Search
Search Results (322763 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-10940 | 1 Zm-gallery Project | 1 Zm-gallery | 2024-11-21 | 7.2 High |
| The zm-gallery plugin 1.0 for WordPress has SQL injection via the order parameter. | ||||
| CVE-2016-10939 | 1 Xtremelocator | 1 Xtremelocator | 2024-11-21 | 7.2 High |
| The xtremelocator plugin 1.5 for WordPress has SQL injection via the id parameter. | ||||
| CVE-2016-10938 | 1 Copy-me Project | 1 Copy-me | 2024-11-21 | 6.5 Medium |
| The copy-me plugin 1.0.0 for WordPress has CSRF for copying non-public posts to a public location. | ||||
| CVE-2016-10937 | 4 Debian, Fedoraproject, Imapfilter Project and 1 more | 5 Debian Linux, Fedora, Imapfilter and 2 more | 2024-11-21 | 7.5 High |
| IMAPFilter through 2.6.12 does not validate the hostname in an SSL certificate. | ||||
| CVE-2016-10936 | 1 Wp-polls Project | 1 Wp-polls | 2024-11-21 | N/A |
| The wp-polls plugin before 2.73.1 for WordPress has XSS via the Poll bar option. | ||||
| CVE-2016-10935 | 1 Visser | 1 Store Exporter For Woocommerce | 2024-11-21 | N/A |
| The woocommerce-exporter plugin before 1.8.4 for WordPress has privilege escalation. | ||||
| CVE-2016-10934 | 1 Check Email Project | 1 Check Email | 2024-11-21 | N/A |
| The check-email plugin before 0.5.2 for WordPress has XSS. | ||||
| CVE-2016-10933 | 1 Portaudio Project | 1 Portaudio | 2024-11-21 | N/A |
| An issue was discovered in the portaudio crate through 0.7.0 for Rust. There is a man-in-the-middle issue because the source code is downloaded over cleartext HTTP. | ||||
| CVE-2016-10932 | 2 Hyper, Microsoft | 2 Hyper, Windows | 2024-11-21 | N/A |
| An issue was discovered in the hyper crate before 0.9.4 for Rust on Windows. There is an HTTPS man-in-the-middle vulnerability because hostname verification was omitted. | ||||
| CVE-2016-10931 | 1 Rust-openssl Project | 1 Rust-openssl | 2024-11-21 | N/A |
| An issue was discovered in the openssl crate before 0.9.0 for Rust. There is an SSL/TLS man-in-the-middle vulnerability because certificate verification is off by default and there is no API for hostname verification. | ||||
| CVE-2016-10930 | 1 Wpsupportplus | 1 Wp Support Plus Responsive Ticket System | 2024-11-21 | N/A |
| The wp-support-plus-responsive-ticket-system plugin before 7.1.0 for WordPress has insecure direct object reference via a ticket number. | ||||
| CVE-2016-10929 | 1 Advanced Ajax Page Loader Project | 1 Advanced Ajax Page Loader | 2024-11-21 | N/A |
| The advanced-ajax-page-loader plugin before 2.7.7 for WordPress has no protection against the reading of uploaded files when not logged in. | ||||
| CVE-2016-10928 | 1 Onelogin | 1 Onelogin Saml Sso | 2024-11-21 | N/A |
| The onelogin-saml-sso plugin before 2.2.0 for WordPress has a hardcoded @@@nopass@@@ password for just-in-time provisioned users. | ||||
| CVE-2016-10927 | 1 Neliosoftware | 1 Nelio Ab Testing | 2024-11-21 | N/A |
| The nelio-ab-testing plugin before 4.5.11 for WordPress has SSRF in ajax/iesupport.php. | ||||
| CVE-2016-10926 | 1 Neliosoftware | 1 Nelio Ab Testing | 2024-11-21 | N/A |
| The nelio-ab-testing plugin before 4.5.9 for WordPress has SSRF in ajax/iesupport.php. | ||||
| CVE-2016-10925 | 1 Profilepress | 1 Loginwp | 2024-11-21 | N/A |
| The peters-login-redirect plugin before 2.9.1 for WordPress has XSS during the editing of redirect URLs. | ||||
| CVE-2016-10924 | 1 Zedna Ebook Download Project | 1 Zedna Ebook Download | 2024-11-21 | N/A |
| The ebook-download plugin before 1.2 for WordPress has directory traversal. | ||||
| CVE-2016-10923 | 1 Visser | 1 Store Toolkit For Woocommerce | 2024-11-21 | N/A |
| The woocommerce-store-toolkit plugin before 1.5.8 for WordPress has privilege escalation. | ||||
| CVE-2016-10922 | 1 Visser | 1 Store Toolkit For Woocommerce | 2024-11-21 | N/A |
| The woocommerce-store-toolkit plugin before 1.5.7 for WordPress has privilege escalation. | ||||
| CVE-2016-10921 | 1 Ays-pro | 1 Photo Gallery | 2024-11-21 | N/A |
| The gallery-photo-gallery plugin before 1.0.1 for WordPress has SQL injection. | ||||