CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3476 matches found

exploitpack•added 2016/12/12 12:0 a.m.•11 views

WordPress Plugin Multisite Post Duplicator 0.9.5.1 - Cross-Site Request Forgery

WordPress Plugin Multisite Post Duplicator 0.9.5.1 - Cross-Site Request Forgery alert1" input type="text" name="el0"...

7.4AI score

Exploits0

Exploit DB•added 2016/12/12 12:0 a.m.•48 views

WordPress Plugin Multisite Post Duplicator 0.9.5.1 - Cross-Site Request Forgery

alert1" input type="text" name="el1...

7.4AI score

Exploits0

Patchstack•added 2016/12/09 12:0 a.m.•9 views

WordPress Multisite Post Duplicator Plugin <= 0.9.5.1 - Cross Site Request Forgery

This plugin is prone to a cross site request forgery vulnerability. Solution Update the plugin...

2.5AI score

Exploits0References2Affected Software1

Packet Storm•added 2016/12/09 12:0 a.m.•28 views

WordPress Multisite Post Duplicator 0.9.5.1 Cross Site Request Forgery

Details ================ Software: Multisite Post Duplicator Version: 0.9.5.1 Homepage: http://wordpress.org/plugins/multisite-post-duplicator/ Advisory report:...

7.4AI score

Exploits0

Patchstack•added 2016/12/09 12:0 a.m.•6 views

WordPress Multisite Post Duplicator Plugin <= 0.9.5.1 - Cross Site Request Forgery

This plugin is prone to a cross site request forgery vulnerability. Solution Update the plugin...

2.5AI score

Exploits0References2Affected Software1

WPVulnDB•added 2016/12/09 12:0 a.m.•19 views

Multisite Post Duplicator <= 0.9.5.1 - Cross-Site Request Forgery (CSRF)

The Multisite Post Duplicator WordPress plugin was affected by a Cross-Site Request Forgery CSRF security vulnerability...

6.8CVSS2.5AI score0.00732EPSS

Exploits1References2Affected Software1

WPVulnDB•added 2016/07/06 12:0 a.m.•18 views

WP Maintenance Mode <= 2.0.6 - Authenticated Multisite Remote Code Execution

The WP Maintenance Mode WordPress plugin was affected by an Authenticated Multisite Remote Code Execution security vulnerability...

6.5CVSS2.9AI score0.01507EPSS

Exploits0References1Affected Software1

securityvulns•added 2015/10/26 12:0 a.m.•84 views

CVE-2015-6535: Stored XSS in YouTube Embed (WordPress plugin) allows admins to compromise super admins

Details ================ Software: YouTube Embed Version: 3.3.2 Homepage: https://wordpress.org/plugins/youtube-embed/ CVE ID: CVE-2015-6535 Pending CWE ID: CWE-79 CVSS: 5.5 Medium; AV:N/AC:L/Au:S/C:P/I:P/A:N Description ================ A stored XSS vulnerability in YouTube Embed 3.3.2 and...

3.5CVSS0.8AI score0.01277EPSS

Exploits2

wpexploit•added 2015/10/19 12:0 a.m.•12 views

Recent Posts Widget Extended <= 0.9.9.3 - Authenticated XSS (multisite)

XSS in the Recent Posts Widget Extended plugin allows single site admins to change network admin's password with simple CSRF described above POC field. This vulnerability is currently unpatched. 1. Login as single site administrator 2. Add Recent Posts Extended Widget to some widget area 3. Add...

0.3AI score

Exploits0References2

WPVulnDB•added 2015/10/19 12:0 a.m.•10 views

Recent Posts Widget Extended <= 0.9.9.3 - Authenticated XSS (multisite)

XSS in the Recent Posts Widget Extended plugin allows single site admins to change network admin's password with simple CSRF described above POC field. This vulnerability is currently unpatched. PoC 1. Login as single site administrator 2. Add Recent Posts Extended Widget to some widget area 3...

0.5AI score

Exploits0References2Affected Software1

NVD•added 2015/08/31 6:59 p.m.•16 views

CVE-2014-2330

Multiple cross-site request forgery CSRF vulnerabilities in the Multisite GUI in CheckMK before 1.2.5i2 allow remote attackers to hijack the authentication of users for requests that 1 upload arbitrary snapshots, 2 delete arbitrary files, or possibly have other unspecified impact via unknown...

6.8CVSS7.6AI score0.01143EPSS

Exploits1References3

UbuntuCve•added 2015/08/31 6:59 p.m.•29 views

CVE-2014-2330

6.8CVSS6.2AI score0.01143EPSS

Exploits1References3

Prion•added 2015/08/31 6:59 p.m.•18 views

Cross site request forgery (csrf)

6.8CVSS7.9AI score0.01143EPSS

Exploits1References3Affected Software1

OSV•added 2015/08/31 6:59 p.m.•0 views

UBUNTU-CVE-2014-2330

6.8CVSS6.1AI score0.01143EPSS

Exploits1References4

Cvelist•added 2015/08/31 6:0 p.m.•30 views

CVE-2014-2330

6.3AI score0.01143EPSS

Exploits1References3

CVE•added 2015/08/31 6:0 p.m.•65 views

CVE-2014-2330

CVE-2014-2330 corresponds to multiple CSRF flaws in the Check_MK Multisite GUI prior to version 1.2.5i2. The issue allows remote attackers to perform authenticated actions on behalf of users, including uploading arbitrary snapshots and deleting arbitrary files, via unknown vectors. Affected produ...

6.8CVSS6.3AI score0.01143EPSS

Exploits1References3Affected Software1

0day.today•added 2015/08/27 12:0 a.m.•55 views

WordPress YouTube Embed 3.3.2 Cross Site Scripting Vulnerability

WordPress YouTube Embed plugin version 3.3.2 suffers from a stored cross site scripting vulnerability. Details ================ Software: YouTube Embed Version: 3.3.2 Homepage: https://wordpress.org/plugins/youtube-embed/ CVE ID: CVE-2015-6535 Pending CWE ID: CWE-79 CVSS: 5.5 Medium;...

3.5CVSS5.9AI score0.01277EPSS

Exploits2

Packet Storm•added 2015/08/26 12:0 a.m.•54 views

WordPress YouTube Embed 3.3.2 Cross Site Scripting

3.5CVSS6.7AI score0.01277EPSS

Exploits2

RedHat Linux•added 2015/07/29 4:26 a.m.•4 views

check-mk: multiple flaws fixed in versions 1.2.4p4 and 1.2.5i4

Multiple cross-site scripting XSS vulnerabilities in the multisite component in CheckMK before 1.2.4p4 and 1.2.5 before 1.2.5i4 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors to the 1 renderstatusicons function in htmllib.py or 2 ajaxaction functio...

3.5CVSS5.8AI score0.01731EPSS

Exploits0References4

Patchstack•added 2015/05/15 12:0 a.m.•13 views

WordPress Multisite Plugin Manager Plugin <= 3.1.1 - Cross Site Scripting

Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update the plugin...

2.3AI score

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by