Search Results (Refine Search)
- Keyword (text search): wordpress
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2015-9352 |
The wp-polls plugin before 2.72 for WordPress has SQL injection. Published: August 27, 2019; 9:15:10 AM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2015-9351 |
The feed-them-social plugin before 1.7.0 for WordPress has possible shortcode execution in the Facebook Feeds load more button. Published: August 27, 2019; 9:15:09 AM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2015-9350 |
The feed-them-social plugin before 1.7.0 for WordPress has reflected XSS in the Facebook Feeds load more button. Published: August 27, 2019; 9:15:09 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2015-9348 |
The sell-downloads plugin before 1.0.8 for WordPress has insufficient restrictions on brute-force guessing of purchase IDs. Published: August 27, 2019; 9:15:09 AM -0400 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2019-15659 |
The pie-register plugin before 3.1.2 for WordPress has SQL injection, a different issue than CVE-2018-10969. Published: August 27, 2019; 8:15:13 AM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2019-15649 |
The insert-or-embed-articulate-content-into-wordpress plugin before 4.2999 for WordPress has insufficient restrictions on file upload. Published: August 27, 2019; 8:15:13 AM -0400 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 6.5 MEDIUM |
CVE-2019-15648 |
The insert-or-embed-articulate-content-into-wordpress plugin before 4.29991 for WordPress has insufficient restrictions on deleting or renaming by a Subscriber. Published: August 27, 2019; 8:15:13 AM -0400 |
V4.0:(not available) V3.0: 6.5 MEDIUM V2.0: 5.5 MEDIUM |
CVE-2019-15647 |
The groundhogg plugin before 1.3.5 for WordPress has wp-admin/admin-ajax.php?action=bulk_action_listener remote code execution. Published: August 27, 2019; 8:15:12 AM -0400 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 6.5 MEDIUM |
CVE-2019-15646 |
The rsvpmaker plugin before 6.2 for WordPress has SQL injection. Published: August 27, 2019; 8:15:12 AM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2019-15645 |
The zoho-salesiq plugin before 1.0.9 for WordPress has CSRF. Published: August 27, 2019; 8:15:12 AM -0400 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2019-15644 |
The zoho-salesiq plugin before 1.0.9 for WordPress has stored XSS. Published: August 27, 2019; 8:15:12 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-15643 |
The ultimate-faqs plugin before 1.8.22 for WordPress has XSS. Published: August 27, 2019; 8:15:12 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2018-21006 |
The bbp-move-topics plugin before 1.1.6 for WordPress has CSRF. Published: August 27, 2019; 8:15:12 AM -0400 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2018-21005 |
The bbp-move-topics plugin before 1.1.6 for WordPress has code injection. Published: August 27, 2019; 8:15:12 AM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2018-21004 |
The rsvpmaker plugin before 5.6.4 for WordPress has SQL injection. Published: August 27, 2019; 8:15:12 AM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2018-21003 |
The buddyforms plugin before 2.2.8 for WordPress has SQL injection. Published: August 27, 2019; 8:15:12 AM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2018-21002 |
The js-support-ticket plugin before 2.0.6 for WordPress has CSRF. Published: August 27, 2019; 8:15:12 AM -0400 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2018-21001 |
The anycomment plugin before 0.0.33 for WordPress has XSS. Published: August 27, 2019; 8:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-18590 |
The timesheet plugin before 0.1.5 for WordPress has multiple XSS issues. Published: August 27, 2019; 8:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-10935 |
The woocommerce-exporter plugin before 1.8.4 for WordPress has privilege escalation. Published: August 27, 2019; 8:15:11 AM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |