National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): Wordpress
  • Search Type: Search All
There are 2,415 matching records.
Displaying matches 141 through 160.
Vuln ID Summary CVSS Severity
CVE-2015-9362

The Post Connector plugin before 1.0.4 for WordPress has XSS via add_query_arg() and remove_query_arg().

Published: August 28, 2019; 08:15:12 AM -04:00
V3.0: 6.1 MEDIUM
    V2: 4.3 MEDIUM
CVE-2015-9361

The Related Posts plugin before 1.8.2 for WordPress has XSS via add_query_arg() and remove_query_arg().

Published: August 28, 2019; 08:15:11 AM -04:00
V3.0: 6.1 MEDIUM
    V2: 4.3 MEDIUM
CVE-2015-9360

The updraftplus plugin before 1.9.64 for WordPress has XSS via add_query_arg() and remove_query_arg().

Published: August 28, 2019; 08:15:11 AM -04:00
V3.0: 6.1 MEDIUM
    V2: 4.3 MEDIUM
CVE-2015-9358

The feedwordpress plugin before 2015.0514 for WordPress has XSS via add_query_arg() and remove_query_arg().

Published: August 28, 2019; 08:15:11 AM -04:00
V3.0: 6.1 MEDIUM
    V2: 4.3 MEDIUM
CVE-2015-9357

The akismet plugin before 3.1.5 for WordPress has XSS.

Published: August 28, 2019; 08:15:11 AM -04:00
V3.0: 6.1 MEDIUM
    V2: 4.3 MEDIUM
CVE-2015-9356

The wp-vipergb plugin before 1.3.16 for WordPress has XSS via add_query_arg() and remove_query_arg(), a different issue than CVE-2014-9460.

Published: August 28, 2019; 08:15:11 AM -04:00
V3.0: 6.1 MEDIUM
    V2: 4.3 MEDIUM
CVE-2015-9355

The two-factor-authentication plugin before 1.1.10 for WordPress has XSS in the admin area.

Published: August 28, 2019; 08:15:11 AM -04:00
V3.0: 6.1 MEDIUM
    V2: 4.3 MEDIUM
CVE-2015-9354

The gigpress plugin before 2.3.11 for WordPress has XSS.

Published: August 28, 2019; 08:15:11 AM -04:00
V3.0: 4.8 MEDIUM
    V2: 3.5 LOW
CVE-2015-9353

The gigpress plugin before 2.3.11 for WordPress has SQL injection in the admin area, a different vulnerability than CVE-2015-4066.

Published: August 28, 2019; 08:15:10 AM -04:00
V3.1: 7.2 HIGH
    V2: 6.5 MEDIUM
CVE-2012-6719

The sharebar plugin before 1.2.2 for WordPress has SQL injection.

Published: August 28, 2019; 08:15:10 AM -04:00
V3.0: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2012-6718

The sharebar plugin before 1.2.2 for WordPress has XSS, a different issue than CVE-2013-3491.

Published: August 28, 2019; 08:15:10 AM -04:00
V3.0: 6.1 MEDIUM
    V2: 4.3 MEDIUM
CVE-2012-6717

The redirection plugin before 2.2.12 for WordPress has XSS, a different issue than CVE-2011-4562.

Published: August 28, 2019; 08:15:10 AM -04:00
V3.0: 6.1 MEDIUM
    V2: 4.3 MEDIUM
CVE-2011-5329

The redirection plugin before 2.2.9 for WordPress has XSS in the admin menu, a different issue than CVE-2011-4562.

Published: August 28, 2019; 08:15:10 AM -04:00
V3.0: 6.1 MEDIUM
    V2: 4.3 MEDIUM
CVE-2019-14314

A SQL injection vulnerability exists in the Imagely NextGEN Gallery plugin before 3.2.10 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via modules/nextgen_gallery_display/package.module.nextgen_gallery_display.php.

Published: August 27, 2019; 12:15:11 PM -04:00
V3.0: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2019-15660

The wp-members plugin before 3.2.8 for WordPress has CSRF.

Published: August 27, 2019; 09:15:10 AM -04:00
V3.0: 8.8 HIGH
    V2: 6.8 MEDIUM
CVE-2019-15650

The stops-core-theme-and-plugin-updates plugin before 8.0.5 for WordPress has insufficient restrictions on option changes (such as disabling unattended theme updates) because of a nonce check error.

Published: August 27, 2019; 09:15:10 AM -04:00
V3.0: 4.3 MEDIUM
    V2: 4.0 MEDIUM
CVE-2017-18592

The woocommerce-catalog-enquiry plugin before 3.1.0 for WordPress has an incorrect wp_upload directory for file uploads.

Published: August 27, 2019; 09:15:10 AM -04:00
V3.0: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2017-18591

The gd-rating-system plugin before 2.1 for WordPress has XSS in log.php.

Published: August 27, 2019; 09:15:10 AM -04:00
V3.0: 6.1 MEDIUM
    V2: 4.3 MEDIUM
CVE-2016-10936

The wp-polls plugin before 2.73.1 for WordPress has XSS via the Poll bar option.

Published: August 27, 2019; 09:15:10 AM -04:00
V3.0: 6.1 MEDIUM
    V2: 4.3 MEDIUM
CVE-2015-9352

The wp-polls plugin before 2.72 for WordPress has SQL injection.

Published: August 27, 2019; 09:15:10 AM -04:00
V3.0: 9.8 CRITICAL
    V2: 7.5 HIGH