Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): Wordpress
  • Search Type: Search All
There are 3,010 matching records.
Displaying matches 1,801 through 1,820.
Vuln ID Summary CVSS Severity
CVE-2017-6577

A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/subscriber_list.php with the POST Parameter: list_id.

Published: March 09, 2017; 4:59:00 AM -0500
V3.0: 7.2 HIGH
V2.0: 6.5 MEDIUM
CVE-2017-6576

A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/campaign/campaign-delete.php with the GET Parameter: id.

Published: March 09, 2017; 4:59:00 AM -0500
V3.0: 7.2 HIGH
V2.0: 6.5 MEDIUM
CVE-2017-6575

A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/lists/edit_member.php with the GET Parameter: member_id.

Published: March 09, 2017; 4:59:00 AM -0500
V3.0: 7.2 HIGH
V2.0: 6.5 MEDIUM
CVE-2017-6574

A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/lists/edit_member.php with the GET Parameter: filter_list.

Published: March 09, 2017; 4:59:00 AM -0500
V3.0: 7.2 HIGH
V2.0: 6.5 MEDIUM
CVE-2017-6573

A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/lists/edit-list.php with the GET Parameter: id.

Published: March 09, 2017; 4:59:00 AM -0500
V3.0: 7.2 HIGH
V2.0: 6.5 MEDIUM
CVE-2017-6572

A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/lists/add_member.php with the GET Parameter: filter_list.

Published: March 09, 2017; 4:59:00 AM -0500
V3.0: 7.2 HIGH
V2.0: 6.5 MEDIUM
CVE-2017-6571

A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/campaign/view-campaign.php with the GET Parameter: id.

Published: March 09, 2017; 4:59:00 AM -0500
V3.0: 7.2 HIGH
V2.0: 6.5 MEDIUM
CVE-2017-6570

A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/campaign/view-campaign-list.php with the GET Parameter: id.

Published: March 09, 2017; 4:59:00 AM -0500
V3.0: 7.2 HIGH
V2.0: 6.5 MEDIUM
CVE-2017-6104

Remote file upload vulnerability in Wordpress Plugin Mobile App Native 3.0.

Published: March 02, 2017; 5:59:00 PM -0500
V3.0: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2017-6103

Persistent XSS Vulnerability in Wordpress plugin AnyVar v0.1.1.

Published: March 02, 2017; 5:59:00 PM -0500
V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-6102

Persistent XSS in wordpress plugin rockhoist-badges v1.2.2.

Published: March 02, 2017; 5:59:00 PM -0500
V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-8636

Integer overflow in the mem_check_range function in drivers/infiniband/sw/rxe/rxe_mr.c in the Linux kernel before 4.9.10 allows local users to cause a denial of service (memory corruption), obtain sensitive information from kernel memory, or possibly have unspecified other impact via a write or read request involving the "RDMA protocol over infiniband" (aka Soft RoCE) technology.

Published: February 22, 2017; 11:59:00 AM -0500
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2017-6098

A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/campaign_save.php (Requires authentication to Wordpress admin) with the POST Parameter: list_id.

Published: February 21, 2017; 2:59:00 AM -0500
V3.0: 7.2 HIGH
V2.0: 6.5 MEDIUM
CVE-2017-6097

A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/campaign/count_of_send.php (Requires authentication to Wordpress admin) with the POST Parameter: camp_id.

Published: February 21, 2017; 2:59:00 AM -0500
V3.0: 7.2 HIGH
V2.0: 6.5 MEDIUM
CVE-2017-6096

A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/lists/view-list.php (Requires authentication to Wordpress admin) with the GET Parameter: filter_list.

Published: February 21, 2017; 2:59:00 AM -0500
V3.0: 7.2 HIGH
V2.0: 6.5 MEDIUM
CVE-2017-6095

A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/lists/csvexport.php (Unauthenticated) with the GET Parameter: list_id.

Published: February 21, 2017; 2:59:00 AM -0500
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2017-5942

An issue was discovered in the WP Mail plugin before 1.2 for WordPress. The replyto parameter when composing a mail allows for a reflected XSS. This would allow you to execute JavaScript in the context of the user receiving the mail.

Published: February 10, 2017; 2:59:00 AM -0500
V3.1: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-5940

Firejail before 0.9.44.6 and 0.9.38.x LTS before 0.9.38.10 LTS does not comprehensively address dotfile cases during its attempt to prevent accessing user files with an euid of zero, which allows local users to conduct sandbox-escape attacks via vectors involving a symlink and the --private option. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-5180.

Published: February 09, 2017; 1:59:00 PM -0500
V3.0: 8.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2017-5180

Firejail before 0.9.44.4 and 0.9.38.x LTS before 0.9.38.8 LTS does not consider the .Xauthority case during its attempt to prevent accessing user files with an euid of zero, which allows local users to conduct sandbox-escape attacks via vectors involving a symlink and the --private option.

Published: February 09, 2017; 1:59:00 PM -0500
V3.0: 8.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2017-5612

Cross-site scripting (XSS) vulnerability in wp-admin/includes/class-wp-posts-list-table.php in the posts list table in WordPress before 4.7.2 allows remote attackers to inject arbitrary web script or HTML via a crafted excerpt.

Published: January 29, 2017; 11:59:00 PM -0500
V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM