) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Keyword (text search): xss
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2015-9336 |
The clean-login plugin before 1.5.1 for WordPress has reflected XSS. Published: August 22, 2019; 9:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2013-7481 |
The contact-form-plugin plugin before 3.3.5 for WordPress has XSS. Published: August 22, 2019; 9:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2013-7480 |
The events-manager plugin before 5.3.6.1 for WordPress has XSS via the booking form and admin areas. Published: August 22, 2019; 9:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2013-7479 |
The events-manager plugin before 5.3.9 for WordPress has XSS in the search form field. Published: August 22, 2019; 9:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2013-7478 |
The events-manager plugin before 5.5 for WordPress has XSS via EM_Ticket::get_post. Published: August 22, 2019; 9:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2013-7477 |
The events-manager plugin before 5.5.2 for WordPress has XSS in the booking form. Published: August 22, 2019; 9:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2012-6716 |
The events-manager plugin before 5.1.7 for WordPress has XSS via JSON call links. Published: August 22, 2019; 9:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2019-13476 |
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.837, XSS in the domain parameter allows a low-privilege user to achieve root access via the email list page. Published: August 21, 2019; 4:15:12 PM -0400 |
V4.0:(not available) V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2019-15127 |
REDCap before 9.3.0 allows XSS attacks against non-administrator accounts on the Data Import Tool page via a CSV data import file. Published: August 21, 2019; 3:15:13 PM -0400 |
V4.0:(not available) V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2018-20977 |
The all-in-one-schemaorg-rich-snippets plugin before 1.5.0 for WordPress has XSS on the settings page. Published: August 21, 2019; 3:15:12 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2018-20970 |
The pdf-print plugin before 2.0.3 for WordPress has multiple XSS issues. Published: August 21, 2019; 3:15:12 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2017-18562 |
The error-log-viewer plugin before 1.0.6 for WordPress has multiple XSS issues. Published: August 21, 2019; 3:15:12 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2017-18561 |
The embed-comment-images plugin before 0.6 for WordPress has XSS. Published: August 21, 2019; 3:15:12 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2017-18559 |
The cforms2 plugin before 14.13.3 for WordPress has multiple XSS issues. Published: August 21, 2019; 3:15:12 PM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2017-18535 |
The smokesignal plugin before 1.2.7 for WordPress has XSS. Published: August 21, 2019; 3:15:12 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2017-18525 |
The megamenu plugin before 2.4 for WordPress has XSS. Published: August 21, 2019; 3:15:12 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2017-18516 |
The bws-linkedin plugin before 1.0.5 for WordPress has multiple XSS issues. Published: August 21, 2019; 3:15:12 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2016-10891 |
The aryo-activity-log plugin before 2.3.3 for WordPress has XSS. Published: August 21, 2019; 3:15:12 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2016-10890 |
The aryo-activity-log plugin before 2.3.2 for WordPress has XSS. Published: August 21, 2019; 3:15:12 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2014-10378 |
The duplicate-post plugin before 2.6 for WordPress has XSS. Published: August 21, 2019; 3:15:12 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |