CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

Tenable Nessus•added 2022/10/20 12:0 a.m.•6 views

WordPress 4.0.x < 4.0.37 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A stored Cross-Site Scripting XSS via wp-mail.php post by email. - An open redirect in wpnonceays. - Sender's email address is exposed in wp-mail.php. - A Cross-Site...

7.8AI score

Exploits0References2

Tenable Nessus•added 2022/09/12 12:0 a.m.•15 views

WordPress 4.0.x < 4.0.36 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A SQL injection vulnerability within the Link API. - A Cross-Site Scripting XSS vulnerability on the Plugins screen. - An output escaping issue within themeta. Note that t...

7.4AI score

Exploits0References1

Tenable Nessus•added 2020/11/12 12:0 a.m.•23 views

WordPress 4.0.x < 4.0.32 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A deserialization vulnerability exists in RequestsUtilityFilteredIterator class. - A cross-site scripting XSS vulnerability exists via global variables and post slugs. - A...

9.8CVSS9.5AI score0.27967EPSS

Exploits1References11

Packet Storm•added 2020/04/05 12:0 a.m.•150 views

WordPress Car Rental System 1.3 Cross Site Scripting

Exploit Title: WordPress Car Rental System 1.3 XSS Vunlerability Google Dork:N/A Date: 2020-04-04 Exploit Author: @ThelastVvV Vendor Homepage: https://codecanyon.net/item/car-rental-system-wordpress-plugin/4239755?srank=3 Version: 1.3 Tested on: 5.4.0-kali4-amd64...

7.4AI score

Exploits0

Prion•added 2018/09/16 2:29 a.m.•15 views

Open redirect

The Feed Statistics plugin before 4.0 for WordPress has an Open Redirect via the feed-stats-url parameter...

5.8CVSS6.4AI score0.0026EPSS

Exploits1References4Affected Software1

Cvelist•added 2015/08/05 10:0 a.m.•23 views

CVE-2015-3439

Cross-site scripting XSS vulnerability in the Ephox formerly Moxiecode plupload.flash.swf shim 2.1.2 in Plupload, as used in WordPress 3.9.x, 4.0.x, and 4.1.x before 4.1.2 and other products, allows remote attackers to execute same-origin JavaScript functions via the target parameter, as...

5.6AI score0.03125EPSS

Exploits1References11

Exploit DB•added 2015/01/19 12:0 a.m.•62 views

WordPress Plugin Cforms 14.7 - Remote Code Execution

Exploit Title: Remote Code Execution via Unauthorised File upload in Cforms 14.7 Date: 2015-01-19 Exploit Author: Zakhar Vendor Homepage: https://wordpress.org/plugins/cforms2/ Software Link: https://downloads.wordpress.org/plugin/cforms2.zip Version: 14.7 Tested on: Wordpress 4.0 CVE : 2014-9473...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by