Lucene search
K

67 matches found

Prion
Prion
added 2014/03/14 2:55 p.m.18 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Marekkis Watermark plugin 0.9.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the pfad parameter to wp-admin/options-general.php. NOTE: some of these details are obtained from third party information...

4.3CVSS6.3AI score0.02053EPSS
Exploits2References4Affected Software1
CVE
CVE
added 2014/03/14 2:0 p.m.55 views

CVE-2013-1758

CVE-2013-1758 affects the Marekkis Watermark WordPress plugin (version 0.9.2) and enables cross-site scripting via the pfad parameter to wp-admin/options-general.php. The flaw is a reflective XSS in the admin path, allowing remote attackers to inject arbitrary script/HTML. Public sources consiste...

4.3CVSS5.9AI score0.02053EPSS
Exploits2References4Affected Software1
Cvelist
Cvelist
added 2014/01/02 3:0 p.m.21 views

CVE-2013-6992

Cross-site request forgery CSRF vulnerability in askapache-firefox-adsense.php in the AskApache Firefox Adsense plugin 3.0 and earlier for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the aafireadco...

6.3AI score0.01151EPSS
Exploits4References4
Patchstack
Patchstack
added 2013/11/01 12:0 a.m.22 views

WordPress Tweet Blender Plugin <= 4.0.1 - XSS

Because of this vulnerability, the attackers can inject arbitrary web script or HTML via the "tbtabindex" parameter to wp-admin/options-general.php. Solution Update the plugin...

4.3CVSS2.8AI score0.02058EPSS
Exploits3References1Affected Software1
Patchstack
Patchstack
added 2012/05/21 12:0 a.m.29 views

WordPress User Photo Plugin <= 0.9.5.1 - XSS

Because of this vulnerability in user-photo.php, attackers can inject arbitrary web script or HTML via the PATHINFO to wp-admin/options-general.php. Solution Update the plugin...

4.3CVSS2.9AI score0.02165EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2008/01/10 12:46 a.m.17 views

CVE-2008-0205

Multiple cross-site request forgery CSRF vulnerabilities in math-comment-spam-protection.php in the Math Comment Spam Protection 2.1 and earlier plugin for WordPress allow remote attackers to perform actions as administrators via the 1 mcspoptmsgnoanswer or 2 mcspoptmsgwronganswer parameter to...

4.3CVSS7.1AI score0.01885EPSS
Exploits1References4
Prion
Prion
added 2007/08/03 8:17 p.m.16 views

Sql injection

SQL injection vulnerability in options.php in WordPress 2.2.1 allows remote authenticated administrators to execute arbitrary SQL commands via the pageoptions parameter to 1 options-general.php, 2 options-writing.php, 3 options-reading.php, 4 options-discussion.php, 5 options-privacy.php, 6...

6.5CVSS8.3AI score0.01899EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder