National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): Wordpress
  • Search Type: Search All
There are 1,812 matching records.
Displaying matches 61 through 80.
Vuln ID Summary CVSS Severity
CVE-2019-9063

PHP Scripts Mall Auction website script 2.0.4 allows parameter tampering of the payment amount.

Published: February 23, 2019; 04:29:00 PM -05:00
V3: 6.5 MEDIUM
V2: 4.0 MEDIUM
CVE-2019-9062

PHP Scripts Mall Online Food Ordering Script 1.0 has Cross-Site Request Forgery (CSRF) in my-account.php.

Published: February 23, 2019; 04:29:00 PM -05:00
V3: 8.0 HIGH
V2: 6.0 MEDIUM
CVE-2019-8943

WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An attacker (who has privileges to crop an image) can write the output image to an arbitrary directory via a filename containing two image extensions and ../ sequences, such as a filename ending with the .jpg?/../../file.jpg substring.

Published: February 19, 2019; 10:29:00 PM -05:00
V3: 6.5 MEDIUM
V2: 4.0 MEDIUM
CVE-2019-8942

WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an _wp_attached_file Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image containing PHP code in the Exif metadata. Exploitation can leverage CVE-2019-8943.

Published: February 19, 2019; 10:29:00 PM -05:00
V3: 8.8 HIGH
V2: 6.5 MEDIUM
CVE-2019-8361

PHP Scripts Mall Responsive Video News Script has XSS via the Search Bar. This might, for example, be leveraged for HTML injection or URL redirection.

Published: February 16, 2019; 05:29:00 PM -05:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2015-4617

Vulnerability in Easy2map-photos WordPress Plugin v1.09 MapPinImageUpload.php and MapPinIconSave.php allows path traversal when specifying file names creating files outside of the upload directory.

Published: February 15, 2019; 04:29:00 PM -05:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2015-4615

Vulnerability in Easy2map-photos WordPress Plugin v1.09 allows SQL Injection via unsanitized mapTemplateName, mapName, mapSettingsXML, parentCSSXML, photoCSSXML, mapCSSXML, mapHTML,mapID variables

Published: February 15, 2019; 04:29:00 PM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-7587

Bo-blog Wind through 1.6.0-r allows SQL Injection via the admin.php/comments/batchdel/ comID parameter because this parameter is mishandled in the mode/admin.mode.php delBlockedBatch function.

Published: February 07, 2019; 02:29:00 PM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-7413

In the Parallax Scroll (aka adamrob-parallax-scroll) plugin before 2.1 for WordPress, includes/adamrob-parralax-shortcode.php allows XSS via the title text. ("parallax" has a spelling change within the PHP filename.)

Published: February 05, 2019; 01:29:00 PM -05:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2019-7412

The PS PHPCaptcha WP plugin before v1.2.0 for WordPress mishandles sanitization of input values.

Published: February 05, 2019; 01:29:00 PM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-1000003

MapSVG MapSVG Lite version 3.2.3 contains a Cross Site Request Forgery (CSRF) vulnerability in REST endpoint /wp-admin/admin-ajax.php?action=mapsvg_save that can result in an attacker can modify post data, including embedding javascript. This attack appears to be exploitable via the victim must be logged in to WordPress as an admin, and click a link. This vulnerability appears to have been fixed in 3.3.0 and later.

Published: February 04, 2019; 04:29:00 PM -05:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2018-19043

The Media File Manager plugin 1.4.2 for WordPress allows arbitrary file renaming (specifying a "from" and "to" filename) via a ../ directory traversal in the dir parameter of an mrelocator_rename action to the wp-admin/admin-ajax.php URI.

Published: January 31, 2019; 02:29:00 PM -05:00
V3: 5.3 MEDIUM
V2: 5.0 MEDIUM
CVE-2018-19042

The Media File Manager plugin 1.4.2 for WordPress allows arbitrary file movement via a ../ directory traversal in the dir_from and dir_to parameters of an mrelocator_move action to the wp-admin/admin-ajax.php URI.

Published: January 31, 2019; 02:29:00 PM -05:00
V3: 5.3 MEDIUM
V2: 5.0 MEDIUM
CVE-2018-19041

The Media File Manager plugin 1.4.2 for WordPress allows XSS via the dir parameter of an mrelocator_getdir action to the wp-admin/admin-ajax.php URI.

Published: January 31, 2019; 02:29:00 PM -05:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2018-19040

The Media File Manager plugin 1.4.2 for WordPress allows directory listing via a ../ directory traversal in the dir parameter of an mrelocator_getdir action to the wp-admin/admin-ajax.php URI.

Published: January 31, 2019; 02:29:00 PM -05:00
V3: 5.3 MEDIUM
V2: 5.0 MEDIUM
CVE-2019-6703

Incorrect access control in migla_ajax_functions.php in the Calmar Webmedia Total Donations plugin through 2.0.5 for WordPress allows unauthenticated attackers to update arbitrary WordPress option values, leading to site takeover. These attackers can send requests to wp-admin/admin-ajax.php to call the miglaA_update_me action to change arbitrary options on affected sites. This can be used to enable new user registration and set the default role for new users to Administrator.

Published: January 26, 2019; 09:29:00 PM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-6780

The Wise Chat plugin before 2.7 for WordPress mishandles external links because rendering/filters/post/WiseChatLinksPostFilter.php omits noopener and noreferrer.

Published: January 24, 2019; 03:29:00 PM -05:00
V3: 6.1 MEDIUM
V2: 5.8 MEDIUM
CVE-2018-20714

The logging system of the Automattic WooCommerce plugin before 3.4.6 for WordPress is vulnerable to a File Deletion vulnerability. This allows deletion of woocommerce.php, which leads to certain privilege checks not being in place, and therefore a shop manager can escalate privileges to admin.

Published: January 15, 2019; 11:29:00 AM -05:00
V3: 8.1 HIGH
V2: 5.5 MEDIUM
CVE-2017-18356

In the Automattic WooCommerce plugin before 3.2.4 for WordPress, an attack is possible after gaining access to the target site with a user account that has at least Shop manager privileges. The attacker then constructs a specifically crafted string that will turn into a PHP object injection involving the includes/shortcodes/class-wc-shortcode-products.php WC_Shortcode_Products::get_products() use of cached queries within shortcodes.

Published: January 15, 2019; 11:29:00 AM -05:00
V3: 8.8 HIGH
V2: 6.5 MEDIUM
CVE-2019-6267

The Premium WP Suite Easy Redirect Manager plugin 28.07-17 for WordPress has XSS via a crafted GET request that is mishandled during log viewing at the templates/admin/redirect-log.php URI.

Published: January 14, 2019; 07:29:00 PM -05:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM