CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15 matches found

Visitors Online by BestWebSoft < 1.0.0 - Cross-Site Scripting

The visitors-online plugin before 1.0.0 for WordPress has multiple XSS issues. id: CVE-2017-18537 info: name: Visitors Online by BestWebSoft 1.0.0 - Cross-Site Scripting author: luisfelipe146 severity: medium description: | The visitors-online plugin before 1.0.0 for WordPress has multiple XSS...

6.1CVSS6AI score0.00059EPSS

Exploits1References4

RedhatCVE•added 2026/01/09 10:32 a.m.•2 views

CVE-2017-18537

The visitors-online plugin before 1.0.0 for WordPress has multiple XSS issues...

6.1CVSS6.4AI score0.00059EPSS

Exploits1References1

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2017-9653

Malware in sbrugna...

6.1CVSS6.3AI score0.00059EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2015-9165

Malware in sbrugna...

9.8CVSS9.5AI score0.00546EPSS

Exploits0References2

CNVD•added 2019/08/23 12:0 a.m.•2 views

WordPress visitors-online plugin cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. visitors-online is a plugin for website visitor statistics. A cross-site scripting vulnerability exists in the WordPress visitors-onli...

6.1CVSS6.2AI score0.00059EPSS

Exploits1References1

NVD•added 2019/08/21 12:15 p.m.•12 views

CVE-2017-18537

The visitors-online plugin before 1.0.0 for WordPress has multiple XSS issues...

6.1CVSS6.1AI score0.00059EPSS

Exploits1References1

OSV•added 2019/08/21 12:15 p.m.•0 views

CVE-2017-18537

The visitors-online plugin before 1.0.0 for WordPress has multiple XSS issues...

6.1CVSS5.8AI score

Exploits0References1

Prion•added 2019/08/21 12:15 p.m.•10 views

Cross site scripting

The visitors-online plugin before 1.0.0 for WordPress has multiple XSS issues...

4.3CVSS6AI score0.00059EPSS

Exploits1References1Affected Software1

CVE•added 2019/08/21 11:55 a.m.•63 views

CVE-2017-18537

CVE-2017-18537 affects the WordPress plugin Visitors Online by BestWebSoft prior to version 1.0.0. The connected documents confirm multiple Cross-Site Scripting (XSS) issues in the plugin’s input handling, enabling an authenticated attacker to execute arbitrary JavaScript in victims’ browsers and...

6.1CVSS6AI score0.00059EPSS

Exploits1References1Affected Software1

Cvelist•added 2019/08/21 11:55 a.m.•15 views

CVE-2017-18537

The visitors-online plugin before 1.0.0 for WordPress has multiple XSS issues...

6.1AI score0.00059EPSS

Exploits1References1

CNVD•added 2019/08/20 12:0 a.m.•0 views

WordPress visitors-online plugin SQL injection vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. visitors-online is a plugin for website visitor statistics. A SQL injection vulnerability exists in the WordPress visitors-online...

9.8CVSS8AI score0.00546EPSS

Exploits0References1

NVD•added 2019/08/16 2:15 p.m.•14 views

CVE-2015-9325

The visitors-online plugin before 0.4 for WordPress has SQL injection...

9.8CVSS10AI score0.00546EPSS

Exploits0References1

Cvelist•added 2019/08/16 1:41 p.m.•16 views

CVE-2015-9325

The visitors-online plugin before 0.4 for WordPress has SQL injection...

10AI score0.00546EPSS

Exploits0References1

CVE•added 2019/08/16 1:41 p.m.•83 views

CVE-2015-9325

The CVE-2015-9325 entry corresponds to a SQL injection vulnerability in the WordPress plugin visitors-online (versions prior to 0.4). The vulnerability is triggered via the plugin’s handling of input in SQL context, allowing manipulation of SQL commands (as per the consolidated sources). Impact i...

9.8CVSS9.9AI score0.00546EPSS

Exploits0References1Affected Software1

WPVulnDB•added 2015/10/26 12:0 a.m.•14 views

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by