152 matches found
CVE-2019-17233
Functions/EWDUFAQImport.php in the ultimate-faqs plugin through 1.8.24 for WordPress allows HTML content injection...
Information disclosure
Functions/EWDUFAQImport.php in the ultimate-faqs plugin through 1.8.24 for WordPress allows unauthenticated options import...
EUVD-2019-7649
Functions/EWDUFAQImport.php in the ultimate-faqs plugin through 1.8.24 for WordPress allows unauthenticated options import...
CVE-2019-17232
CVE-2019-17232 affects the WordPress plugin Ultimate FAQs up to version 1.8.24. The vulnerability occurs in Functions/EWD_UFAQ_Import.php, allowing unauthenticated users to import options (and, per related sources, potentially export/import configurations) without authentication. This can enable ...
CVE-2019-17232
Functions/EWDUFAQImport.php in the ultimate-faqs plugin through 1.8.24 for WordPress allows unauthenticated options import...
CVE-2019-17233
Functions/EWDUFAQImport.php in the ultimate-faqs plugin through 1.8.24 for WordPress allows HTML content injection...
CVE-2019-17233
The CVE affects WordPress plugin Ultimate FAQ (WordPress) up to version 1.8.24. The vulnerability originates in Functions/EWD_UFAQ_Import.php, allowing unauthenticated HTML content injection during FAQ import, potentially exposing malicious content to site visitors. Exploitation details are not p...
CVE-2019-17233
Functions/EWDUFAQImport.php in the ultimate-faqs plugin through 1.8.24 for WordPress allows HTML content injection. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2019-17232
Functions/EWDUFAQImport.php in the ultimate-faqs plugin through 1.8.24 for WordPress allows unauthenticated options import. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
WordPress ultimate-faqs plugin cross-site scripting vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. ultimate-faqs is a FAQ plugin used in it. A cross-site scripting vulnerability exists in the WordPress ultimate-faqs plugin. An attack...
CVE-2019-15643
The ultimate-faqs plugin before 1.8.22 for WordPress has XSS...
CVE-2019-15643
The ultimate-faqs plugin before 1.8.22 for WordPress has XSS...
Cross site scripting
The ultimate-faqs plugin before 1.8.22 for WordPress has XSS...
CVE-2019-15643
The ultimate-faqs plugin before 1.8.22 for WordPress has XSS...
CVE-2019-15643
CVE-2019-15643 affects the WordPress Ultimate FAQ plugin, specifically versions before 1.8.22, with a cross-site scripting (XSS) vulnerability. The root cause and exact exploitation details are not provided in the connected documents, but multiple sources corroborate the XSS risk in this plugin. ...
CVE-2019-14516
The mAadhaar application 1.2.7 for Android lacks SSL Certificate Validation, leading to man-in-the-middle attacks against requests for FAQs or Help...
Design/Logic Flaw
The mAadhaar application 1.2.7 for Android lacks SSL Certificate Validation, leading to man-in-the-middle attacks against requests for FAQs or Help...
CVE-2019-14516
The mAadhaar application 1.2.7 for Android lacks SSL Certificate Validation, leading to man-in-the-middle attacks against requests for FAQs or Help...
CVE-2019-14968
An issue was discovered in imcat 4.9. There is SQL Injection via the index.php order parameter in a mod=faqs action...
CVE-2019-14968
An issue was discovered in imcat 4.9. There is SQL Injection via the index.php order parameter in a mod=faqs action...