Lucene search
K

48 matches found

cnvd
cnvd
added 2019/09/29 12:0 a.m.2 views

WordPress sitepress-multilingual-cms (WPML) plugin cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. sitepress-multilingual-cms WPML plugin is a website multilingual support plugin used in it. A cross-site scripting vulnerability exist...

6.1CVSS6.3AI score0.0102EPSS
Exploits1References1
cnvd
cnvd
added 2019/03/12 12:0 a.m.1 views

File Upload Vulnerability in Acme CMS 2.0

Acme CMS is a CMS builder using PHP + Mysql architecture, multi-language, responsive display, suitable for personal website construction. Acme CMS 2.0 suffers from a file upload vulnerability, which can be exploited by attackers to gain control of the web server...

7.3AI score
Exploits0
cvelist
cvelist
added 2018/10/08 10:0 p.m.32 views

CVE-2018-18069

processforms in the WPML aka sitepress-multilingual-cms plugin through 3.6.3 for WordPress has XSS via any localefilename parameter such as localefilenameen in an authenticated theme-localization.php request to wp-admin/admin.php...

6AI score0.13207EPSS
Exploits2References1
cve
cve
added 2018/10/08 10:0 p.m.91 views

CVE-2018-18069

The CVE-2018-18069 entry concerns the WordPress plugin sitepress-multilingual-cms (WPML) up to version 3.6.3. A Cross-Site Scripting (XSS) flaw exists in the process_forms function via any locale_file_name_ parameter (e.g., locale_file_name_en) when making an authenticated request to wp-admin/adm...

6.1CVSS5.9AI score0.13207EPSS
Exploits2References1Affected Software1
cve
cve
added 2015/03/30 2:0 p.m.62 views

CVE-2015-2791

CVE-2015-2791 affects the WordPress WPML plugin prior to 3.1.9. The vulnerability is in the plugin’s menu sync function and allows remote attackers to delete arbitrary posts, pages, and menus via a crafted request to sitepress-multilingual-cms/menu/menus-sync.php. The evidence base also notes bro...

6.4CVSS6.9AI score0.13294EPSS
Exploits1References5Affected Software1
cvelist
cvelist
added 2015/03/30 2:0 p.m.26 views

CVE-2015-2791

The "menu sync" function in the WPML plugin before 3.1.9 for WordPress allows remote attackers to delete arbitrary posts, pages, and menus via a crafted request to sitepress-multilingual-cms/menu/menus-sync.php...

6.7AI score0.13294EPSS
Exploits1References5
wpvulndb
wpvulndb
added 2015/03/12 12:0 a.m.33 views

WPML <= 3.1.7.2 - Multiple Vulnerabilities (Including SQLi)

The sitepress-multilingual-cms WordPress plugin was affected by a Multiple Vulnerabilities Including SQLi security vulnerability...

7.5CVSS2.5AI score0.13294EPSS
Exploits3References5Affected Software1
zdt
zdt
added 2012/12/30 12:0 a.m.322 views

Wordpress plugins sitepress-multilingual-cms Full Path Disclosure

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

7.1AI score
Exploits0
Rows per page
Query Builder