U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
There are 243,523 matching records.
Displaying matches 122,101 through 122,120.
Vuln ID Summary CVSS Severity
CVE-2017-18564

The sender plugin before 1.2.1 for WordPress has multiple XSS issues.

Published: August 21, 2019; 2:15:11 PM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-18563

The rsvp plugin before 2.3.8 for WordPress has persistent XSS via the note field on the attendee-list screen.

Published: August 21, 2019; 2:15:11 PM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-10912

The universal-analytics plugin before 1.3.1 for WordPress has XSS.

Published: August 21, 2019; 2:15:10 PM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-10911

The profile-builder plugin before 2.4.2 for WordPress has multiple XSS issues.

Published: August 21, 2019; 2:15:10 PM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-10910

The formbuilder plugin before 1.06 for WordPress has multiple XSS issues.

Published: August 21, 2019; 2:15:10 PM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2015-9328

The profile-builder plugin before 2.2.5 for WordPress has XSS.

Published: August 21, 2019; 2:15:10 PM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2015-9327

The flickr-justified-gallery plugin before 3.4.0 for WordPress has XSS.

Published: August 21, 2019; 2:15:10 PM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2014-10380

The profile-builder plugin before 1.1.66 for WordPress has multiple XSS issues in forms.

Published: August 21, 2019; 2:15:10 PM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2012-6715

The formbuilder plugin before 0.9.1 for WordPress has XSS via a Referer header.

Published: August 21, 2019; 2:15:10 PM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2019-3634

Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.2.8 allows local user to cause the Windows operating system to "blue screen" via an encrypted message sent to DLPe which when decrypted results in DLPe reading unallocated memory.

Published: August 21, 2019; 12:15:10 PM -0400 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2019-3633

Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.2.8 allows local user to cause the Windows operating system to "blue screen" via a carefully constructed message sent to DLPe which bypasses DLPe internal checks and results in DLPe reading unallocated memory.

Published: August 21, 2019; 12:15:09 PM -0400 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2019-13458

An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.8, and Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. An attacker who is logged into OTRS as an agent user with appropriate permissions can leverage OTRS notification tags in templates in order to disclose hashed user passwords.

Published: August 21, 2019; 10:15:10 AM -0400 		V4.0:(not available)
 V3.1: 6.5 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2019-12746

An issue was discovered in Open Ticket Request System (OTRS) Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. A user logged into OTRS as an agent might unknowingly disclose their session ID by sharing the link of an embedded ticket article with third parties. This identifier can be then be potentially abused in order to impersonate the agent user.

Published: August 21, 2019; 10:15:10 AM -0400 		V4.0:(not available)
 V3.1: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2019-15112

The wp-slimstat plugin before 4.8.1 for WordPress has XSS.

Published: August 21, 2019; 9:15:12 AM -0400 		V4.0:(not available)
 V3.1: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2019-15111

The wp-front-end-profile plugin before 0.2.2 for WordPress has a privilege escalation issue.

Published: August 21, 2019; 9:15:12 AM -0400 		V4.0:(not available)
 V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2019-15110

The wp-front-end-profile plugin before 0.2.2 for WordPress has XSS.

Published: August 21, 2019; 9:15:12 AM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-18565

The updater plugin before 1.35 for WordPress has multiple XSS issues.

Published: August 21, 2019; 9:15:12 AM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-18560

The content-audit plugin before 1.9.2 for WordPress has XSS.

Published: August 21, 2019; 9:15:12 AM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-18558

The bws-testimonials plugin before 0.1.9 for WordPress has multiple XSS issues.

Published: August 21, 2019; 9:15:11 AM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-18557

The bws-google-maps plugin before 1.3.6 for WordPress has multiple XSS issues.

Published: August 21, 2019; 9:15:11 AM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM