Search Results (Refine Search)
- Keyword (text search): xss
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2016-10908 |
The booking-calendar-contact-form plugin before 1.0.24 for WordPress has XSS. Published: August 21, 2019; 9:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-10901 |
The wp-customer-reviews plugin before 3.0.9 for WordPress has XSS in the admin tools. Published: August 21, 2019; 9:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-10900 |
The uji-countdown plugin before 2.0.7 for WordPress has XSS. Published: August 21, 2019; 9:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-15109 |
The the-events-calendar plugin before 4.8.2 for WordPress has XSS via the tribe_paged URL parameter. Published: August 21, 2019; 8:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-18540 |
The weblibrarian plugin before 3.4.8.7 for WordPress has XSS via front-end short codes. Published: August 21, 2019; 8:15:11 AM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-18539 |
The weblibrarian plugin before 3.4.8.6 for WordPress has XSS via front-end short codes. Published: August 21, 2019; 8:15:11 AM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-18538 |
The weblibrarian plugin before 3.4.8.5 for WordPress has XSS via front-end short codes. Published: August 21, 2019; 8:15:11 AM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-18537 |
The visitors-online plugin before 1.0.0 for WordPress has multiple XSS issues. Published: August 21, 2019; 8:15:10 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-18536 |
The stop-user-enumeration plugin before 1.3.8 for WordPress has XSS. Published: August 21, 2019; 8:15:10 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-18534 |
The share-on-diaspora plugin before 0.7.2 for WordPress has reflected XSS in share URL parameters. Published: August 21, 2019; 8:15:10 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-10898 |
The total-security plugin before 3.4.1 for WordPress has XSS. Published: August 21, 2019; 8:15:10 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-10897 |
The sermon-browser plugin before 0.45.16 for WordPress has multiple XSS issues. Published: August 21, 2019; 8:15:10 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-10896 |
The seo-redirection plugin before 4.3 for WordPress has stored XSS. Published: August 21, 2019; 8:15:10 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2015-9321 |
The shortcode-factory plugin before 1.1.1 for WordPress has XSS via add_query_arg. Published: August 21, 2019; 8:15:10 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-3966 |
In OpenEMR 5.0.1 and earlier, controller.php contains a reflected XSS vulnerability in the foreign_id parameter. This could allow an attacker to execute arbitrary code in the context of a user's session. Published: August 20, 2019; 2:15:11 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-3965 |
In OpenEMR 5.0.1 and earlier, controller.php contains a reflected XSS vulnerability in the document_id parameter. This could allow an attacker to execute arbitrary code in the context of a user's session. Published: August 20, 2019; 2:15:11 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-3964 |
In OpenEMR 5.0.1 and earlier, controller.php contains a reflected XSS vulnerability in the doc_id parameter. This could allow an attacker to execute arbitrary code in the context of a user's session. Published: August 20, 2019; 2:15:11 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-3963 |
In OpenEMR 5.0.1 and earlier, controller.php contains a reflected XSS vulnerability in the patient_id parameter. This could allow an attacker to execute arbitrary code in the context of a user's session. Published: August 20, 2019; 2:15:11 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2018-20978 |
The wp-all-import plugin before 3.4.7 for WordPress has XSS. Published: August 20, 2019; 12:15:13 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-18566 |
The user-role plugin before 1.5.6 for WordPress has multiple XSS issues. Published: August 20, 2019; 12:15:13 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |