5776 matches found
CVE-2015-9336
The clean-login plugin before 1.5.1 for WordPress has reflected XSS...
Design/Logic Flaw
The media-library-assistant plugin before 2.74 for WordPress has XSS via the Media/Assistant or Settings/Media Library assistant admin submenu screens...
WordPress eelv-newsletter plugin cross-site request forgery vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. eelv-newsletter is a contact form management plugin used in it. A cross-site request forgery vulnerability exists in the WordPress...
WordPress chained-quiz plugin cross-site scripting vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. chained-quiz is a chained quiz creation plugin used in it. A cross-site scripting vulnerability exists in the WordPress chained-quiz...
WordPress my-wp-translate plugin cross-site request forgery vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. my-wp-translate is a language translation plugin used in it. A cross-site request forgery vulnerability exists in the WordPress...
WordPress wp-all-import plugin cross-site scripting vulnerability (CNVD-2019-28650)
WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. wp-all-import is an XML, CSV file import plugin used in it. A cross-site scripting vulnerability exists in WordPress wp-all-import...
CVE-2012-6714
The count-per-day plugin before 3.2.3 for WordPress has XSS via search words...
Design/Logic Flaw
The cforms2 plugin before 13.2 for WordPress has XSS in libajax.php...
CVE-2016-10909
The booking-calendar-contact-form plugin before 1.0.24 for WordPress has SQL injection...
Cross site scripting
The booking-calendar-contact-form plugin before 1.0.24 for WordPress has XSS...
CVE-2016-10899
The total-security plugin before 3.4.1 for WordPress has a settings-change vulnerability...
WordPress bws-google-analytics plugin cross-site scripting vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. bws-google-analytics is a plugin that uses data from the Google Analytics website analytics or website traffic tracking tool platform ...
WordPress wp-all-import plugin cross-site scripting vulnerability
WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. wp-all-import is an XML, CSV file import plugin used in it. A cross-site scripting vulnerability exists in WordPress wp-all-import...
CVE-2016-10913
The wp-latest-posts plugin before 3.7.5 for WordPress has XSS...
Cross site request forgery (csrf)
The popup-by-supsystic plugin before 1.7.9 for WordPress has CSRF...
CVE-2015-9329
The wp-all-import plugin before 3.2.5 for WordPress has reflected XSS...
CVE-2017-18568
The my-wp-translate plugin before 1.0.4 for WordPress has XSS...
Sql injection
plugin/Audit/Objects/AuditTable.php in YouPHPTube through 7.2 allows SQL Injection...
WordPress companion-sitemap-generator plugin cross-site request forgery vulnerability
WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. companion-sitemap-generator is a sitemap plugin used in it. A cross-site request forgery vulnerability exists in the WordPress...
WordPress jayj-quicktag plugin cross-site request forgery vulnerability
WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports PHP and MySQL servers to set up a personal blog site. jayj-quicktag is used in one of the page tags to add plug-ins . A cross-site request forgery vulnerability exists in the...