Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): Wordpress
- Search Type: Search All
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2022-38139 |
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in RD Station plugin <= 5.2.0 at WordPress. Published: September 13, 2022; 10:15:08 AM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2022-38135 |
Broken Access Control vulnerability in Dean Oakley's Photospace Gallery plugin <= 2.3.5 at WordPress allows users with subscriber or higher role to change plugin settings. Published: September 12, 2022; 5:15:11 PM -0400 |
V3.1: 4.3 MEDIUM V2.0:(not available) |
CVE-2022-40191 |
Authenticated (subscriber+) Stored Cross-Site Scripting (XSS) vulnerability in Ali Khallad's Contact Form By Mega Forms plugin <= 1.2.4 at WordPress. Published: September 09, 2022; 11:15:15 AM -0400 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2022-38144 |
Cross-Site Request Forgery (CSRF) vulnerability in gVectors Team wpForo Forum plugin <= 2.0.5 at WordPress. Published: September 09, 2022; 11:15:14 AM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2022-38093 |
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in All in One SEO plugin <= 4.2.3.1 at WordPress. Published: September 09, 2022; 11:15:14 AM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2022-38070 |
Privilege Escalation (subscriber+) vulnerability in Pop-up plugin <= 1.1.5 at WordPress. Published: September 09, 2022; 11:15:14 AM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2022-38068 |
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Apasionados Export Post Info plugin <= 1.1.0 at WordPress. Published: September 09, 2022; 11:15:14 AM -0400 |
V3.1: 4.8 MEDIUM V2.0:(not available) |
CVE-2022-38067 |
Unauthenticated Event Deletion vulnerability in Totalsoft Event Calendar – Calendar plugin <= 1.4.6 at WordPress. Published: September 09, 2022; 11:15:14 AM -0400 |
V3.1: 5.3 MEDIUM V2.0:(not available) |
CVE-2022-38059 |
Cross-Site Request Forgery (CSRF) vulnerability in Alexey Trofimov's Access Code Feeder plugin <= 1.0.3 at WordPress. Published: September 09, 2022; 11:15:13 AM -0400 |
V3.1: 8.0 HIGH V2.0:(not available) |
CVE-2022-38058 |
Authenticated (subscriber+) Plugin Setting change vulnerability in WP Shamsi plugin <= 4.1.1 at WordPress. Published: September 09, 2022; 11:15:13 AM -0400 |
V3.1: 4.3 MEDIUM V2.0:(not available) |
CVE-2022-37412 |
Authenticated (admin+) Reflected Cross-Site Scripting (XSS) vulnerability in Galerio & Urda's Better Delete Revision plugin <= 1.6.1 at WordPress. Published: September 09, 2022; 11:15:13 AM -0400 |
V3.1: 4.8 MEDIUM V2.0:(not available) |
CVE-2022-37411 |
Cross-Site Request Forgery (CSRF) vulnerability in Vinoj Cardoza's Captcha Code plugin <= 2.7 at WordPress. Published: September 09, 2022; 11:15:13 AM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2022-37407 |
Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities in WPChill Gallery PhotoBlocks plugin <= 1.2.6 at WordPress. Published: September 09, 2022; 11:15:13 AM -0400 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2022-37405 |
Cross-Site Request Forgery (CSRF) vulnerability in Mickey Kay's Better Font Awesome plugin <= 2.0.1 at WordPress. Published: September 09, 2022; 11:15:13 AM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2022-37404 |
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Christian Salazar's add2fav plugin <= 1.0 at WordPress. Published: September 09, 2022; 11:15:13 AM -0400 |
V3.1: 4.8 MEDIUM V2.0:(not available) |
CVE-2022-37403 |
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Nikhil Vaghela's Add User Role plugin <= 0.0.1 at WordPress. Published: September 09, 2022; 11:15:13 AM -0400 |
V3.1: 4.8 MEDIUM V2.0:(not available) |
CVE-2022-37335 |
Authenticated (author+) Stored Cross-Site Scripting (XSS) vulnerability in WHA's Word Search Puzzles game plugin <= 2.0.1 at WordPress. Published: September 09, 2022; 11:15:13 AM -0400 |
V3.1: 4.8 MEDIUM V2.0:(not available) |
CVE-2022-36793 |
Unauthenticated Plugin Settings Change & Data Deletion vulnerabilities in WP Shop plugin <= 3.9.6 at WordPress. Published: September 09, 2022; 11:15:10 AM -0400 |
V3.1: 9.1 CRITICAL V2.0:(not available) |
CVE-2022-36422 |
Rating increase/decrease via race condition in Lester 'GaMerZ' Chan WP-PostRatings plugin <= 1.89 at WordPress. Published: September 09, 2022; 11:15:10 AM -0400 |
V3.1: 3.1 LOW V2.0:(not available) |
CVE-2022-36376 |
Server-Side Request Forgery (SSRF) vulnerability in Rank Math SEO plugin <= 1.0.95 at WordPress. Published: September 09, 2022; 11:15:10 AM -0400 |
V3.1: 9.8 CRITICAL V2.0:(not available) |