47 matches found
CVE-2017-18521
The democracy-poll plugin before 5.4 for WordPress has CSRF via wp-admin/options-general.php?page=democracy-poll&subpage=l10n...
CVE-2019-9908
The font-organizer plugin 2.1.1 for WordPress has wp-admin/options-general.php managefontid XSS...
WordPress WP HTML Sitemap plugin cross-site request forgery vulnerability
WordPress is the WordPress Software Foundation of a set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.WP HTML Sitemap plugin is used in one of the by entering a short code in the page to add HTML sitemap plugin. A...
WordPress flickrRSS plugin cross-site scripting vulnerability (CNVD-2018-05367)
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers. flickrRSS plugin is used in one of the plugin to display images. A cross-site scripting vulnerability exists in th...
WordPress flickrRSS plugin cross-site scripting vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers. flickrRSS plugin is used in one of the plugin to display images. A cross-site scripting vulnerability exists in th...
WordPress flickrRSS plugin cross-site request forgery vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers. flickrRSS plugin is used in one of the plugin to display images. A cross-site request forgery vulnerability exists...
CVE-2018-6468
A cross-site scripting XSS vulnerability in flickrRSS.php in the flickrRSS plugin 5.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the flickrRSSid parameter to wp-admin/options-general.php...
CVE-2018-6469
A cross-site scripting XSS vulnerability in flickrRSS.php in the flickrRSS plugin 5.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the flickrRSStags parameter to wp-admin/options-general.php...
WordPress read-and-understood plugin cross-site scripting vulnerability (CNVD-2018-01260)
WordPress is the WordPress Software Foundation of a set of PHP language development of the blogging platform, the platform supports PHP and MySQL server set up a personal blog site. read-and-understood plugin is the use of one of the use of the document reading plugin . A cross-site scripting...
WordPress read-and-understood plugin cross-site request forgery vulnerability
WordPress is the WordPress Software Foundation of a set of PHP language development of the blogging platform, the platform supports PHP and MySQL server set up a personal blog site. read-and-understood plugin is the use of one of the use of the document reading plugin . A cross-site request forge...
CVE-2018-5667
An issue was discovered in the read-and-understood plugin 2.1 for WordPress. XSS exists via the wp-admin/options-general.php rnuusernamevalidationpattern parameter...
CVE-2018-5669
An issue was discovered in the read-and-understood plugin 2.1 for WordPress. CSRF exists via wp-admin/options-general.php...
CVE-2018-5369
The SrbTransLatin plugin 1.46 for WordPress has XSS via an srbtranslatoptions action to wp-admin/options-general.php with a langidentificator parameter...
CVE-2018-5284
The ImageInject plugin 1.15 for WordPress has XSS via the flickrappid parameter to wp-admin/options-general.php...
CVE-2017-16955
SQL injection vulnerability in the InLinks plugin through 1.1 for WordPress allows authenticated users to execute arbitrary SQL commands via the "keyword" parameter to /wp-admin/options-general.php?page=inlinks/inlinks.php...
WordPress wp-noexternallinks plugin cross-site scripting vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers. wp-noexternallinks plugin is one of the link conversion plugin . A cross-site scripting vulnerability exists in...
WordPress Portfolio 'options-general.php' plugin cross-site forgery vulnerability
WordPress is the WordPress Software Foundation a set of blogging platform using PHP language development, the platform supports in PHP and MySQL server set up a personal blog site.Portfolio is one of the product showcase plugin. A cross-site forgery vulnerability in the WordPress Portfolio...
WordPress plugin Subscribe to Comments 'options-general.php' local file inclusion vulnerability
WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A local file inclusion vulnerability exists in the WordPress plugin Subscribe to Comments 'options-general.php'. Because the...
WordPress Plugin Count Per Day SQL Injection Vulnerability
WordPress is a blogging platform developed using the PHP language that allows users to set up their own websites on servers that support PHP and MySQL databases. A SQL injection vulnerability exists in the WordPress plugin Count Per Day. Due to insufficient filtering of data passed as input to th...
WordPress Google Analyticator 'options-general.php' plugin cross-site request forgery vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers.Google Analyticator is one of the Google Analytics plug-ins. A cross-site request forgery vulnerability exists in t...