Total
35377 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-9472 | 1 Monitorbacklinks | 1 Incoming Links | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The incoming-links plugin before 0.9.10b for WordPress has referrers.php XSS via the Referer HTTP header. | |||||
| CVE-2015-9469 | 1 Cybercraftit | 1 Content-grabber | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| The content-grabber plugin 1.0 for WordPress has XSS via obj_field_name or obj_field_id. | |||||
| CVE-2015-9468 | 1 K-78 | 1 Broken Link Manager | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The broken-link-manager plugin 0.4.5 for WordPress has XSS via the page parameter in a delURL action. | |||||
| CVE-2015-9459 | 1 Seo Searchterms Tagging 2 Project | 1 Seo Searchterms Tagging 2 | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The searchterms-tagging-2 plugin through 1.535 for WordPress has XSS via the wp-admin/options-general.php count parameter. | |||||
| CVE-2015-9453 | 1 K-78 | 1 Broken Link Manager | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The broken-link-manager plugin before 0.6.0 for WordPress has XSS via the HTTP Referer or User-Agent header to a URL that does not exist. | |||||
| CVE-2015-9444 | 1 Altosresearch | 1 Altos-connect | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The altos-connect plugin 1.3.0 for WordPress has XSS via the wp-content/plugins/altos-connect/jquery-validate/demo/demo/captcha/index.php/ PATH_SELF. | |||||
| CVE-2015-9439 | 1 Addthis | 1 Addthis | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| The addthis plugin before 5.0.13 for WordPress has CSRF with resultant XSS via the wp-admin/options-general.php?page=addthis_social_widget pubid parameter. | |||||
| CVE-2015-9438 | 1 Display-widgets Project | 1 Display-widgets | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| The display-widgets plugin before 2.04 for WordPress has XSS via the wp-admin/admin-ajax.php?action=dw_show_widget id_base, widget_number, or instance parameter. | |||||
| CVE-2015-9430 | 1 Crazy Bone Project | 1 Crazy Bone | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The crazy-bone plugin before 0.6.0 for WordPress has XSS via the User-Agent HTTP header. | |||||
| CVE-2015-9426 | 1 Manual Image Crop Project | 1 Manual Image Crop | 2024-11-21 | 3.5 LOW | 4.6 MEDIUM |
| The manual-image-crop plugin before 1.11 for WordPress has CSRF with resultant XSS via the wp-admin/admin-ajax.php?action=mic_editor_window postId parameter. | |||||
| CVE-2015-9423 | 1 Simplysymphony | 1 Plugnedit | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| The PlugNedit Adaptive Editor plugin before 6.2.0 for WordPress has XSS via wp-admin/admin-ajax.php?action=simple_fields_field_type_post_dialog_load PlugneditBGColor, PlugneditEditorMargin, plugnedit_width, pnemedcount, or plugneditcontent parameters. | |||||
| CVE-2015-9420 | 1 Mightymess | 1 Soundcloud Is Gold | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The soundcloud-is-gold plugin before 2.3.2 for WordPress has XSS via the wp-admin/admin-ajax.php?action=get_soundcloud_player id parameter. | |||||
| CVE-2015-9419 | 1 Captain-slider Project | 1 Captain-slider | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The captain-slider plugin 1.0.6 for WordPress has XSS via a Title or Caption section. | |||||
| CVE-2015-9416 | 1 Onthegosystems | 1 Sitepress-multilingual-cms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The sitepress-multilingual-cms (WPML) plugin 2.9.3 to 3.2.6 for WordPress has XSS via the Accept-Language HTTP header. | |||||
| CVE-2015-9414 | 1 Wpsymposiumpro | 1 Wp-symposium | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The wp-symposium plugin through 15.8.1 for WordPress has XSS via the wp-content/plugins/wp-symposium/get_album_item.php?size parameter. | |||||
| CVE-2015-9412 | 1 Royal-slider Project | 1 Royal-slider | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Royal-Slider plugin before 3.2.7 for WordPress has XSS via the rstype parameter. | |||||
| CVE-2015-9411 | 1 Gopostmatic | 1 Replyable | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Postmatic plugin before 1.4.6 for WordPress has XSS. | |||||
| CVE-2015-9410 | 1 Blubrry | 1 Powerpress | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| The Blubrry PowerPress Podcasting plugin 6.0.4 for WordPress has XSS via the tab parameter. | |||||
| CVE-2015-9407 | 1 Cyberseo | 1 Xpinner Lite | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The xpinner-lite plugin through 2.2 for WordPress has xpinner-lite.php XSS. | |||||
| CVE-2015-9405 | 1 Wp-piwik Project | 1 Wp-piwik | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The wp-piwik plugin before 1.0.5 for WordPress has XSS. | |||||