Vulnerabilities (CVE)

Filtered by vendor Bravenewcode Subscribe

Filtered by product Wptouch

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2011-4803	2 Bravenewcode, Wordpress	2 Wptouch, Wordpress	2012-03-05	7.5 HIGH	N/A
SQL injection vulnerability in wptouch/ajax.php in the WPTouch plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-4779	2 Bravenewcode, Wordpress	2 Wptouch, Wordpress	2011-05-31	4.3 MEDIUM	N/A
Cross-site scripting (XSS) vulnerability in lib/includes/auth.inc.php in the WPtouch plugin 1.9.19.4 and 1.9.20 for WordPress allows remote attackers to inject arbitrary web script or HTML via the wptouch_settings parameter to include/adsense-new.php. NOTE: some of these details are obtained from third party information.