2 matches found
CVE-2017-2171
CVE-2017-2171 detail: A cross-site scripting vulnerability affects BestWebSoft WordPress plugins that display the BestWebSoft menu. The issue arises from a common function used to render the menu (CWE-79), enabling remote attackers to execute arbitrary script in a logged-in user’s browser. Affect...
CVE-2015-9335
CVE-2015-9335 : A SQL injection vulnerability exists in the WordPress limit-attempts plugin prior to version 1.1.1 during IP address handling. This affects the plugin used with WordPress, enabling potentially unauthorized SQL commands through crafted input. The CVSS indications show high impact (...