Search
Search Results (322814 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-9408 | 1 Cyberseo | 1 Xpinner Lite | 2024-11-21 | 6.5 Medium |
| The xpinner-lite plugin through 2.2 for WordPress has wp-admin/options-general.php CSRF with resultant XSS. | ||||
| CVE-2015-9407 | 1 Cyberseo | 1 Xpinner Lite | 2024-11-21 | 6.1 Medium |
| The xpinner-lite plugin through 2.2 for WordPress has xpinner-lite.php XSS. | ||||
| CVE-2015-9406 | 1 Mtheme-unus Project | 1 Mtheme-unus | 2024-11-21 | 7.5 High |
| Directory traversal vulnerability in the mTheme-Unus theme before 2.3 for WordPress allows an attacker to read arbitrary files via a .. (dot dot) in the files parameter to css/css.php. | ||||
| CVE-2015-9405 | 1 Wp-piwik Project | 1 Wp-piwik | 2024-11-21 | 6.1 Medium |
| The wp-piwik plugin before 1.0.5 for WordPress has XSS. | ||||
| CVE-2015-9404 | 1 Neuvoo | 1 Neuvoo-jobroll | 2024-11-21 | 6.1 Medium |
| The neuvoo-jobroll plugin 2.0 for WordPress has neuvoo_keywords XSS. | ||||
| CVE-2015-9403 | 1 Neuvoo | 1 Neuvoo-jobroll | 2024-11-21 | 6.1 Medium |
| The neuvoo-jobroll plugin 2.0 for WordPress has neuvoo_location XSS. | ||||
| CVE-2015-9402 | 1 Usersultra | 1 Users Ultra Membership | 2024-11-21 | 8.8 High |
| The users-ultra plugin before 1.5.59 for WordPress has uultra-form-cvs-form-conf arbitrary file upload. | ||||
| CVE-2015-9401 | 1 Websimon-tables Project | 1 Websimon-tables | 2024-11-21 | 4.8 Medium |
| The websimon-tables plugin through 1.3.4 for WordPress has wp-admin/tools.php edit_style id XSS. | ||||
| CVE-2015-9400 | 1 Typomedia | 1 Wordpress Meta Robots | 2024-11-21 | 8.8 High |
| The wordpress-meta-robots plugin through 2.1 for WordPress has wp-admin/post-new.php text SQL injection. | ||||
| CVE-2015-9399 | 1 Trivetechnology | 1 Wp-stats-dashboard | 2024-11-21 | 7.2 High |
| The wp-stats-dashboard plugin through 2.9.4 for WordPress has admin/graph_trend.php type SQL injection. | ||||
| CVE-2015-9398 | 1 Webmaster-source | 1 Gocodes | 2024-11-21 | 8.8 High |
| The gocodes plugin through 1.3.5 for WordPress has wp-admin/tools.php gcid SQL injection. | ||||
| CVE-2015-9397 | 1 Webmaster-source | 1 Gocodes | 2024-11-21 | 5.4 Medium |
| The gocodes plugin through 1.3.5 for WordPress has wp-admin/tools.php deletegc XSS. | ||||
| CVE-2015-9396 | 1 Attosoft | 1 Auto Thickbox Plus | 2024-11-21 | 6.1 Medium |
| The auto-thickbox-plus plugin through 1.9 for WordPress has wp-content/plugins/auto-thickbox-plus/download.min.php?file= XSS. | ||||
| CVE-2015-9395 | 1 Usersultra | 1 Users Ultra Membership | 2024-11-21 | 8.8 High |
| The users-ultra plugin before 1.5.64 for WordPress has SQL Injection via an ajax action. | ||||
| CVE-2015-9394 | 1 Usersultra | 1 Users Ultra Membership | 2024-11-21 | 8.8 High |
| The users-ultra plugin before 1.5.63 for WordPress has CSRF via action=package_add_new to wp-admin/admin-ajax.php. | ||||
| CVE-2015-9393 | 1 Usersultra | 1 Users Ultra Membership | 2024-11-21 | 5.4 Medium |
| The users-ultra plugin before 1.5.63 for WordPress has XSS via the p_desc parameter. | ||||
| CVE-2015-9392 | 1 Usersultra | 1 Users Ultra Membership | 2024-11-21 | 5.4 Medium |
| The users-ultra plugin before 1.5.63 for WordPress has XSS via the p_name parameter. | ||||
| CVE-2015-9391 | 1 Ostenta | 1 Yawpp | 2024-11-21 | 6.1 Medium |
| The yawpp plugin through 1.2.2 for WordPress has XSS via the field1 parameter. | ||||
| CVE-2015-9390 | 1 Admin Management Xtended Project | 1 Admin Management Xtended | 2024-11-21 | 4.3 Medium |
| The admin-management-xtended plugin before 2.4.0.1 for WordPress has privilege escalation because wp_ajax functions are mishandled. | ||||
| CVE-2015-9389 | 1 Mtouch Quiz Project | 1 Mtouch Quiz | 2024-11-21 | 5.4 Medium |
| The mtouch-quiz plugin before 3.1.3 for WordPress has XSS via a quiz name. | ||||