Search Results (Refine Search)
- Keyword (text search): xss
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2017-18578 |
The crafty-social-buttons plugin before 1.5.8 for WordPress has XSS. Published: August 22, 2019; 4:15:11 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2014-10393 |
The cforms2 plugin before 10.5 for WordPress has XSS. Published: August 22, 2019; 4:15:11 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-12386 |
An issue was discovered in Ampache through 3.9.1. A stored XSS exists in the localplay.php LocalPlay "add instance" functionality. The injected code is reflected in the instances menu. This vulnerability can be abused to force an admin to create a new privileged user whose credentials are known by the attacker. Published: August 22, 2019; 3:15:14 PM -0400 |
V4.0:(not available) V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
CVE-2014-10392 |
The cforms2 plugin before 10.2 for WordPress has XSS. Published: August 22, 2019; 3:15:13 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-14469 |
In Nexus Repository Manager before 3.18.0, users with elevated privileges can create stored XSS. Published: August 22, 2019; 2:15:11 PM -0400 |
V4.0:(not available) V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
CVE-2018-20983 |
The wp-retina-2x plugin before 5.2.3 for WordPress has XSS. Published: August 22, 2019; 10:15:12 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-18582 |
The time-sheets plugin before 1.5.2 for WordPress has multiple XSS issues. Published: August 22, 2019; 10:15:12 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-18581 |
The time-sheets plugin before 1.5.0 for WordPress has XSS via the old timesheet list. Published: August 22, 2019; 10:15:12 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-18577 |
The mailchimp-for-wp plugin before 4.1.8 for WordPress has XSS via the return value of add_query_arg. Published: August 22, 2019; 10:15:12 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-18576 |
The event-notifier plugin before 1.2.1 for WordPress has XSS via the loading animation. Published: August 22, 2019; 10:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-10925 |
The peters-login-redirect plugin before 2.9.1 for WordPress has XSS during the editing of redirect URLs. Published: August 22, 2019; 10:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2014-10385 |
The memphis-documents-library plugin before 3.0 for WordPress has XSS via $_REQUEST. Published: August 22, 2019; 10:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2013-7482 |
The reflex-gallery plugin before 1.4.3 for WordPress has XSS. Published: August 22, 2019; 10:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2008-7321 |
The tubepress plugin before 1.6.5 for WordPress has XSS. Published: August 22, 2019; 10:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-15317 |
The give plugin before 2.4.7 for WordPress has XSS via a donor name. Published: August 22, 2019; 9:15:13 AM -0400 |
V4.0:(not available) V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
CVE-2018-20982 |
The media-library-assistant plugin before 2.74 for WordPress has XSS via the Media/Assistant or Settings/Media Library assistant admin submenu screens. Published: August 22, 2019; 9:15:12 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-18575 |
The newstatpress plugin before 1.2.5 for WordPress has multiple stored XSS issues. Published: August 22, 2019; 9:15:12 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-18572 |
The gnucommerce plugin before 1.4.2 for WordPress has XSS. Published: August 22, 2019; 9:15:12 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-10920 |
The gnucommerce plugin before 0.5.7-BETA for WordPress has XSS. Published: August 22, 2019; 9:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-10919 |
The wassup plugin before 1.9.1 for WordPress has XSS via the Top stats widget or the wassupURI::add_siteurl method, a different vulnerability than CVE-2012-2633. Published: August 22, 2019; 9:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |