Total
316927 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-18583 | 1 Post Pay Counter Project | 1 Post Pay Counter | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The post-pay-counter plugin before 2.731 for WordPress has PHP Object Injection. | |||||
| CVE-2017-18582 | 1 Time Sheets Project | 1 Time Sheets | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The time-sheets plugin before 1.5.2 for WordPress has multiple XSS issues. | |||||
| CVE-2017-18581 | 1 Time Sheets Project | 1 Time Sheets | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The time-sheets plugin before 1.5.0 for WordPress has XSS via the old timesheet list. | |||||
| CVE-2017-18580 | 1 Getshortcodes | 1 Shortcodes Ultimate | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The shortcodes-ultimate plugin before 5.0.1 for WordPress has remote code execution via a filter in a meta, post, or user shortcode. | |||||
| CVE-2017-18579 | 1 Dwbooster | 1 Corner Ad | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The corner-ad plugin before 1.0.8 for WordPress has XSS. | |||||
| CVE-2017-18578 | 1 Crafty Social Buttons Project | 1 Crafty Social Buttons | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The crafty-social-buttons plugin before 1.5.8 for WordPress has XSS. | |||||
| CVE-2017-18577 | 1 Ibericode | 1 Mailchimp | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The mailchimp-for-wp plugin before 4.1.8 for WordPress has XSS via the return value of add_query_arg. | |||||
| CVE-2017-18576 | 1 Event Notifier Project | 1 Event Notifier | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The event-notifier plugin before 1.2.1 for WordPress has XSS via the loading animation. | |||||
| CVE-2017-18575 | 1 Newstatpress Project | 1 Newstatpress | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The newstatpress plugin before 1.2.5 for WordPress has multiple stored XSS issues. | |||||
| CVE-2017-18574 | 1 Ninjaforms | 1 Ninja Forms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The ninja-forms plugin before 3.0.31 for WordPress has insufficient HTML escaping in the builder. | |||||
| CVE-2017-18573 | 1 Simplerealtytheme | 1 Simple Login Log | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The simple-login-log plugin before 1.1.2 for WordPress has SQL injection. | |||||
| CVE-2017-18572 | 1 Sir | 1 Gnucommerce | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The gnucommerce plugin before 1.4.2 for WordPress has XSS. | |||||
| CVE-2017-18571 | 1 Search Everything Project | 1 Search Everything | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The search-everything plugin before 8.1.7 for WordPress has SQL injection related to WordPress 4.7.x, a different vulnerability than CVE-2014-2316. | |||||
| CVE-2017-18570 | 1 Cformsii Project | 1 Cformsii | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The cforms2 plugin before 14.13 for WordPress has SQL injection in the tracking DB GUI via Delete Entries or Download Entries. | |||||
| CVE-2017-18569 | 1 Mythemeshop | 1 My Wp Translate | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The my-wp-translate plugin before 1.0.4 for WordPress has CSRF. | |||||
| CVE-2017-18568 | 1 Mythemeshop | 1 My Wp Translate | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The my-wp-translate plugin before 1.0.4 for WordPress has XSS. | |||||
| CVE-2017-18567 | 1 Soflyy | 1 Wp All Import | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The wp-all-import plugin before 3.4.6 for WordPress has XSS. | |||||
| CVE-2017-18566 | 1 Bestwebsoft | 1 User Role | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The user-role plugin before 1.5.6 for WordPress has multiple XSS issues. | |||||
| CVE-2017-18565 | 1 Bestwebsoft | 1 Updater | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The updater plugin before 1.35 for WordPress has multiple XSS issues. | |||||
| CVE-2017-18564 | 1 Bestwebsoft | 1 Sender | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The sender plugin before 1.2.1 for WordPress has multiple XSS issues. | |||||