Search
Total
13741 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-9311 | 1 Newstatpress Project | 1 Newstatpress | 2019-08-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| The newstatpress plugin before 1.0.6 for WordPress has reflected XSS. | |||||
| CVE-2017-18502 | 1 Bestwebsoft | 1 Subscriber | 2019-08-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| The subscriber plugin before 1.3.5 for WordPress has multiple XSS issues. | |||||
| CVE-2017-18503 | 1 Wpdeveloper | 1 Twitter Cards Meta | 2019-08-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| The twitter-cards-meta plugin before 2.5.0 for WordPress has XSS. | |||||
| CVE-2017-18501 | 1 Bestwebsoft | 1 Social Login | 2019-08-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| The social-login-bws plugin before 0.2 for WordPress has multiple XSS issues. | |||||
| CVE-2019-5403 | 1 Hp | 1 3par Storeserv Management Console | 2019-08-16 | 3.5 LOW | 4.8 MEDIUM |
| A remote multiple cross-site scripting vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1. | |||||
| CVE-2017-18505 | 1 Bestwebsoft | 1 Twitter Button | 2019-08-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| The twitter-plugin plugin before 2.55 for WordPress has XSS. | |||||
| CVE-2019-14770 | 1 Backdropcms | 1 Backdrop Core | 2019-08-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| In Backdrop CMS 1.12.x before 1.12.8 and 1.13.x before 1.13.3, some menu links within the administration bar may be crafted to execute JavaScript when the administrator is logged in and uses the search functionality. (This issue is mitigated by the attacker needing permissions to create administrative menu links, such as by creating a content type or layout. Such permissions are usually restricted to trusted or administrative users.) | |||||
| CVE-2019-5398 | 1 Hp | 2 3par Service Processor, 3par Service Processor Firmware | 2019-08-16 | 3.5 LOW | 5.4 MEDIUM |
| A remote multiple multiple cross-site vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1. | |||||
| CVE-2017-18493 | 1 Bestwebsoft | 1 Custom Admin Page | 2019-08-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| The custom-admin-page plugin before 0.1.2 for WordPress has multiple XSS issues. | |||||
| CVE-2012-6713 | 1 Wp-jobmanager | 1 Job Manager | 2019-08-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| The job-manager plugin before 0.7.19 for WordPress has multiple XSS issues. | |||||
| CVE-2015-9296 | 1 Never5 | 1 Download Monitor | 2019-08-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| The download-monitor plugin before 1.7.1 for WordPress has XSS related to add_query_arg. | |||||
| CVE-2017-18492 | 1 Bestwebsoft | 1 Contact Form To Db | 2019-08-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| The contact-form-to-db plugin before 1.5.7 for WordPress has multiple XSS issues. | |||||
| CVE-2013-7475 | 1 Bestwebsoft | 1 Contact Form | 2019-08-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| The contact-form-plugin plugin before 3.52 for WordPress has XSS. | |||||
| CVE-2015-9293 | 1 Tipsandtricks-hq | 1 All In One Wp Security \& Firewall | 2019-08-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| The all-in-one-wp-security-and-firewall plugin before 3.9.8 for WordPress has XSS in the unlock request feature. | |||||
| CVE-2015-9294 | 1 Tipsandtricks-hq | 1 All In One Wp Security \& Firewall | 2019-08-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| The all-in-one-wp-security-and-firewall plugin before 3.9.5 for WordPress has XSS in add_query_arg and remove_query_arg function instances. | |||||
| CVE-2015-9295 | 1 Bestwebsoft | 1 Contact Form | 2019-08-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| The contact-form-plugin plugin before 3.96 for WordPress has XSS. | |||||
| CVE-2015-9299 | 1 Wp-events-plugin | 1 Events Manager | 2019-08-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| The events-manager plugin before 5.5.7.1 for WordPress has DOM XSS. | |||||
| CVE-2015-9300 | 1 Wp-events-plugin | 1 Events Manager | 2019-08-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| The events-manager plugin before 5.5.7 for WordPress has multiple XSS issues. | |||||
| CVE-2016-10868 | 1 Tipsandtricks-hq | 1 All In One Wp Security \& Firewall | 2019-08-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| The all-in-one-wp-security-and-firewall plugin before 4.0.5 for WordPress has XSS in the blacklist, file system, and file change detection settings pages. | |||||
| CVE-2016-10869 | 1 Bestwebsoft | 1 Contact Form | 2019-08-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| The contact-form-plugin plugin before 4.0.2 for WordPress has XSS. | |||||
| CVE-2016-10870 | 1 Gtranslate | 1 Google Language Translator | 2019-08-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| The google-language-translator plugin before 5.0.06 for WordPress has XSS. | |||||
| CVE-2016-10871 | 1 Ibericode | 1 Mailchimp | 2019-08-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| The mailchimp-for-wp plugin before 4.0.11 for WordPress has XSS on the integration settings page. | |||||
| CVE-2017-18489 | 1 Mediaburst | 1 Contact Form 7 - Clockwork Sms | 2019-08-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| The contact-form-7-sms-addon plugin before 2.4.0 for WordPress has XSS. | |||||
| CVE-2017-18490 | 1 Bestwebsoft | 1 Contact Form Multi | 2019-08-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| The contact-form-multi plugin before 1.2.1 for WordPress has multiple XSS issues. | |||||
| CVE-2017-18491 | 1 Bestwebsoft | 1 Contact Form | 2019-08-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| The contact-form-plugin plugin before 4.0.6 for WordPress has multiple XSS issues. | |||||
| CVE-2019-14987 | 1 Schben | 1 Framework | 2019-08-15 | 3.5 LOW | 4.8 MEDIUM |
| Adive Framework through 2.0.7 is affected by XSS in the Create New Table and Create New Navigation Link functions. | |||||
| CVE-2018-20962 | 1 Backpackforlaravel | 1 Backpack\\crud | 2019-08-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Backpack\CRUD Backpack component before 3.4.9 for Laravel allows XSS via the select field type. | |||||
| CVE-2018-20966 | 1 Booster | 1 Booster For Woocommerce | 2019-08-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| The woocommerce-jetpack plugin before 3.8.0 for WordPress has XSS in the Products Per Page feature. | |||||
| CVE-2018-14952 | 1 Squirrelmail | 1 Squirrelmail | 2019-08-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| The mail message display page in SquirrelMail through 1.4.22 has XSS via a "<math><maction xlink:href=" attack. | |||||
| CVE-2018-14955 | 1 Squirrelmail | 1 Squirrelmail | 2019-08-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| The mail message display page in SquirrelMail through 1.4.22 has XSS via SVG animations (animate to attribute). | |||||
| CVE-2018-14954 | 1 Squirrelmail | 1 Squirrelmail | 2019-08-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| The mail message display page in SquirrelMail through 1.4.22 has XSS via the formaction attribute. | |||||
| CVE-2018-14953 | 1 Squirrelmail | 1 Squirrelmail | 2019-08-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| The mail message display page in SquirrelMail through 1.4.22 has XSS via a "<math xlink:href=" attack. | |||||
| CVE-2018-14950 | 1 Squirrelmail | 1 Squirrelmail | 2019-08-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| The mail message display page in SquirrelMail through 1.4.22 has XSS via a "<svg><a xlink:href=" attack. | |||||
| CVE-2018-14951 | 1 Squirrelmail | 1 Squirrelmail | 2019-08-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| The mail message display page in SquirrelMail through 1.4.22 has XSS via a "<form action='data:text" attack. | |||||
| CVE-2019-14976 | 1 Icmsdev | 1 Icms | 2019-08-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| iCMS 7.0.15 allows admincp.php?app=apps XSS via the keywords parameter. | |||||
| CVE-2015-9305 | 1 Flippercode | 1 Google Map | 2019-08-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| The wp-google-map-plugin plugin before 2.3.7 for WordPress has XSS related to the add_query_arg() and remove_query_arg() functions. | |||||
| CVE-2019-14950 | 1 Wp-livechat | 1 Wp Live Chat Support | 2019-08-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| The wp-live-chat-support plugin before 8.0.27 for WordPress has XSS via the GDPR page. | |||||
| CVE-2016-10879 | 1 Wp-livechat | 1 Wp Live Chat Support | 2019-08-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| The wp-live-chat-support plugin before 6.2.02 for WordPress has XSS. | |||||
| CVE-2016-10877 | 1 Wp Editor Project | 1 Wp Editor | 2019-08-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| The wp-editor plugin before 1.2.6.3 for WordPress has multiple XSS issues. | |||||
| CVE-2019-14967 | 1 Frappe | 1 Frappe | 2019-08-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in Frappe Framework 10, 11 before 11.1.46, and 12. There exists an XSS vulnerability. | |||||
| CVE-2017-18495 | 1 Mediaburst | 1 Gravity Forms | 2019-08-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| The gravity-forms-sms-notifications plugin before 2.4.0 for WordPress has XSS. | |||||
| CVE-2019-11720 | 1 Mozilla | 1 Firefox | 2019-08-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| Some unicode characters are incorrectly treated as whitespace during the parsing of web content instead of triggering parsing errors. This allows malicious code to then be processed, evading cross-site scripting (XSS) filtering. This vulnerability affects Firefox < 68. | |||||
| CVE-2017-18497 | 1 W3eden | 1 Live Forms | 2019-08-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| The liveforms plugin before 3.4.0 for WordPress has XSS. | |||||
| CVE-2017-18496 | 1 Bestwebsoft | 1 Htaccess | 2019-08-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| The htaccess plugin before 1.7.6 for WordPress has multiple XSS issues. | |||||
| CVE-2017-18494 | 1 Bestwebsoft | 1 Custom Search | 2019-08-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| The custom-search-plugin plugin before 1.36 for WordPress has multiple XSS issues. | |||||
| CVE-2017-18487 | 1 Google Adsense Project | 1 Google Adsense | 2019-08-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| The adsense-plugin (aka Google AdSense) plugin before 1.44 for WordPress has multiple XSS issues. | |||||
| CVE-2016-10866 | 1 Tipsandtricks-hq | 1 All In One Wp Security \& Firewall | 2019-08-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| The all-in-one-wp-security-and-firewall plugin before 4.2.0 for WordPress has multiple XSS issues. | |||||
| CVE-2017-18507 | 1 Wp-livechat | 1 Wp Live Chat Support | 2019-08-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| The wp-live-chat-support plugin before 7.1.05 for WordPress has XSS. | |||||
| CVE-2018-20858 | 1 Edx | 1 Recommender | 2019-08-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| Recommender before 2018-07-18 allows XSS. | |||||
| CVE-2018-20963 | 1 Codepeople | 1 Contact Form Email | 2019-08-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| The contact-form-to-email plugin before 1.2.66 for WordPress has XSS. | |||||