Search
Search Results (333860 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-9420 | 1 Mightymess | 1 Soundcloud Is Gold | 2024-11-21 | 6.1 Medium |
| The soundcloud-is-gold plugin before 2.3.2 for WordPress has XSS via the wp-admin/admin-ajax.php?action=get_soundcloud_player id parameter. | ||||
| CVE-2015-9419 | 1 Captain-slider Project | 1 Captain-slider | 2024-11-21 | 6.1 Medium |
| The captain-slider plugin 1.0.6 for WordPress has XSS via a Title or Caption section. | ||||
| CVE-2015-9418 | 1 Kibokolabs | 1 Watupro | 2024-11-21 | 4.3 Medium |
| The Watu Pro plugin before 4.9.0.8 for WordPress has CSRF that allows an attacker to delete quizzes. | ||||
| CVE-2015-9417 | 1 Slidervilla | 1 Testimonial Slider | 2024-11-21 | 6.5 Medium |
| The testimonial-slider plugin through 1.2.1 for WordPress has CSRF with resultant XSS. | ||||
| CVE-2015-9416 | 1 Onthegosystems | 1 Sitepress-multilingual-cms | 2024-11-21 | 6.1 Medium |
| The sitepress-multilingual-cms (WPML) plugin 2.9.3 to 3.2.6 for WordPress has XSS via the Accept-Language HTTP header. | ||||
| CVE-2015-9415 | 1 Angrycreative | 1 Bj Lazy Load | 2024-11-21 | 7.5 High |
| The bj-lazy-load plugin before 1.0 for WordPress has Remote File Inclusion. | ||||
| CVE-2015-9414 | 1 Wpsymposiumpro | 1 Wp-symposium | 2024-11-21 | 6.1 Medium |
| The wp-symposium plugin through 15.8.1 for WordPress has XSS via the wp-content/plugins/wp-symposium/get_album_item.php?size parameter. | ||||
| CVE-2015-9413 | 1 Eshop Project | 1 Eshop | 2024-11-21 | 6.5 Medium |
| The eshop plugin through 6.3.13 for WordPress has CSRF with resultant XSS via the wp-admin/admin.php?page=eshop-downloads.php title parameter. | ||||
| CVE-2015-9412 | 1 Royal-slider Project | 1 Royal-slider | 2024-11-21 | 6.1 Medium |
| The Royal-Slider plugin before 3.2.7 for WordPress has XSS via the rstype parameter. | ||||
| CVE-2015-9411 | 1 Gopostmatic | 1 Replyable | 2024-11-21 | 6.1 Medium |
| The Postmatic plugin before 1.4.6 for WordPress has XSS. | ||||
| CVE-2015-9410 | 1 Blubrry | 1 Powerpress | 2024-11-21 | 5.4 Medium |
| The Blubrry PowerPress Podcasting plugin 6.0.4 for WordPress has XSS via the tab parameter. | ||||
| CVE-2015-9409 | 1 Alo-easymail Project | 1 Alo-easymail | 2024-11-21 | 6.5 Medium |
| The alo-easymail plugin before 2.6.01 for WordPress has CSRF with resultant XSS in pages/alo-easymail-admin-options.php. | ||||
| CVE-2015-9408 | 1 Cyberseo | 1 Xpinner Lite | 2024-11-21 | 6.5 Medium |
| The xpinner-lite plugin through 2.2 for WordPress has wp-admin/options-general.php CSRF with resultant XSS. | ||||
| CVE-2015-9407 | 1 Cyberseo | 1 Xpinner Lite | 2024-11-21 | 6.1 Medium |
| The xpinner-lite plugin through 2.2 for WordPress has xpinner-lite.php XSS. | ||||
| CVE-2015-9406 | 1 Mtheme-unus Project | 1 Mtheme-unus | 2024-11-21 | 7.5 High |
| Directory traversal vulnerability in the mTheme-Unus theme before 2.3 for WordPress allows an attacker to read arbitrary files via a .. (dot dot) in the files parameter to css/css.php. | ||||
| CVE-2015-9405 | 1 Wp-piwik Project | 1 Wp-piwik | 2024-11-21 | 6.1 Medium |
| The wp-piwik plugin before 1.0.5 for WordPress has XSS. | ||||
| CVE-2015-9404 | 1 Neuvoo | 1 Neuvoo-jobroll | 2024-11-21 | 6.1 Medium |
| The neuvoo-jobroll plugin 2.0 for WordPress has neuvoo_keywords XSS. | ||||
| CVE-2015-9403 | 1 Neuvoo | 1 Neuvoo-jobroll | 2024-11-21 | 6.1 Medium |
| The neuvoo-jobroll plugin 2.0 for WordPress has neuvoo_location XSS. | ||||
| CVE-2015-9402 | 1 Usersultra | 1 Users Ultra Membership | 2024-11-21 | 8.8 High |
| The users-ultra plugin before 1.5.59 for WordPress has uultra-form-cvs-form-conf arbitrary file upload. | ||||
| CVE-2015-9401 | 1 Websimon-tables Project | 1 Websimon-tables | 2024-11-21 | 4.8 Medium |
| The websimon-tables plugin through 1.3.4 for WordPress has wp-admin/tools.php edit_style id XSS. | ||||