-chat-support plugin before 8.0.27 for WordPress has XSS via the GDPR page. Published: August 12, 2019; 11:15:12 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2019-14949 |
The wp-database-backup plugin before 5.1.2 for WordPress has XSS. Published: August 12, 2019; 11:15:12 AM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2019-14948 |
The woocommerce-product-addon plugin before 18.4 for WordPress has XSS via an import of a new meta data structure. Published: August 12, 2019; 11:15:12 AM -0400 |
V4.0:(not available) V3.1: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2017-18508 |
The wp-live-chat-support plugin before 7.1.03 for WordPress has XSS. Published: August 12, 2019; 11:15:11 AM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2017-18506 |
The woocommerce-pdf-invoices-packing-slips plugin before 2.0.13 for WordPress has XSS via the tab or section variable on settings screens. Published: August 12, 2019; 11:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2016-10879 |
The wp-live-chat-support plugin before 6.2.02 for WordPress has XSS. Published: August 12, 2019; 11:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2016-10878 |
The wp-google-map-plugin plugin before 3.1.2 for WordPress has XSS. Published: August 12, 2019; 11:15:11 AM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2016-10877 |
The wp-editor plugin before 1.2.6.3 for WordPress has multiple XSS issues. Published: August 12, 2019; 11:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2016-10875 |
The wp-database-backup plugin before 4.3.1 for WordPress has XSS. Published: August 12, 2019; 11:15:11 AM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2016-10873 |
The wp-database-backup plugin before 4.3.3 for WordPress has XSS. Published: August 12, 2019; 11:15:11 AM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2015-9306 |
The wp-ultimate-csv-importer plugin before 3.8.1 for WordPress has XSS. Published: August 12, 2019; 11:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2015-9305 |
The wp-google-map-plugin plugin before 2.3.7 for WordPress has XSS related to the add_query_arg() and remove_query_arg() functions. Published: August 12, 2019; 11:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |