Lucene search
K
Optiontree ProjectOptiontree

5 matches found

CVE
CVE
added 2019/08/22 1:27 p.m.55 views

CVE-2019-15321

CVE-2019-15321 applies to the WordPress plugin “Option Tree” prior to version 2.7.3, where an Object Injection vulnerability arises from mishandled serialized classes. The entry is documented across multiple sources (NVD description: “option-tree plugin before 2.7.3 for WordPress has Object Injec...

9.8CVSS9.7AI score0.02147EPSS
CVE
CVE
added 2019/08/22 1:26 p.m.54 views

CVE-2019-15319

CVE-2019-15319 concerns the WordPress plugin OptionTree, vulnerable before version 2.7.0. The issue is PHP Object Injection enabled by leveraging a valid nonce, as described in multiple sources (NVD entry and vendor/WP listings). Impact details in the NVD metrics show high/critical severity (CVSS...

9.8CVSS9.6AI score0.02147EPSS
CVE
CVE
added 2019/08/22 1:27 p.m.51 views

CVE-2019-15320

CVE-2019-15320 concerns the WordPress plugin OptionTree prior to version 2.7.3. The vulnerability is an Object Injection flaw caused by mishandling the + character, as documented by multiple sources (NVD, Red Hat, WPVulndb, etc.). Impact is described as affecting confidentiality, integrity, and a...

9.8CVSS9.7AI score0.02147EPSS
CVE
CVE
added 2019/08/20 3:42 p.m.42 views

CVE-2015-9320

Option-Tree WordPress plugin (versions prior to 2.5.4) contains an XSS vulnerability tied to add_query_arg. Affected component is the plugin itself for WordPress; root cause involves insufficient input validation leading to client-side script execution. CVE-2015-9320 is documented with CVSS value...

6.1CVSS6AI score0.00924EPSS
CVE
CVE
added 2019/08/20 3:28 p.m.36 views

CVE-2016-10895

CVE-2016-10895 affects the WordPress OptionTree plugin (versions before 2.6.0). The vulnerability is a cross-site scripting (XSS) flaw that can be triggered via the add_list_item or add_social_links AJAX requests. The issue allows an attacker to execute client-side code within the context of the ...

6.1CVSS6AI score0.00913EPSS