National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): Wordpress
  • Search Type: Search All
There are 2,084 matching records.
Displaying matches 81 through 100.
Vuln ID Summary CVSS Severity
CVE-2016-10884

The simple-membership plugin before 3.3.3 for WordPress has multiple CSRF issues.

Published: August 14, 2019; 12:15:11 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2016-10883

The simple-add-pages-or-posts plugin before 1.7 for WordPress has CSRF for deleting users.

Published: August 14, 2019; 12:15:11 PM -04:00
V3: 6.5 MEDIUM
V2: 5.8 MEDIUM
CVE-2016-10882

The google-document-embedder plugin before 2.6.2 for WordPress has CSRF.

Published: August 14, 2019; 12:15:11 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2016-10881

The google-document-embedder plugin before 2.6.2 for WordPress has XSS.

Published: August 14, 2019; 12:15:11 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2016-10880

The google-document-embedder plugin before 2.6.1 for WordPress has XSS.

Published: August 14, 2019; 12:15:11 PM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2015-9310

The all-in-one-wp-security-and-firewall plugin before 3.9.1 for WordPress has multiple SQL injection issues.

Published: August 14, 2019; 12:15:11 PM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2015-9309

The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit category feature.

Published: August 14, 2019; 12:15:11 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2015-9308

The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit map feature.

Published: August 14, 2019; 12:15:11 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2015-9307

The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit location feature.

Published: August 14, 2019; 12:15:11 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2013-7476

The simple-fields plugin before 1.2 for WordPress has CSRF in the admin interface.

Published: August 14, 2019; 12:15:11 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2019-15025

The ninja-forms plugin before 3.3.21.2 for WordPress has SQL injection in the search filter on the submissions page.

Published: August 14, 2019; 11:15:12 AM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2017-18514

The simple-login-log plugin before 1.1.2 for WordPress has SQL injection.

Published: August 14, 2019; 11:15:11 AM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2016-10889

The nextgen-gallery plugin before 2.1.57 for WordPress has SQL injection via a gallery name.

Published: August 14, 2019; 11:15:11 AM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2015-9316

The wp-fastest-cache plugin before 0.8.4.9 for WordPress has SQL injection in wp-admin/admin-ajax.php?action=wpfc_wppolls_ajax_request via the poll_id parameter.

Published: August 14, 2019; 11:15:11 AM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2015-9315

The newstatpress plugin before 1.0.1 for WordPress has SQL injection.

Published: August 14, 2019; 11:15:11 AM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2015-9314

The newstatpress plugin before 1.0.4 for WordPress has XSS related to the Referer header.

Published: August 14, 2019; 11:15:11 AM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2015-9313

The newstatpress plugin before 1.0.5 for WordPress has SQL injection related to an IMG element.

Published: August 14, 2019; 11:15:11 AM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2015-9312

The newstatpress plugin before 1.0.5 for WordPress has XSS related to an IMG element.

Published: August 14, 2019; 11:15:11 AM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2015-9311

The newstatpress plugin before 1.0.6 for WordPress has reflected XSS.

Published: August 14, 2019; 11:15:11 AM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2017-18515

The wp-statistics plugin before 12.0.8 for WordPress has SQL injection.

Published: August 14, 2019; 10:15:14 AM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH