51 matches found
CVE-2017-18591
The gd-rating-system plugin before 2.1 for WordPress has XSS in log.php...
Design/Logic Flaw
The gd-rating-system plugin before 2.1 for WordPress has XSS in log.php...
WordPress wp-support-plus-responsive-ticket-system plugin has unspecified vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. wp-support-plus-responsive-ticket-system is a ticket system plugin used in it. A security vulnerability exists in WordPress...
CVE-2019-15331
The wp-support-plus-responsive-ticket-system plugin before 9.1.2 for WordPress has HTML injection...
CloudBees Jenkins File System SCM Plugin Information Disclosure Vulnerability
CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . An information disclosure...
PT-2019-11771 · Jenkins · Jenkins File System Scm Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins File System SCM Plugin version 2.1 and earlier Description: The issue allows attackers who can configure jobs in Jenkins to read the contents of any file on the Jenkins master. This is due to an arbitrary file read vulnerability...
CVE-2019-12239
The WP Booking System plugin 1.5.1 for WordPress has no CSRF protection, which allows attackers to reach certain SQL injection issues that require administrative access...
JSN Framework System Plugin, 2.1.5
JSN Framework System Plugin, versions 2.1.5 and previous, unrestricted file uploads without any authorization Resolution: update to 2.1.6 Update notice: https://www.joomlashine.com/forums/jsn-extension-framework-gen-1-plugin-v2-1-6-is-released.html Users are strongly urged to update immediately...
CVE-2018-5289
The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-information page...
CVE-2018-5291
CVE-2018-5291 affects WordPress GD Rating System plugin v2.3. The vulnerability is a directory traversal flaw in the wp-admin/admin.php panel on the gd-rating-system-tools page, allowing potential reads of arbitrary files (as indicated by CNVD/NVD entries). NVD lists CVSS v3 base score 7.5 (HIGH)...
AjaXplorer < 5.0.1 Multiple Command Execution Vulnerabilities
The version of AjaXplorer hosted on the remote web server is earlier than 5.0.1. It is, therefore, affected by multiple command execution vulnerabilities in the following plugins: - File System Standard Plugin access.fs - Power FS Plugin action.powerfs - Subversion Repository Plugin meta.svn The...