Total
316927 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-18522 | 1 Eelv Newsletter Project | 1 Eelv Newsletter | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The eelv-newsletter plugin before 4.6.1 for WordPress has XSS in the address book. | |||||
| CVE-2017-18521 | 1 Wp-kama | 1 Democracy Poll | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The democracy-poll plugin before 5.4 for WordPress has CSRF via wp-admin/options-general.php?page=democracy-poll&subpage=l10n. | |||||
| CVE-2017-18520 | 1 Wp-kama | 1 Democracy Poll | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The democracy-poll plugin before 5.4 for WordPress has XSS via update_l10n in admin/class.DemAdminInit.php. | |||||
| CVE-2017-18519 | 1 Marvinlabs | 1 Wp Customer Area | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The customer-area plugin before 7.4.3 for WordPress has XSS via admin pages. | |||||
| CVE-2017-18518 | 1 Bestwebsoft | 1 Smtp | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The bws-smtp plugin before 1.1.0 for WordPress has multiple XSS issues. | |||||
| CVE-2017-18517 | 1 Bestwebsoft | 1 Pinterest | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The bws-pinterest plugin before 1.0.5 for WordPress has multiple XSS issues. | |||||
| CVE-2017-18516 | 1 Bestwebsoft | 1 Linkedin | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The bws-linkedin plugin before 1.0.5 for WordPress has multiple XSS issues. | |||||
| CVE-2017-18515 | 1 Veronalabs | 1 Wp Statistics | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The wp-statistics plugin before 12.0.8 for WordPress has SQL injection. | |||||
| CVE-2017-18514 | 1 Simplerealtytheme | 1 Simple Login Log | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The simple-login-log plugin before 1.1.2 for WordPress has SQL injection. | |||||
| CVE-2017-18513 | 1 Expresstech | 1 Responsive Menu | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The responsive-menu plugin before 3.1.4 for WordPress has no CSRF protection mechanism for the admin interface. | |||||
| CVE-2017-18512 | 1 Supsystic | 1 Newsletter By Supsystic | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The newsletter-by-supsystic plugin before 1.1.8 for WordPress has CSRF. | |||||
| CVE-2017-18511 | 1 Wpmudev | 1 Custom Sidebars | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The custom-sidebars plugin before 3.0.8.1 for WordPress has CSRF. | |||||
| CVE-2017-18510 | 1 Wpmudev | 1 Custom Sidebars | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The custom-sidebars plugin before 3.1.0 for WordPress has CSRF related to set location, import actions, and export actions. | |||||
| CVE-2017-18509 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain circumstances. The issue can be triggered as root (e.g., inside a default LXC container or with the CAP_NET_ADMIN capability) or after namespace unsharing. This occurs because sk_type and protocol are not checked in the appropriate part of the ip6_mroute_* functions. NOTE: this affects Linux distributions that use 4.9.x longterm kernels before 4.9.187. | |||||
| CVE-2017-18508 | 1 3cx | 1 Live Chat | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The wp-live-chat-support plugin before 7.1.03 for WordPress has XSS. | |||||
| CVE-2017-18507 | 1 3cx | 1 Live Chat | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The wp-live-chat-support plugin before 7.1.05 for WordPress has XSS. | |||||
| CVE-2017-18506 | 1 Wpovernight | 1 Woocommerce Pdf Invoices\& Packing Slips | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The woocommerce-pdf-invoices-packing-slips plugin before 2.0.13 for WordPress has XSS via the tab or section variable on settings screens. | |||||
| CVE-2017-18505 | 1 Bestwebsoft | 1 Twitter Button | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The twitter-plugin plugin before 2.55 for WordPress has XSS. | |||||
| CVE-2017-18504 | 1 Wpdeveloper | 1 Twitter Cards Meta | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The twitter-cards-meta plugin before 2.5.0 for WordPress has CSRF. | |||||
| CVE-2017-18503 | 1 Wpdeveloper | 1 Twitter Cards Meta | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The twitter-cards-meta plugin before 2.5.0 for WordPress has XSS. | |||||