Lucene search
K

6450 matches found

NVD
NVD
added 2019/09/16 1:15 p.m.10 views

CVE-2016-10964

The dwnldr plugin before 1.01 for WordPress has XSS via the User-Agent HTTP header...

6.1CVSS6.1AI score0.0102EPSS
Exploits2References2
Prion
Prion
added 2019/09/13 12:15 p.m.11 views

Sql injection

The xtremelocator plugin 1.5 for WordPress has SQL injection via the id parameter...

6.5CVSS8.4AI score0.01598EPSS
Exploits2References2Affected Software1
Prion
Prion
added 2019/08/29 1:15 p.m.15 views

Cross site scripting

The woo-variation-gallery plugin before 1.1.29 for WordPress has XSS...

3.5CVSS5.7AI score0.01038EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2019/08/27 12:15 p.m.16 views

CVE-2015-9346

The cp-polls plugin before 1.0.5 for WordPress has XSS...

6.1CVSS6.4AI score0.00913EPSS
Exploits0References1
NVD
NVD
added 2019/08/22 8:15 p.m.19 views

CVE-2018-20987

The newsletters-lite plugin before 4.6.8.6 for WordPress has PHP object injection...

9.8CVSS9.9AI score0.02129EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/08/21 6:8 p.m.24 views

CVE-2014-10378

The duplicate-post plugin before 2.6 for WordPress has XSS...

6.4AI score0.00913EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/08/21 6:7 p.m.17 views

CVE-2017-18561

The embed-comment-images plugin before 0.6 for WordPress has XSS...

6.4AI score0.00905EPSS
Exploits1References1
Cvelist
Cvelist
added 2019/08/21 12:42 p.m.18 views

CVE-2016-10901

The wp-customer-reviews plugin before 3.0.9 for WordPress has XSS in the admin tools...

6.1AI score0.00913EPSS
Exploits0References1
NVD
NVD
added 2019/08/21 12:15 p.m.14 views

CVE-2016-10896

The seo-redirection plugin before 4.3 for WordPress has stored XSS...

6.1CVSS6.3AI score0.00913EPSS
Exploits0References1
NVD
NVD
added 2019/08/20 4:15 p.m.14 views

CVE-2017-18533

The rimons-twitter-widget plugin before 1.3 for WordPress has XSS...

6.1CVSS6.4AI score0.00905EPSS
Exploits0References1
Prion
Prion
added 2019/08/20 3:15 p.m.15 views

Cross site request forgery (csrf)

The user-domain-whitelist plugin before 1.5 for WordPress has CSRF...

6.8CVSS7.2AI score0.0068EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/08/16 8:21 p.m.17 views

CVE-2018-20972

The companion-auto-update plugin before 3.2.1 for WordPress has CSRF...

9.2AI score0.00649EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/08/14 3:32 p.m.18 views

CVE-2017-18512

The newsletter-by-supsystic plugin before 1.1.8 for WordPress has CSRF...

8.8AI score0.00649EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2019/04/26 11:20 a.m.1 views

Critical Unpatched Flaw Disclosed in WordPress WooCommerce Extension

If you own an eCommerce website built on WordPress and powered by WooCommerce plugin, then beware of a new, unpatched vulnerability that has been made public and could allow attackers to compromise your online store. A WordPress security company—called "Plugin Vulnerabilities "—that recently gone...

7.6AI score
Exploits0
OSV
OSV
added 2019/04/15 8:29 p.m.4 views

CVE-2018-17586

The WP Fastest Cache plugin 0.8.8.5 for WordPress has XSS via the rules0content parameter in a wpfcsavetimeoutpages action...

6.1CVSS5.8AI score0.01365EPSS
Exploits1References3
NVD
NVD
added 2019/03/05 9:29 p.m.15 views

CVE-2019-9575

The Quiz And Survey Master plugin 6.0.4 for WordPress allows wp-admin/admin.php?page=mlwquizresults quizid XSS...

6.1CVSS6.3AI score0.01608EPSS
Exploits2References4
CNVD
CNVD
added 2018/01/11 12:0 a.m.7 views

WordPress Wichipi Events Calendar Plugin SQL Injection Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.Wachipi WP Events Calendar plugin is used in one of the task calendar plugin. A SQL injection vulnerability exists...

9.8CVSS8.1AI score0.0487EPSS
Exploits5References1
CNVD
CNVD
added 2017/12/29 12:0 a.m.7 views

WordPress Easy2Map plugin path traversal vulnerability

WordPress is the WordPress Software Foundation a set of blogging platform developed using the PHP language, the platform supports in PHP and MySQL server set up a personal blog site. easy2Map is one of the support to create a customized Google Maps plugin. A path traversal vulnerability exists in...

9.8CVSS7.2AI score0.07113EPSS
Exploits2References1
Packet Storm
Packet Storm
added 2017/03/03 12:0 a.m.48 views

WordPress Contact Form Manager CSRF / XSS

------------------------------------------------------------------------ Cross-Site Request Forgery & Cross-Site Scripting in Contact Form Manager WordPress Plugin ------------------------------------------------------------------------ Edwin Molenaar, July 2016...

0.4AI score
Exploits0
WPVulnDB
WPVulnDB
added 2016/11/17 12:0 a.m.18 views

Post Indexer <= 3.0.6.1 - PHP Object Injection via MitM

The post-indexer WordPress plugin was affected by a PHP Object Injection via MitM security vulnerability...

6.8CVSS3.7AI score0.01724EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder