CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. option-tree is used in one of the theme selection building plugin. WordPress option-tree plugin has an injection vulnerability. No...

9.8CVSS7.2AI score0.01077EPSS

Exploits0References1

OSV•added 2019/08/22 2:15 p.m.•1 views

CVE-2019-15319

The option-tree plugin before 2.7.0 for WordPress has Object Injection by leveraging a valid nonce...

9.8CVSS5.8AI score

Exploits0References2

NVD•added 2019/08/22 2:15 p.m.•7 views

CVE-2019-15319

The option-tree plugin before 2.7.0 for WordPress has Object Injection by leveraging a valid nonce...

9.8CVSS9.7AI score0.01077EPSS

Exploits0References2

NVD•added 2019/08/22 2:15 p.m.•9 views

CVE-2019-15320

The option-tree plugin before 2.7.3 for WordPress has Object Injection because the + character is mishandled...

9.8CVSS9.8AI score0.01077EPSS

Exploits0References2

NVD•added 2019/08/22 2:15 p.m.•9 views

CVE-2019-15321

The option-tree plugin before 2.7.3 for WordPress has Object Injection because serialized classes are mishandled...

9.8CVSS9.8AI score0.01077EPSS

Exploits0References2

Prion•added 2019/08/22 2:15 p.m.•8 views

Code injection

The option-tree plugin before 2.7.0 for WordPress has Object Injection by leveraging a valid nonce...

7.5CVSS9.6AI score0.01077EPSS

Exploits0References2Affected Software1

CVE•added 2019/08/22 1:27 p.m.•46 views

CVE-2019-15321

CVE-2019-15321 applies to the WordPress plugin “Option Tree” prior to version 2.7.3, where an Object Injection vulnerability arises from mishandled serialized classes. The entry is documented across multiple sources (NVD description: “option-tree plugin before 2.7.3 for WordPress has Object Injec...

9.8CVSS9.7AI score0.01077EPSS

Exploits0References2Affected Software1

Cvelist•added 2019/08/22 1:27 p.m.•10 views

CVE-2019-15321

The option-tree plugin before 2.7.3 for WordPress has Object Injection because serialized classes are mishandled...

9.8AI score0.01077EPSS

Exploits0References2

Cvelist•added 2019/08/22 1:27 p.m.•11 views

CVE-2019-15320

The option-tree plugin before 2.7.3 for WordPress has Object Injection because the + character is mishandled...

9.8AI score0.01077EPSS

Exploits0References2

Cvelist•added 2019/08/22 1:26 p.m.•10 views

CVE-2019-15319

The option-tree plugin before 2.7.0 for WordPress has Object Injection by leveraging a valid nonce...

9.8AI score0.01077EPSS

Exploits0References2

CNVD•added 2019/08/22 12:0 a.m.•1 views

WordPress option-tree plugin cross-site scripting vulnerability (CNVD-2019-31010)

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. option-tree is used in one of the theme selection building plugin. A cross-site scripting vulnerability exists in the WordPress...

6.1CVSS6.3AI score0.0019EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by