Lucene search
K

2429 matches found

CVE
CVE
added 2019/10/11 6:0 p.m.113 views

CVE-2015-9485

The CVE-2015-9485 entry concerns ThemeMakers Accio Responsive Parallax One Page Site Template for WordPress (pre-2015-05-15). Affected component/processes allow remote attackers to retrieve sensitive credentials by directly requesting wp-content/uploads/tmm_db_migrate/wp_users.dat, leading to exp...

7.5CVSS7.3AI score0.03065EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2019/10/11 5:59 p.m.97 views

CVE-2015-9483

The CVE-2015-9483 entry concerns ThemeMakers Invento Responsive Gallery/Architecture Template for WordPress, where an information disclosure vulnerability allows remote attackers to obtain sensitive user data (user_login, user_pass, user_email) by directly requesting wp-content/uploads/tmm_db_mig...

7.5CVSS7.3AI score0.03065EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2019/09/18 12:0 a.m.3 views

WordPress jtrt-responsive-tables plugin SQL injection vulnerability

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. jtrt-responsive-tables is used in one of the HTML form editor plugin . A SQL injection vulnerability exists in the WordPress...

8.8CVSS7.9AI score0.01911EPSS
Exploits2References1
OSV
OSV
added 2019/09/17 3:15 p.m.3 views

CVE-2016-10975

The fluid-responsive-slideshow plugin before 2.2.7 for WordPress has reflected XSS via the skin parameter...

6.1CVSS5.8AI score0.00956EPSS
Exploits1References2
OSV
OSV
added 2019/09/17 3:15 p.m.2 views

CVE-2016-10974

The fluid-responsive-slideshow plugin before 2.2.7 for WordPress has frssave CSRF with resultant stored XSS...

8.8CVSS5.8AI score0.00732EPSS
Exploits1References2
NVD
NVD
added 2019/09/17 3:15 p.m.12 views

CVE-2016-10975

The fluid-responsive-slideshow plugin before 2.2.7 for WordPress has reflected XSS via the skin parameter...

6.1CVSS6.1AI score0.00956EPSS
Exploits1References2
CVE
CVE
added 2019/09/17 2:3 p.m.56 views

CVE-2016-10975

The CVE-2016-10975 entry concerns the Fluid Responsive Slideshow WordPress plugin (pre-2.2.7). It describes a reflected XSS vulnerability via the skin parameter, with partial integrity impact and no confidentiality/availability impact per the NVD CVSS data, and with user interaction required in t...

6.1CVSS6AI score0.00956EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2019/09/17 2:2 p.m.36 views

CVE-2016-10974

The CVE-2016-10974 vulnerability affects the Fluid Responsive Slideshow WordPress plugin prior to version 2.2.7, where the frs_save CSRF flaw enables stored XSS. Red Hat and CVE records corroborate the issue as a CSRF-related stored XSS in the plugin for WordPress. The weakness arises in the frs_...

8.8CVSS8.7AI score0.00732EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2019/09/10 11:15 a.m.5 views

CVE-2017-18597

The jtrt-responsive-tables plugin before 4.1.2 for WordPress has SQL Injection via the admin/class-jtrt-responsive-tables-admin.php tableId parameter...

8.8CVSS5.8AI score0.01911EPSS
Exploits2References3
NVD
NVD
added 2019/09/10 11:15 a.m.12 views

CVE-2017-18597

The jtrt-responsive-tables plugin before 4.1.2 for WordPress has SQL Injection via the admin/class-jtrt-responsive-tables-admin.php tableId parameter...

8.8CVSS9.3AI score0.01911EPSS
Exploits2References3
CVE
CVE
added 2019/09/10 10:56 a.m.47 views

CVE-2017-18597

The CVE-2017-18597 vulnerability affects the WordPress plugin jtrt-responsive-tables (before 4.1.2). Root cause: SQL Injection in admin/class-jtrt-responsive-tables-admin.php via the tableId parameter, exploitable via crafted POST data (authenticated user context shown in PoC). Impact per sources...

8.8CVSS9.2AI score0.01911EPSS
Exploits2References3Affected Software1
Cvelist
Cvelist
added 2019/09/10 10:56 a.m.15 views

CVE-2017-18597

The jtrt-responsive-tables plugin before 4.1.2 for WordPress has SQL Injection via the admin/class-jtrt-responsive-tables-admin.php tableId parameter...

9.3AI score0.01911EPSS
Exploits2References3
Packet Storm
Packet Storm
added 2019/09/02 12:0 a.m.265 views

Kaseya VSA Agent 9.5 Privilege Escalation

Exploit Title: Kaseya VSA agent CVE-2017-12410 found by Filip Palian. A a fix was put in place for the original CVE, however it was specific to binaries and not scripts. The root cause for both issues is allowing a low privileged group excessive permissions to a folder used by a elevated process...

6.9CVSS0.2AI score0.00251EPSS
Exploits5
OpenVAS
OpenVAS
added 2019/08/28 12:0 a.m.18 views

WordPress Responsive Menu Plugin < 3.1.4 CSRF Vulnerability

The WordPress plugin Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the...

8.8CVSS8.9AI score0.00649EPSS
Exploits0References1
CNVD
CNVD
added 2019/08/23 12:0 a.m.3 views

WordPress wp-support-plus-responsive-ticket-system plugin cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. wp-support-plus-responsive-ticket-system is a ticket system plugin used in it. A cross-site scripting vulnerability exists in WordPres...

6.1CVSS6.2AI score0.00913EPSS
Exploits0References1
NVD
NVD
added 2019/08/22 7:15 p.m.27 views

CVE-2014-10388

The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has full path disclosure...

5.3CVSS5.4AI score0.01332EPSS
Exploits0References1
Prion
Prion
added 2019/08/22 7:15 p.m.10 views

Design/Logic Flaw

The wp-support-plus-responsive-ticket-system plugin before 4.1 for WordPress has JavaScript injection...

4.3CVSS7.7AI score0.00913EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/08/22 7:15 p.m.17 views

Sql injection

The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has SQL injection...

7.5CVSS8.4AI score0.01795EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/08/22 6:58 p.m.48 views

CVE-2019-15331

The CVE-2019-15331 entry concerns the WordPress plugin wp-support-plus-responsive-ticket-system, affected in all versions prior to 9.1.2. Multiple connected sources confirm a vulnerability described as HTML injection / stored cross-site scripting (XSS) in this plugin. The vulnerability stems from...

6.1CVSS6.6AI score0.00913EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/08/22 6:57 p.m.40 views

CVE-2016-10930

The CVE-2016-10930 entry concerns the WordPress plugin WP Support Plus Responsive Ticket System. Affected component: the wp-support-plus-responsive-ticket-system plugin for WordPress. Root cause: insecure direct object reference via a ticket number in the plugin prior to version 7.1.0. Impact: po...

9.8CVSS9.3AI score0.02016EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder