Lucene search
+L

47 matches found

Cvelist
Cvelist
added 2019/08/21 6:18 p.m.22 views

CVE-2017-18521

The democracy-poll plugin before 5.4 for WordPress has CSRF via wp-admin/options-general.php?page=democracy-poll&subpage=l10n...

8.9AI score0.00739EPSS
Exploits1References2
OSV
OSV
added 2019/03/22 12:29 a.m.4 views

CVE-2019-9908

The font-organizer plugin 2.1.1 for WordPress has wp-admin/options-general.php managefontid XSS...

6.1CVSS5.8AI score0.0142EPSS
Exploits1References4
CNVD
CNVD
added 2018/03/21 12:0 a.m.3 views

WordPress WP HTML Sitemap plugin cross-site request forgery vulnerability

WordPress is the WordPress Software Foundation of a set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.WP HTML Sitemap plugin is used in one of the by entering a short code in the page to add HTML sitemap plugin. A...

6.5CVSS6.9AI score0.00781EPSS
Exploits1References1
CNVD
CNVD
added 2018/02/07 12:0 a.m.7 views

WordPress flickrRSS plugin cross-site scripting vulnerability (CNVD-2018-05367)

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers. flickrRSS plugin is used in one of the plugin to display images. A cross-site scripting vulnerability exists in th...

6.1CVSS6.1AI score0.00901EPSS
Exploits1References1
CNVD
CNVD
added 2018/02/07 12:0 a.m.8 views

WordPress flickrRSS plugin cross-site scripting vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers. flickrRSS plugin is used in one of the plugin to display images. A cross-site scripting vulnerability exists in th...

6.1CVSS6.1AI score0.00901EPSS
Exploits1References1
CNVD
CNVD
added 2018/02/07 12:0 a.m.5 views

WordPress flickrRSS plugin cross-site request forgery vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers. flickrRSS plugin is used in one of the plugin to display images. A cross-site request forgery vulnerability exists...

8.8CVSS6.7AI score0.00589EPSS
Exploits1References1
OSV
OSV
added 2018/02/06 2:29 p.m.5 views

CVE-2018-6468

A cross-site scripting XSS vulnerability in flickrRSS.php in the flickrRSS plugin 5.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the flickrRSSid parameter to wp-admin/options-general.php...

6.1CVSS5.8AI score0.00901EPSS
Exploits1References1
OSV
OSV
added 2018/02/06 2:29 p.m.3 views

CVE-2018-6469

A cross-site scripting XSS vulnerability in flickrRSS.php in the flickrRSS plugin 5.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the flickrRSStags parameter to wp-admin/options-general.php...

6.1CVSS5.8AI score0.00901EPSS
Exploits1References1
CNVD
CNVD
added 2018/01/17 12:0 a.m.4 views

WordPress read-and-understood plugin cross-site scripting vulnerability (CNVD-2018-01260)

WordPress is the WordPress Software Foundation of a set of PHP language development of the blogging platform, the platform supports PHP and MySQL server set up a personal blog site. read-and-understood plugin is the use of one of the use of the document reading plugin . A cross-site scripting...

4.8CVSS6AI score0.00652EPSS
Exploits1References1
CNVD
CNVD
added 2018/01/17 12:0 a.m.4 views

WordPress read-and-understood plugin cross-site request forgery vulnerability

WordPress is the WordPress Software Foundation of a set of PHP language development of the blogging platform, the platform supports PHP and MySQL server set up a personal blog site. read-and-understood plugin is the use of one of the use of the document reading plugin . A cross-site request forge...

8.8CVSS6.7AI score0.00589EPSS
Exploits1References1
OSV
OSV
added 2018/01/13 12:29 a.m.5 views

CVE-2018-5667

An issue was discovered in the read-and-understood plugin 2.1 for WordPress. XSS exists via the wp-admin/options-general.php rnuusernamevalidationpattern parameter...

4.8CVSS5.8AI score0.00652EPSS
Exploits1References1
OSV
OSV
added 2018/01/13 12:29 a.m.5 views

CVE-2018-5669

An issue was discovered in the read-and-understood plugin 2.1 for WordPress. CSRF exists via wp-admin/options-general.php...

8.8CVSS5.8AI score0.00589EPSS
Exploits1References1
NVD
NVD
added 2018/01/12 9:29 a.m.16 views

CVE-2018-5369

The SrbTransLatin plugin 1.46 for WordPress has XSS via an srbtranslatoptions action to wp-admin/options-general.php with a langidentificator parameter...

4.8CVSS5AI score0.00623EPSS
Exploits1References2
OSV
OSV
added 2018/01/08 7:29 a.m.5 views

CVE-2018-5284

The ImageInject plugin 1.15 for WordPress has XSS via the flickrappid parameter to wp-admin/options-general.php...

4.8CVSS5.8AI score0.00799EPSS
Exploits1References3
NVD
NVD
added 2017/11/27 10:29 a.m.14 views

CVE-2017-16955

SQL injection vulnerability in the InLinks plugin through 1.1 for WordPress allows authenticated users to execute arbitrary SQL commands via the "keyword" parameter to /wp-admin/options-general.php?page=inlinks/inlinks.php...

8.8CVSS9.1AI score0.02002EPSS
Exploits1References2
CNVD
CNVD
added 2017/11/01 12:0 a.m.5 views

WordPress wp-noexternallinks plugin cross-site scripting vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers. wp-noexternallinks plugin is one of the link conversion plugin . A cross-site scripting vulnerability exists in...

6.1CVSS6.3AI score0.00954EPSS
Exploits2References1
CNVD
CNVD
added 2015/08/14 12:0 a.m.5 views

WordPress Portfolio 'options-general.php' plugin cross-site forgery vulnerability

WordPress is the WordPress Software Foundation a set of blogging platform using PHP language development, the platform supports in PHP and MySQL server set up a personal blog site.Portfolio is one of the product showcase plugin. A cross-site forgery vulnerability in the WordPress Portfolio...

6.8CVSS6.5AI score0.01178EPSS
Exploits1References1
CNVD
CNVD
added 2015/08/11 12:0 a.m.2 views

WordPress plugin Subscribe to Comments 'options-general.php' local file inclusion vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A local file inclusion vulnerability exists in the WordPress plugin Subscribe to Comments 'options-general.php'. Because the...

6.7AI score
Exploits0References1
CNVD
CNVD
added 2015/07/22 12:0 a.m.7 views

WordPress Plugin Count Per Day SQL Injection Vulnerability

WordPress is a blogging platform developed using the PHP language that allows users to set up their own websites on servers that support PHP and MySQL databases. A SQL injection vulnerability exists in the WordPress plugin Count Per Day. Due to insufficient filtering of data passed as input to th...

7.2CVSS8.3AI score0.07166EPSS
Exploits4References1
CNVD
CNVD
added 2015/07/08 12:0 a.m.6 views

WordPress Google Analyticator 'options-general.php' plugin cross-site request forgery vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers.Google Analyticator is one of the Google Analytics plug-ins. A cross-site request forgery vulnerability exists in t...

8.8CVSS6.7AI score0.01249EPSS
Exploits0References1
Rows per page
Query Builder