Total
291510 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-18613 | 1 Trust Form Project | 1 Trust Form | 2024-11-21 | 6.1 Medium |
| The trust-form plugin 2.0 for WordPress has XSS via the wp-admin/admin.php?page=trust-form-edit page parameter. | ||||
| CVE-2017-18612 | 1 Netattingo | 1 Wp-whois-domain | 2024-11-21 | 6.1 Medium |
| The wp-whois-domain plugin 1.0.0 for WordPress has XSS via the pages/func-whois.php domain parameter. | ||||
| CVE-2017-18611 | 1 Magicfields | 1 Magic Fields | 2024-11-21 | 6.1 Medium |
| The magic-fields plugin before 1.7.2 for WordPress has XSS via the RCCWP_CreateCustomFieldPage.php custom-field-css parameter. | ||||
| CVE-2017-18610 | 1 Magicfields | 1 Magic Fields | 2024-11-21 | 6.1 Medium |
| The magic-fields plugin before 1.7.2 for WordPress has XSS via the RCCWP_CreateCustomFieldPage.php custom-group-id parameter. | ||||
| CVE-2017-18609 | 1 Magicfields | 1 Magic Fields | 2024-11-21 | 6.1 Medium |
| The magic-fields plugin before 1.7.2 for WordPress has XSS via the custom-write-panel-id parameter. | ||||
| CVE-2017-18608 | 1 Spot | 1 Spot.im Comments | 2024-11-21 | 6.1 Medium |
| The spotim-comments plugin before 4.0.4 for WordPress has multiple XSS issues. | ||||
| CVE-2017-18607 | 1 Theme-fusion | 1 Avada | 2024-11-21 | 8.8 High |
| The avada theme before 5.1.5 for WordPress has CSRF. | ||||
| CVE-2017-18606 | 1 Theme-fusion | 1 Avada | 2024-11-21 | 6.1 Medium |
| The avada theme before 5.1.5 for WordPress has stored XSS. | ||||
| CVE-2017-18605 | 1 Gravitatedesign | 1 Gravitate Qa Tracker | 2024-11-21 | 9.8 Critical |
| The gravitate-qa-tracker plugin through 1.2.1 for WordPress has PHP Object Injection. | ||||
| CVE-2017-18604 | 1 Sitebuilder Dynamic Components Project | 1 Sitebuilder Dynamic Components | 2024-11-21 | 7.5 High |
| The sitebuilder-dynamic-components plugin through 1.0 for WordPress has PHP object injection via an AJAX request. | ||||
| CVE-2017-18603 | 1 Postman-smtp Project | 1 Postman-smtp | 2024-11-21 | 6.1 Medium |
| The postman-smtp plugin through 2017-10-04 for WordPress has XSS via the wp-admin/tools.php?page=postman_email_log page parameter. | ||||
| CVE-2017-18602 | 1 Ibps Online Exam Project | 1 Ibps Online Exam | 2024-11-21 | 8.8 High |
| The examapp plugin 1.0 for WordPress has SQL injection via the wp-admin/admin.php?page=examapp_UserResult id parameter. | ||||
| CVE-2017-18601 | 1 Ibps Online Exam Project | 1 Ibps Online Exam | 2024-11-21 | 5.4 Medium |
| The examapp plugin 1.0 for WordPress has XSS via exam input text fields. | ||||
| CVE-2017-18600 | 1 Ncrafts | 1 Formcraft | 2024-11-21 | 5.4 Medium |
| The formcraft3 plugin before 3.4 for WordPress has stored XSS via the "New Form > Heading > Heading Text" field. | ||||
| CVE-2017-18599 | 1 Pinfinity Project | 1 Pinfinity | 2024-11-21 | 6.1 Medium |
| The Pinfinity theme before 2.0 for WordPress has XSS via the s parameter. | ||||
| CVE-2017-18598 | 1 Designmodo | 1 Qards | 2024-11-21 | 6.1 Medium |
| The Qards plugin through 2017-10-11 for WordPress has XSS via a remote document specified in the url parameter to html2canvasproxy.php. | ||||
| CVE-2017-18597 | 1 Jtrt Responsive Tables Project | 1 Jtrt Responsive Tables | 2024-11-21 | 8.8 High |
| The jtrt-responsive-tables plugin before 4.1.2 for WordPress has SQL Injection via the admin/class-jtrt-responsive-tables-admin.php tableId parameter. | ||||
| CVE-2017-18596 | 1 Elementor | 1 Elementor Page Builder | 2024-11-21 | 8.8 High |
| The elementor plugin before 1.8.0 for WordPress has incorrect access control for internal functions. | ||||
| CVE-2017-18595 | 3 Linux, Opensuse, Redhat | 9 Linux Kernel, Leap, Enterprise Linux and 6 more | 2024-11-21 | 7.8 High |
| An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c. | ||||
| CVE-2017-18594 | 1 Nmap | 1 Nmap | 2024-11-21 | N/A |
| nse_libssh2.cc in Nmap 7.70 is subject to a denial of service condition due to a double free when an SSH connection fails, as demonstrated by a leading \n character to ssh-brute.nse or ssh-auth-methods.nse. | ||||