CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (40608 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2016-10990	1 Wpcerber	1 Cerber Security Antispam \& Malware Scan	2024-11-21	6.1 Medium
The wp-cerber plugin before 2.7 for WordPress has XSS via the X-Forwarded-For HTTP header.
CVE-2016-10988	1 Leenk	1 Leenk.me	2024-11-21	6.1 Medium
The leenkme plugin before 2.6.0 for WordPress has stored XSS via facebook_message, facebook_linkname, facebook_caption, facebook_description, default_image, or _wp_http_referer.
CVE-2016-10987	1 Woocommerce	1 Persian Woocommerce Sms	2024-11-21	6.1 Medium
The persian-woocommerce-sms plugin before 3.3.4 for WordPress has ps_sms_numbers XSS.
CVE-2016-10986	1 Nerdcow	1 Tweet Wheel	2024-11-21	6.1 Medium
The tweet-wheel plugin before 1.0.3.3 for WordPress has XSS via consumer_key, consumer_secret, access_token, and access_token_secret.
CVE-2016-10985	1 Smackcoders	1 Echo Sign	2024-11-21	6.1 Medium
The echosign plugin before 1.2 for WordPress has XSS via the templates/add_templates.php id parameter.
CVE-2016-10984	1 Smackcoders	1 Echo Sign	2024-11-21	6.1 Medium
The echosign plugin before 1.2 for WordPress has XSS via the inc.php page parameter.
CVE-2016-10981	1 Kentothemes	1 Kento-post-view-counter	2024-11-21	6.1 Medium
The kento-post-view-counter plugin through 2.8 for WordPress has stored XSS via kento_pvc_numbers_lang, kento_pvc_today_text, or kento_pvc_total_text.
CVE-2016-10980	1 Kentothemes	1 Kento-post-view-counter	2024-11-21	6.1 Medium
The kento-post-view-counter plugin through 2.8 for WordPress has XSS via kento_pvc_geo.
CVE-2016-10979	1 Fossura	1 Tag Miner	2024-11-21	6.1 Medium
The fossura-tag-miner plugin before 1.1.5 for WordPress has XSS.
CVE-2016-10976	1 Kodebyraaet	1 Safe Editor	2024-11-21	6.1 Medium
The safe-editor plugin before 1.2 for WordPress has no se_save authentication, with resultant XSS.
CVE-2016-10975	1 Tonjoostudio	1 Fluid-responsive-slideshow	2024-11-21	6.1 Medium
The fluid-responsive-slideshow plugin before 2.2.7 for WordPress has reflected XSS via the skin parameter.
CVE-2016-10973	1 Brafton	1 Brafton	2024-11-21	6.1 Medium
The Brafton plugin before 3.4.8 for WordPress has XSS via the wp-admin/admin.php?page=BraftonArticleLoader tab parameter to BraftonAdminPage.php.
CVE-2016-10970	1 Supportflow Project	1 Supportflow	2024-11-21	6.1 Medium
The supportflow plugin before 0.7 for WordPress has XSS via a ticket excerpt.
CVE-2016-10969	1 Supportflow Project	1 Supportflow	2024-11-21	6.1 Medium
The supportflow plugin before 0.7 for WordPress has XSS via a discussion ticket title.
CVE-2016-10967	1 Creativeinteractivemedia	1 Real3d Flipbook	2024-11-21	6.1 Medium
The real3d-flipbook-lite plugin 1.0 for WordPress has XSS via the wp-content/plugins/real3d-flipbook/includes/flipbooks.php bookId parameter.
CVE-2016-10964	1 Findshorty	1 Dwnldr	2024-11-21	6.1 Medium
The dwnldr plugin before 1.01 for WordPress has XSS via the User-Agent HTTP header.
CVE-2016-10963	1 Icegram	1 Icegram Engage	2024-11-21	6.1 Medium
The icegram plugin before 1.9.19 for WordPress has XSS.
CVE-2016-10961	1 Inkthemes	1 Colorway	2024-11-21	6.1 Medium
The colorway theme before 3.4.2 for WordPress has XSS via the contactName parameter.
CVE-2016-10957	1 Akal Project	1 Akal	2024-11-21	6.1 Medium
The Akal theme through 2016-08-22 for WordPress has XSS via the framework/brad-shortcodes/tinymce/preview.php sc parameter.
CVE-2016-10953	1 Headwaythemes	1 Headway	2024-11-21	5.4 Medium
The Headway theme before 3.8.9 for WordPress has XSS via the license key field.

« first previous Page 1929 of 2031. next last »