Search Results (Refine Search)
- Results Type: Overview
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2019-15647 |
The groundhogg plugin before 1.3.5 for WordPress has wp-admin/admin-ajax.php?action=bulk_action_listener remote code execution. Published: August 27, 2019; 8:15:12 AM -0400 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 6.5 MEDIUM |
CVE-2019-15646 |
The rsvpmaker plugin before 6.2 for WordPress has SQL injection. Published: August 27, 2019; 8:15:12 AM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2019-15645 |
The zoho-salesiq plugin before 1.0.9 for WordPress has CSRF. Published: August 27, 2019; 8:15:12 AM -0400 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2019-15644 |
The zoho-salesiq plugin before 1.0.9 for WordPress has stored XSS. Published: August 27, 2019; 8:15:12 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-15643 |
The ultimate-faqs plugin before 1.8.22 for WordPress has XSS. Published: August 27, 2019; 8:15:12 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-13237 |
In Alkacon OpenCms 10.5.4 and 10.5.5, there are multiple resources vulnerable to Local File Inclusion that allow an attacker to access server resources: clearhistory.jsp, convertxml.jsp, group_new.jsp, loginmessage.jsp, xmlcontentrepair.jsp, and /system/workplace/admin/history/settings/index.jsp. Published: August 27, 2019; 8:15:12 AM -0400 |
V4.0:(not available) V3.1: 4.3 MEDIUM V2.0: 4.0 MEDIUM |
CVE-2019-13236 |
In system/workplace/ in Alkacon OpenCms 10.5.4 and 10.5.5, there are multiple Reflected and Stored XSS issues in the management interface. Published: August 27, 2019; 8:15:12 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-13235 |
In the Alkacon OpenCms Apollo Template 10.5.4 and 10.5.5, there is XSS in the Login form. Published: August 27, 2019; 8:15:12 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-13234 |
In the Alkacon OpenCms Apollo Template 10.5.4 and 10.5.5, there is XSS in the search engine. Published: August 27, 2019; 8:15:12 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2018-21006 |
The bbp-move-topics plugin before 1.1.6 for WordPress has CSRF. Published: August 27, 2019; 8:15:12 AM -0400 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2018-21005 |
The bbp-move-topics plugin before 1.1.6 for WordPress has code injection. Published: August 27, 2019; 8:15:12 AM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2018-21004 |
The rsvpmaker plugin before 5.6.4 for WordPress has SQL injection. Published: August 27, 2019; 8:15:12 AM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2018-21003 |
The buddyforms plugin before 2.2.8 for WordPress has SQL injection. Published: August 27, 2019; 8:15:12 AM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2018-21002 |
The js-support-ticket plugin before 2.0.6 for WordPress has CSRF. Published: August 27, 2019; 8:15:12 AM -0400 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2018-21001 |
The anycomment plugin before 0.0.33 for WordPress has XSS. Published: August 27, 2019; 8:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-18590 |
The timesheet plugin before 0.1.5 for WordPress has multiple XSS issues. Published: August 27, 2019; 8:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-10935 |
The woocommerce-exporter plugin before 1.8.4 for WordPress has privilege escalation. Published: August 27, 2019; 8:15:11 AM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2016-10934 |
The check-email plugin before 0.5.2 for WordPress has XSS. Published: August 27, 2019; 8:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2015-9349 |
The ckeditor-for-wordpress plugin before 4.5.3.1 for WordPress has reflected XSS in the "built-in (old)" file browser. Published: August 27, 2019; 8:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2015-9347 |
The wp-plotly plugin before 1.0.3 for WordPress has XSS by authors. Published: August 27, 2019; 8:15:11 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |