Lucene search
+L

1763 matches found

CNVD
CNVD
added 2018/01/17 12:0 a.m.5 views

WordPress booking-calendar plugin cross-site scripting vulnerability (CNVD-2018-01252)

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site. booking-calendar plugin is used in one of the online booking plugin. A cross-site scripting vulnerability exists ...

4.8CVSS6.2AI score0.00623EPSS
Exploits1References1
CNVD
CNVD
added 2018/01/17 12:0 a.m.4 views

WordPress responsive-coming-soon-page plugin cross-site scripting vulnerability (CNVD-2018-01256)

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language , the platform supports PHP and MySQL servers to set up a personal blog site . responsive-coming-soon-page plugin is used in one of the test system maintenance plugin . A cross-site scriptin...

4.8CVSS6AI score0.00706EPSS
Exploits1References1
OSV
OSV
added 2018/01/13 12:29 a.m.4 views

CVE-2018-5654

An issue was discovered in the weblizar-pinterest-feeds plugin 1.1.1 for WordPress. XSS exists via the wp-admin/admin-ajax.php PFFREEAccessToken parameter...

6.1CVSS5.8AI score0.00954EPSS
Exploits1References2
CNVD
CNVD
added 2018/01/11 12:0 a.m.4 views

WordPress tabs-responsive plugin cross-site scripting vulnerability

WordPress is the WordPress Software Foundation of a set of blogging platform developed using the PHP language, the platform supports PHP and MySQL server set up a personal blog site. tabs-responsive plugin is used in which a tab to add plug-ins. A cross-site scripting vulnerability exists in...

5.4CVSS6.2AI score0.00595EPSS
Exploits1References1
CNVD
CNVD
added 2018/01/04 12:0 a.m.4 views

Wordpress Furikake plugin open to redirection vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites on PHP and MySQL servers.Furikake is used in one of the statistics plugin. An open redirect vulnerability exists in version 0.1.0 of the Wordpress...

6.1CVSS6.6AI score0.00863EPSS
Exploits1References1
WPVulnDB
WPVulnDB
added 2017/12/19 12:0 a.m.11 views

WP Site Protect 1.0 - Cross-Site Scripting (XSS)

The wp-site-protect allows to protect the access to a wordpress website with a global password. Passwords can be randomly generated or manually set, the "password" field is not properly sanitized, allowing some XSS in different views of the plugins in the administration section. It seems that the...

3.3AI score
Exploits0References1Affected Software1
OSV
OSV
added 2017/12/03 7:29 p.m.5 views

CVE-2017-17096

Cross-site scripting XSS vulnerability in the Content Cards plugin before 0.9.7 for WordPress allows remote attackers to inject arbitrary JavaScript via crafted OpenGraph data...

6.1CVSS5.9AI score0.00913EPSS
Exploits0References2
CNVD
CNVD
added 2017/11/13 12:0 a.m.8 views

WordPress Ultimate Instagram Feed Plugin Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's suite of blogging platforms developed using the PHP language, which supports setting up personal blog sites on servers with PHP and MySQL.Ultimate Instagram Feed plugin is a photo wall plugin used in... A cross-site scripting vulnerability exists i...

4.8CVSS6AI score0.01028EPSS
Exploits2References1
CNVD
CNVD
added 2017/11/09 12:0 a.m.5 views

HashiCorp Vagrant VMware Fusion Plugin Elevation of Privilege Vulnerability (CNVD-2017-33966)

The HashiCorp Vagrant VMware Fusion plugin aka vagrant-vmware-fusion is a tool developed by HashiCorp in the United States for building and managing virtual machine environments on VMware virtual machines. A security vulnerability exists in the HashiCorp Vagrant VMware Fusion plugin version 5.0.0...

7CVSS6.7AI score0.00902EPSS
Exploits3References1
CNVD
CNVD
added 2017/10/23 12:0 a.m.8 views

IrfanView CADImage plugin buffer overflow vulnerability (CNVD-2017-33229)

IrfanView is an image viewer developed by Irfan Skiljan, a software developer from Bosnia and Herzegovina, which supports image browsing, image editing, image format conversion, etc. CADImage plugin is one of the plugins for viewing CAD files. A buffer overflow vulnerability exists in version...

7.8CVSS8.1AI score0.02232EPSS
Exploits0References1
CNVD
CNVD
added 2017/10/23 12:0 a.m.5 views

IrfanView CADImage plugin buffer overflow vulnerability (CNVD-2017-32383)

IrfanView is an image viewer developed by Irfan Skiljan, a software developer from Bosnia and Herzegovina, which supports image browsing, image editing, image format conversion, etc. CADImage plugin is one of the plugins for viewing CAD files. A buffer overflow vulnerability exists in version...

7.8CVSS8.1AI score0.0225EPSS
Exploits0References1
NVD
NVD
added 2017/10/11 6:29 p.m.23 views

CVE-2017-15258

IrfanView version 4.44 32bit with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to a "Read Access Violation starting at PDF!xmlParserInputRead+0x0000000000161a9c."...

7.8CVSS8.3AI score0.01991EPSS
Exploits0References1
NVD
NVD
added 2017/10/11 6:29 p.m.21 views

CVE-2017-15249

IrfanView version 4.44 32bit with PDF plugin version 4.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .pdf file, related to "Data from Faulting Address controls Code Flow starting at PDF!xmlGetGlobalState+0x00000000000668d6."...

7.8CVSS8.2AI score0.02538EPSS
Exploits0References1
OSV
OSV
added 2017/10/11 6:29 p.m.6 views

CVE-2017-15241

IrfanView version 4.44 32bit with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faulting Address controls Branch Selection starting at PDF!xmlParserInputRead+0x00000000000929f5."...

7.8CVSS5.8AI score0.01991EPSS
Exploits0References1
OSV
OSV
added 2017/09/27 8:29 a.m.3 views

CVE-2017-14766

The Simple Student Result plugin before 1.6.4 for WordPress has an Authentication Bypass vulnerability because the fnssraddstsubmit function and fnssrdelstsubmit function in functions.php only require knowing the student id number...

7.5CVSS5.8AI score0.01801EPSS
Exploits2References3
CNVD
CNVD
added 2017/03/10 12:0 a.m.8 views

WordPress Mail Masta plugin SQL injection vulnerability (CNVD-2017-02636)

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers.Mail Masta aka mail-masta is one of the email plug-ins. WordPress Mail Masta plugin version 1.0 in...

7.2CVSS8.2AI score0.01701EPSS
Exploits2References1
OSV
OSV
added 2017/01/15 2:59 a.m.4 views

UBUNTU-CVE-2017-5488

Multiple cross-site scripting XSS vulnerabilities in wp-admin/update-core.php in WordPress before 4.7.1 allow remote attackers to inject arbitrary web script or HTML via the 1 name or 2 version header of a plugin...

6.1CVSS7AI score0.01755EPSS
Exploits0References9
CNVD
CNVD
added 2016/10/13 12:0 a.m.5 views

Wordpress enhanced-tooltipglossary plugin cross-site scripting vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language , the platform supports PHP and MySQL servers to set up a personal blog site . enhanced-tooltipglossary is one of the plug-ins to improve the performance of the view image caching . A...

6.1CVSS5.8AI score0.04426EPSS
Exploits1References1
CNVD
CNVD
added 2016/10/13 12:0 a.m.4 views

Wordpress photoxhibit plugin cross-site scripting vulnerability (CNVD-2016-09355)

WordPress is the WordPress Software Foundation a set of blogging platform developed using the PHP language , the platform supports in PHP and MySQL server set up a personal blog site . photoxhibit is one of the interfaces used to build gallery plug-ins . A cross-site scripting vulnerability exist...

6.1CVSS5.9AI score0.03558EPSS
Exploits1References1
OSV
OSV
added 2016/10/10 8:59 p.m.2 views

CVE-2016-1000140

Reflected XSS in wordpress plugin new-year-firework v1.1.9...

6.1CVSS5.8AI score0.03432EPSS
Exploits2References3
Rows per page
Query Builder