Search
Search Results (323568 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-15830 | 1 Icegram | 1 Icegram Engage | 2024-11-21 | N/A |
| The icegram plugin before 1.10.29 for WordPress has ig_cat_list XSS. | ||||
| CVE-2019-15829 | 1 Greentreelabs | 1 Gallery Photoblocks | 2024-11-21 | N/A |
| The photoblocks-grid-gallery plugin before 1.1.33 for WordPress has wp-admin/admin.php?page=photoblocks-edit&id= XSS. | ||||
| CVE-2019-15828 | 1 Tribulant | 1 One Click Ssl | 2024-11-21 | N/A |
| The one-click-ssl plugin before 1.4.7 for WordPress has CSRF. | ||||
| CVE-2019-15827 | 1 Onesignal | 1 Onesignal-free-web-push-notifications | 2024-11-21 | N/A |
| The onesignal-free-web-push-notifications plugin before 1.17.8 for WordPress has XSS via the subdomain parameter. | ||||
| CVE-2019-15826 | 1 Wpserveur | 1 Wps Hide Login | 2024-11-21 | N/A |
| The wps-hide-login plugin before 1.5.3 for WordPress has a protection bypass via wp-login.php in the Referer field. | ||||
| CVE-2019-15825 | 1 Wpserveur | 1 Wps Hide Login | 2024-11-21 | N/A |
| The wps-hide-login plugin before 1.5.3 for WordPress has an action=rp&key&login protection bypass. | ||||
| CVE-2019-15824 | 1 Wpserveur | 1 Wps Hide Login | 2024-11-21 | N/A |
| The wps-hide-login plugin before 1.5.3 for WordPress has an adminhash protection bypass. | ||||
| CVE-2019-15823 | 1 Wpserveur | 1 Wps Hide Login | 2024-11-21 | N/A |
| The wps-hide-login plugin before 1.5.3 for WordPress has an action=confirmaction protection bypass. | ||||
| CVE-2019-15822 | 1 Wpserveur | 1 Wps Child Theme Generator | 2024-11-21 | N/A |
| The wps-child-theme-generator plugin before 1.2 for WordPress has classes/helpers.php directory traversal. | ||||
| CVE-2019-15821 | 1 Bold-themes | 1 Bold Page Builder | 2024-11-21 | N/A |
| The bold-page-builder plugin before 2.3.2 for WordPress has no protection against modifying settings and importing data. | ||||
| CVE-2019-15820 | 1 Login Or Logout Menu Item Project | 1 Login Or Logout Menu Item | 2024-11-21 | N/A |
| The login-or-logout-menu-item plugin before 1.2.0 for WordPress has no requirement for lolmi_save_settings authentication. | ||||
| CVE-2019-15819 | 1 Restaurant Reservations Project | 1 Restaurant Reservations | 2024-11-21 | N/A |
| The nd-restaurant-reservations plugin before 1.5 for WordPress has no requirement for nd_rst_import_settings_php_function authentication. | ||||
| CVE-2019-15818 | 1 Webcraftic | 1 Simple 301 Redirects | 2024-11-21 | N/A |
| The simple-301-redirects-addon-bulk-uploader plugin through 1.2.4 for WordPress has no requirement for authentication for action=bulk301export or action=bulk301clearlist. | ||||
| CVE-2019-15817 | 1 Realestateconnected | 1 Easy Property Listings | 2024-11-21 | N/A |
| The easy-property-listings plugin before 3.4 for WordPress has XSS. | ||||
| CVE-2019-15816 | 1 Wpexpertdeveloper | 1 Wp Private Content Plus | 2024-11-21 | N/A |
| The wp-private-content-plus plugin before 2.0 for WordPress has no protection against option changes via save_settings_page and other save_ functions. | ||||
| CVE-2019-15815 | 1 Zyxel | 2 2.00\(abbx.3\), P-1302-t10d | 2024-11-21 | 6.5 Medium |
| ZyXEL P-1302-T10D v3 devices with firmware version 2.00(ABBX.3) and earlier do not properly enforce access control and could allow an unauthorized user to access certain pages that require admin privileges. | ||||
| CVE-2019-15814 | 1 Sentrifugo | 1 Sentrifugo | 2024-11-21 | N/A |
| Multiple stored XSS vulnerabilities in Sentrifugo 3.2 could allow authenticated users to inject arbitrary web script or HTML. | ||||
| CVE-2019-15813 | 1 Sentrifugo | 1 Sentrifugo | 2024-11-21 | 8.8 High |
| Multiple file upload restriction bypass vulnerabilities in Sentrifugo 3.2 could allow authenticated users to execute arbitrary code via a webshell. | ||||
| CVE-2019-15811 | 1 Domainmod | 1 Domainmod | 2024-11-21 | N/A |
| In DomainMOD through 4.13, the parameter daterange in the file reporting/domains/cost-by-month.php has XSS. | ||||
| CVE-2019-15810 | 1 Netdisco | 1 Netdisco | 2024-11-21 | 6.1 Medium |
| Insufficient sanitization during device search in Netdisco 2.042010 allows for reflected XSS via manipulation of a URL parameter. | ||||