Search
Search Results (323533 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-18505 | 1 Bestwebsoft | 1 Twitter Button | 2024-11-21 | N/A |
| The twitter-plugin plugin before 2.55 for WordPress has XSS. | ||||
| CVE-2017-18504 | 1 Wpdeveloper | 1 Twitter Cards Meta | 2024-11-21 | N/A |
| The twitter-cards-meta plugin before 2.5.0 for WordPress has CSRF. | ||||
| CVE-2017-18503 | 1 Wpdeveloper | 1 Twitter Cards Meta | 2024-11-21 | N/A |
| The twitter-cards-meta plugin before 2.5.0 for WordPress has XSS. | ||||
| CVE-2017-18502 | 1 Bestwebsoft | 1 Subscriber | 2024-11-21 | N/A |
| The subscriber plugin before 1.3.5 for WordPress has multiple XSS issues. | ||||
| CVE-2017-18501 | 1 Bestwebsoft | 1 Social Login | 2024-11-21 | N/A |
| The social-login-bws plugin before 0.2 for WordPress has multiple XSS issues. | ||||
| CVE-2017-18500 | 1 Bestwebsoft | 1 Social Buttons Pack | 2024-11-21 | N/A |
| The social-buttons-pack plugin before 1.1.1 for WordPress has multiple XSS issues. | ||||
| CVE-2017-18499 | 1 Simple-membership-plugin | 1 Simple Membership | 2024-11-21 | 6.1 Medium |
| The simple-membership plugin before 3.5.7 for WordPress has XSS. | ||||
| CVE-2017-18498 | 1 Presstigers | 1 Simple Job Board | 2024-11-21 | N/A |
| The simple-job-board plugin before 2.4.4 for WordPress has reflected XSS via keyword search. | ||||
| CVE-2017-18497 | 1 W3eden | 1 Live Forms | 2024-11-21 | N/A |
| The liveforms plugin before 3.4.0 for WordPress has XSS. | ||||
| CVE-2017-18496 | 1 Bestwebsoft | 1 Htaccess | 2024-11-21 | N/A |
| The htaccess plugin before 1.7.6 for WordPress has multiple XSS issues. | ||||
| CVE-2017-18495 | 1 Mediaburst | 1 Gravity Forms | 2024-11-21 | N/A |
| The gravity-forms-sms-notifications plugin before 2.4.0 for WordPress has XSS. | ||||
| CVE-2017-18494 | 1 Bestwebsoft | 1 Custom Search | 2024-11-21 | N/A |
| The custom-search-plugin plugin before 1.36 for WordPress has multiple XSS issues. | ||||
| CVE-2017-18493 | 1 Bestwebsoft | 1 Custom Admin Page | 2024-11-21 | N/A |
| The custom-admin-page plugin before 0.1.2 for WordPress has multiple XSS issues. | ||||
| CVE-2017-18492 | 1 Bestwebsoft | 1 Contact Form To Db | 2024-11-21 | N/A |
| The contact-form-to-db plugin before 1.5.7 for WordPress has multiple XSS issues. | ||||
| CVE-2017-18491 | 1 Bestwebsoft | 1 Contact Form | 2024-11-21 | N/A |
| The contact-form-plugin plugin before 4.0.6 for WordPress has multiple XSS issues. | ||||
| CVE-2017-18490 | 1 Bestwebsoft | 1 Contact Form Multi | 2024-11-21 | N/A |
| The contact-form-multi plugin before 1.2.1 for WordPress has multiple XSS issues. | ||||
| CVE-2017-18489 | 1 Mediaburst | 1 Contact Form 7 - Clockwork Sms | 2024-11-21 | N/A |
| The contact-form-7-sms-addon plugin before 2.4.0 for WordPress has XSS. | ||||
| CVE-2017-18488 | 1 Backup-guard | 1 Backup Guard | 2024-11-21 | N/A |
| The Backup Guard plugin before 1.1.47 for WordPress has multiple XSS issues. | ||||
| CVE-2017-18487 | 1 Google Adsense Project | 1 Google Adsense | 2024-11-21 | N/A |
| The adsense-plugin (aka Google AdSense) plugin before 1.44 for WordPress has multiple XSS issues. | ||||
| CVE-2017-18486 | 1 Jitbit | 1 Helpdesk | 2024-11-21 | N/A |
| Jitbit Helpdesk before 9.0.3 allows remote attackers to escalate privileges because of mishandling of the User/AutoLogin userHash parameter. By inspecting the token value provided in a password reset link, a user can leverage a weak PRNG to recover the shared secret used by the server for remote authentication. The shared secret can be used to escalate privileges by forging new tokens for any user. These tokens can be used to automatically log in as the affected user. | ||||