Search
Search Results (323742 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-18501 | 1 Bestwebsoft | 1 Social Login | 2024-11-21 | N/A |
| The social-login-bws plugin before 0.2 for WordPress has multiple XSS issues. | ||||
| CVE-2017-18500 | 1 Bestwebsoft | 1 Social Buttons Pack | 2024-11-21 | N/A |
| The social-buttons-pack plugin before 1.1.1 for WordPress has multiple XSS issues. | ||||
| CVE-2017-18499 | 1 Simple-membership-plugin | 1 Simple Membership | 2024-11-21 | 6.1 Medium |
| The simple-membership plugin before 3.5.7 for WordPress has XSS. | ||||
| CVE-2017-18498 | 1 Presstigers | 1 Simple Job Board | 2024-11-21 | N/A |
| The simple-job-board plugin before 2.4.4 for WordPress has reflected XSS via keyword search. | ||||
| CVE-2017-18497 | 1 W3eden | 1 Live Forms | 2024-11-21 | N/A |
| The liveforms plugin before 3.4.0 for WordPress has XSS. | ||||
| CVE-2017-18496 | 1 Bestwebsoft | 1 Htaccess | 2024-11-21 | N/A |
| The htaccess plugin before 1.7.6 for WordPress has multiple XSS issues. | ||||
| CVE-2017-18495 | 1 Mediaburst | 1 Gravity Forms | 2024-11-21 | N/A |
| The gravity-forms-sms-notifications plugin before 2.4.0 for WordPress has XSS. | ||||
| CVE-2017-18494 | 1 Bestwebsoft | 1 Custom Search | 2024-11-21 | N/A |
| The custom-search-plugin plugin before 1.36 for WordPress has multiple XSS issues. | ||||
| CVE-2017-18493 | 1 Bestwebsoft | 1 Custom Admin Page | 2024-11-21 | N/A |
| The custom-admin-page plugin before 0.1.2 for WordPress has multiple XSS issues. | ||||
| CVE-2017-18492 | 1 Bestwebsoft | 1 Contact Form To Db | 2024-11-21 | N/A |
| The contact-form-to-db plugin before 1.5.7 for WordPress has multiple XSS issues. | ||||
| CVE-2017-18491 | 1 Bestwebsoft | 1 Contact Form | 2024-11-21 | N/A |
| The contact-form-plugin plugin before 4.0.6 for WordPress has multiple XSS issues. | ||||
| CVE-2017-18490 | 1 Bestwebsoft | 1 Contact Form Multi | 2024-11-21 | N/A |
| The contact-form-multi plugin before 1.2.1 for WordPress has multiple XSS issues. | ||||
| CVE-2017-18489 | 1 Mediaburst | 1 Contact Form 7 - Clockwork Sms | 2024-11-21 | N/A |
| The contact-form-7-sms-addon plugin before 2.4.0 for WordPress has XSS. | ||||
| CVE-2017-18488 | 1 Backup-guard | 1 Backup Guard | 2024-11-21 | N/A |
| The Backup Guard plugin before 1.1.47 for WordPress has multiple XSS issues. | ||||
| CVE-2017-18487 | 1 Google Adsense Project | 1 Google Adsense | 2024-11-21 | N/A |
| The adsense-plugin (aka Google AdSense) plugin before 1.44 for WordPress has multiple XSS issues. | ||||
| CVE-2017-18486 | 1 Jitbit | 1 Helpdesk | 2024-11-21 | N/A |
| Jitbit Helpdesk before 9.0.3 allows remote attackers to escalate privileges because of mishandling of the User/AutoLogin userHash parameter. By inspecting the token value provided in a password reset link, a user can leverage a weak PRNG to recover the shared secret used by the server for remote authentication. The shared secret can be used to escalate privileges by forging new tokens for any user. These tokens can be used to automatically log in as the affected user. | ||||
| CVE-2017-18485 | 1 Elementalpath | 2 Cognitoys Dino, Cognitoys Dino Firmware | 2024-11-21 | N/A |
| Cognitoys Dino devices allow profiles_add.html CSRF. | ||||
| CVE-2017-18484 | 1 Elementalpath | 2 Cognitoys Dino, Cognitoys Dino Firmware | 2024-11-21 | N/A |
| Cognitoys Dino devices allow XSS via the SSID. | ||||
| CVE-2017-18483 | 1 Annke | 2 Sp1, Sp1 Firmware | 2024-11-21 | N/A |
| ANNKE SP1 HD wireless camera 3.4.1.1604071109 devices allow XSS via a crafted SSID. | ||||
| CVE-2017-18482 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 62.0.4 allows resellers to use the WHM enqueue_transfer_item API for queueing non-rearrange modules (SEC-213). | ||||