National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): Wordpress
  • Search Type: Search All
There are 2,225 matching records.
Displaying matches 261 through 280.
Vuln ID Summary CVSS Severity
CVE-2016-10869

The contact-form-plugin plugin before 4.0.2 for WordPress has XSS.

Published: August 13, 2019; 01:15:12 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2016-10868

The all-in-one-wp-security-and-firewall plugin before 4.0.5 for WordPress has XSS in the blacklist, file system, and file change detection settings pages.

Published: August 13, 2019; 01:15:12 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2015-9302

The simple-fields plugin before 1.4.11 for WordPress has XSS.

Published: August 13, 2019; 01:15:12 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2015-9301

The liveforms plugin before 3.2.0 for WordPress has SQL injection.

Published: August 13, 2019; 01:15:12 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2015-9300

The events-manager plugin before 5.5.7 for WordPress has multiple XSS issues.

Published: August 13, 2019; 01:15:12 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2015-9299

The events-manager plugin before 5.5.7.1 for WordPress has DOM XSS.

Published: August 13, 2019; 01:15:12 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2015-9298

The events-manager plugin before 5.6 for WordPress has code injection.

Published: August 13, 2019; 01:15:11 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2015-9297

The events-manager plugin before 5.6 for WordPress has XSS.

Published: August 13, 2019; 01:15:11 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2015-9296

The download-monitor plugin before 1.7.1 for WordPress has XSS related to add_query_arg.

Published: August 13, 2019; 01:15:11 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2015-9295

The contact-form-plugin plugin before 3.96 for WordPress has XSS.

Published: August 13, 2019; 01:15:11 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2015-9294

The all-in-one-wp-security-and-firewall plugin before 3.9.5 for WordPress has XSS in add_query_arg and remove_query_arg function instances.

Published: August 13, 2019; 01:15:11 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2015-9293

The all-in-one-wp-security-and-firewall plugin before 3.9.8 for WordPress has XSS in the unlock request feature.

Published: August 13, 2019; 01:15:11 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2013-7475

The contact-form-plugin plugin before 3.52 for WordPress has XSS.

Published: August 13, 2019; 01:15:11 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2012-6713

The job-manager plugin before 0.7.19 for WordPress has multiple XSS issues.

Published: August 13, 2019; 01:15:11 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2019-14947

The ultimate-member plugin before 2.0.52 for WordPress has XSS during an account upgrade.

Published: August 12, 2019; 12:15:15 PM -04:00
V3: 5.4 MEDIUM
V2: 3.5 LOW
CVE-2019-14946

The ultimate-member plugin before 2.0.52 for WordPress has XSS related to UM Roles create and edit operations.

Published: August 12, 2019; 12:15:15 PM -04:00
V3: 5.4 MEDIUM
V2: 3.5 LOW
CVE-2019-14945

The ultimate-member plugin before 2.0.54 for WordPress has XSS.

Published: August 12, 2019; 12:15:15 PM -04:00
V3: 5.4 MEDIUM
V2: 3.5 LOW
CVE-2018-20966

The woocommerce-jetpack plugin before 3.8.0 for WordPress has XSS in the Products Per Page feature.

Published: August 12, 2019; 12:15:13 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2018-20965

The ultimate-member plugin before 2.0.4 for WordPress has XSS.

Published: August 12, 2019; 12:15:13 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2017-18505

The twitter-plugin plugin before 2.55 for WordPress has XSS.

Published: August 12, 2019; 12:15:13 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM