CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (324440 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2016-10989	1 Leenk	1 Leenk.me	2024-11-21	8.8 High
The leenkme plugin before 2.6.0 for WordPress has wp-admin/admin.php?page=leenkme_facebook CSRF.
CVE-2016-10988	1 Leenk	1 Leenk.me	2024-11-21	6.1 Medium
The leenkme plugin before 2.6.0 for WordPress has stored XSS via facebook_message, facebook_linkname, facebook_caption, facebook_description, default_image, or _wp_http_referer.
CVE-2016-10987	1 Woocommerce	1 Persian Woocommerce Sms	2024-11-21	6.1 Medium
The persian-woocommerce-sms plugin before 3.3.4 for WordPress has ps_sms_numbers XSS.
CVE-2016-10986	1 Nerdcow	1 Tweet Wheel	2024-11-21	6.1 Medium
The tweet-wheel plugin before 1.0.3.3 for WordPress has XSS via consumer_key, consumer_secret, access_token, and access_token_secret.
CVE-2016-10985	1 Smackcoders	1 Echo Sign	2024-11-21	6.1 Medium
The echosign plugin before 1.2 for WordPress has XSS via the templates/add_templates.php id parameter.
CVE-2016-10984	1 Smackcoders	1 Echo Sign	2024-11-21	6.1 Medium
The echosign plugin before 1.2 for WordPress has XSS via the inc.php page parameter.
CVE-2016-10983	1 Ghost	1 Ghost	2024-11-21	6.5 Medium
The ghost plugin before 0.5.6 for WordPress has no access control for wp-admin/tools.php?ghostexport=true downloads of exported data.
CVE-2016-10982	1 Kentothemes	1 Kento-post-view-counter	2024-11-21	8.8 High
The kento-post-view-counter plugin through 2.8 for WordPress has wp-admin/admin.php?page=kentopvc_settings CSRF.
CVE-2016-10981	1 Kentothemes	1 Kento-post-view-counter	2024-11-21	6.1 Medium
The kento-post-view-counter plugin through 2.8 for WordPress has stored XSS via kento_pvc_numbers_lang, kento_pvc_today_text, or kento_pvc_total_text.
CVE-2016-10980	1 Kentothemes	1 Kento-post-view-counter	2024-11-21	6.1 Medium
The kento-post-view-counter plugin through 2.8 for WordPress has XSS via kento_pvc_geo.
CVE-2016-10979	1 Fossura	1 Tag Miner	2024-11-21	6.1 Medium
The fossura-tag-miner plugin before 1.1.5 for WordPress has XSS.
CVE-2016-10978	1 Fossura	1 Tag Miner	2024-11-21	8.8 High
The fossura-tag-miner plugin before 1.1.5 for WordPress has CSRF.
CVE-2016-10977	1 Neliosoftware	1 Nelio Ab Testing	2024-11-21	6.5 Medium
The nelio-ab-testing plugin before 4.5.0 for WordPress has filename=..%2f directory traversal.
CVE-2016-10976	1 Kodebyraaet	1 Safe Editor	2024-11-21	6.1 Medium
The safe-editor plugin before 1.2 for WordPress has no se_save authentication, with resultant XSS.
CVE-2016-10975	1 Tonjoostudio	1 Fluid-responsive-slideshow	2024-11-21	6.1 Medium
The fluid-responsive-slideshow plugin before 2.2.7 for WordPress has reflected XSS via the skin parameter.
CVE-2016-10974	1 Tonjoostudio	1 Fluid-responsive-slideshow	2024-11-21	8.8 High
The fluid-responsive-slideshow plugin before 2.2.7 for WordPress has frs_save CSRF with resultant stored XSS.
CVE-2016-10973	1 Brafton	1 Brafton	2024-11-21	6.1 Medium
The Brafton plugin before 3.4.8 for WordPress has XSS via the wp-admin/admin.php?page=BraftonArticleLoader tab parameter to BraftonAdminPage.php.
CVE-2016-10972	1 Tagdiv	1 Newspaper	2024-11-21	9.8 Critical
The newspaper theme before 6.7.2 for WordPress has a lack of options access control via td_ajax_update_panel.
CVE-2016-10971	1 Membersonic	1 Membersonic	2024-11-21	9.8 Critical
The MemberSonic Lite plugin before 1.302 for WordPress has incorrect login access control because only knowlewdge of an e-mail address is required.
CVE-2016-10970	1 Supportflow Project	1 Supportflow	2024-11-21	6.1 Medium
The supportflow plugin before 0.7 for WordPress has XSS via a ticket excerpt.

« first previous Page 15040 of 16222. next last »