Search Results (Refine Search)
- Results Type: Overview
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2019-14965 |
An issue was discovered in Frappe Framework 10 through 12 before 12.0.4. A server side template injection (SSTI) issue exists. Published: August 12, 2019; 2:15:12 PM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2019-13462 |
Lansweeper before 7.1.117.4 allows unauthenticated SQL injection. Published: August 12, 2019; 1:15:11 PM -0400 |
V4.0:(not available) V3.0: 9.1 CRITICAL V2.0: 6.4 MEDIUM |
CVE-2019-12618 |
HashiCorp Nomad 0.9.0 through 0.9.1 has Incorrect Access Control via the exec driver. Published: August 12, 2019; 1:15:10 PM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 10.0 HIGH |
CVE-2019-14951 |
The Telenav Scout GPS Link app 1.x for iOS, as used with Toyota and Lexus vehicles, has an incorrect protection mechanism against brute-force attacks on the authentication process, which makes it easier for attackers to obtain multimedia-screen access via port 7050 on the cellular network, as demonstrated by a DrivingRestriction method call to uma/jsonrpc/mobile. Published: August 12, 2019; 12:15:15 PM -0400 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2019-14947 |
The ultimate-member plugin before 2.0.52 for WordPress has XSS during an account upgrade. Published: August 12, 2019; 12:15:15 PM -0400 |
V4.0:(not available) V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
CVE-2019-14946 |
The ultimate-member plugin before 2.0.52 for WordPress has XSS related to UM Roles create and edit operations. Published: August 12, 2019; 12:15:15 PM -0400 |
V4.0:(not available) V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
CVE-2019-14945 |
The ultimate-member plugin before 2.0.54 for WordPress has XSS. Published: August 12, 2019; 12:15:15 PM -0400 |
V4.0:(not available) V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
CVE-2018-20966 |
The woocommerce-jetpack plugin before 3.8.0 for WordPress has XSS in the Products Per Page feature. Published: August 12, 2019; 12:15:13 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2018-20965 |
The ultimate-member plugin before 2.0.4 for WordPress has XSS. Published: August 12, 2019; 12:15:13 PM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-18505 |
The twitter-plugin plugin before 2.55 for WordPress has XSS. Published: August 12, 2019; 12:15:13 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-18504 |
The twitter-cards-meta plugin before 2.5.0 for WordPress has CSRF. Published: August 12, 2019; 12:15:13 PM -0400 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2017-18503 |
The twitter-cards-meta plugin before 2.5.0 for WordPress has XSS. Published: August 12, 2019; 12:15:13 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-18502 |
The subscriber plugin before 1.3.5 for WordPress has multiple XSS issues. Published: August 12, 2019; 12:15:13 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-18501 |
The social-login-bws plugin before 0.2 for WordPress has multiple XSS issues. Published: August 12, 2019; 12:15:13 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-18500 |
The social-buttons-pack plugin before 1.1.1 for WordPress has multiple XSS issues. Published: August 12, 2019; 12:15:13 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-18499 |
The simple-membership plugin before 3.5.7 for WordPress has XSS. Published: August 12, 2019; 12:15:12 PM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-10872 |
The ultimate-member plugin before 1.3.40 for WordPress has XSS on the login form. Published: August 12, 2019; 12:15:12 PM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2015-9304 |
The ultimate-member plugin before 1.3.18 for WordPress has XSS via text input. Published: August 12, 2019; 12:15:12 PM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2015-9303 |
The simple-share-buttons-adder plugin before 6.0.0 for WordPress has XSS. Published: August 12, 2019; 12:15:12 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-14950 |
The wp-live-chat-support plugin before 8.0.27 for WordPress has XSS via the GDPR page. Published: August 12, 2019; 11:15:12 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |