Search
Search Results (18007 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-10381 | 1 User Domain Whitelist Project | 1 User Domain Whitelist | 2024-11-21 | N/A |
| The user-domain-whitelist plugin before 1.5 for WordPress has CSRF. | ||||
| CVE-2014-10380 | 1 Cozmoslabs | 1 Profile Builder | 2024-11-21 | N/A |
| The profile-builder plugin before 1.1.66 for WordPress has multiple XSS issues in forms. | ||||
| CVE-2014-10379 | 1 Duplicate Post Project | 1 Duplicate Post | 2024-11-21 | N/A |
| The duplicate-post plugin before 2.6 for WordPress has SQL injection. | ||||
| CVE-2014-10378 | 1 Duplicate Post Project | 1 Duplicate Post | 2024-11-21 | N/A |
| The duplicate-post plugin before 2.6 for WordPress has XSS. | ||||
| CVE-2014-10377 | 1 Cformsii Project | 1 Cformsii | 2024-11-21 | 6.1 Medium |
| The cforms2 plugin before 13.2 for WordPress has XSS in lib_ajax.php. | ||||
| CVE-2014-10376 | 1 Themeist | 1 I Recommend This | 2024-11-21 | N/A |
| The i-recommend-this plugin before 3.7.3 for WordPress has SQL injection. | ||||
| CVE-2014-10076 | 1 Wp-db-backup Project | 1 Wp-db-backup | 2024-11-21 | N/A |
| The wp-db-backup plugin 2.2.4 for WordPress relies on a five-character string for access control, which makes it easier for remote attackers to read backup archives via a brute-force attack. | ||||
| CVE-2013-7483 | 1 Hbwsl | 1 Slidedeck 2 | 2024-11-21 | N/A |
| The slidedeck2 plugin before 2.3.5 for WordPress has file inclusion. | ||||
| CVE-2013-7482 | 1 Reflex Gallery Project | 1 Reflex Gallery | 2024-11-21 | N/A |
| The reflex-gallery plugin before 1.4.3 for WordPress has XSS. | ||||
| CVE-2013-7481 | 1 Bestwebsoft | 1 Contact Form | 2024-11-21 | N/A |
| The contact-form-plugin plugin before 3.3.5 for WordPress has XSS. | ||||
| CVE-2013-7480 | 1 Pixelite | 1 Events Manager | 2024-11-21 | N/A |
| The events-manager plugin before 5.3.6.1 for WordPress has XSS via the booking form and admin areas. | ||||
| CVE-2013-7479 | 1 Pixelite | 1 Events Manager | 2024-11-21 | N/A |
| The events-manager plugin before 5.3.9 for WordPress has XSS in the search form field. | ||||
| CVE-2013-7478 | 1 Pixelite | 1 Events Manager | 2024-11-21 | N/A |
| The events-manager plugin before 5.5 for WordPress has XSS via EM_Ticket::get_post. | ||||
| CVE-2013-7477 | 1 Pixelite | 1 Events Manager | 2024-11-21 | N/A |
| The events-manager plugin before 5.5.2 for WordPress has XSS in the booking form. | ||||
| CVE-2013-7476 | 1 Simple Fields Project | 1 Simple Fields | 2024-11-21 | N/A |
| The simple-fields plugin before 1.2 for WordPress has CSRF in the admin interface. | ||||
| CVE-2013-7475 | 1 Bestwebsoft | 1 Contact Form | 2024-11-21 | N/A |
| The contact-form-plugin plugin before 3.52 for WordPress has XSS. | ||||
| CVE-2013-7472 | 1 Count Per Day Project | 1 Count Per Day | 2024-11-21 | N/A |
| The "Count per Day" plugin before 3.2.6 for WordPress allows XSS via the wp-admin/?page=cpd_metaboxes daytoshow parameter. | ||||
| CVE-2013-5988 | 1 Semperplugins | 1 All In One Seo Pack | 2024-11-21 | 6.1 Medium |
| A Cross-site Scripting (XSS) vulnerability exists in the All in One SEO Pack plugin before 2.0.3.1 for WordPress via the Search parameter. | ||||
| CVE-2013-5978 | 1 Cart66 | 1 Cart66 Lite Plugin | 2024-11-21 | 6.1 Medium |
| Multiple cross-site scripting (XSS) vulnerabilities in products.php in the Cart66 Lite plugin before 1.5.1.15 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) Product name or (2) Price description fields via a request to wp-admin/admin.php. NOTE: This issue may only cross privilege boundaries if used in combination with CVE-2013-5977. | ||||
| CVE-2013-4693 | 1 Xorbin | 1 Digital Flash Clock | 2024-11-21 | 6.1 Medium |
| WordPress Xorbin Digital Flash Clock 1.0 has XSS | ||||