Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Total 316927 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-18502 1 Bestwebsoft 1 Subscriber 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The subscriber plugin before 1.3.5 for WordPress has multiple XSS issues.
CVE-2017-18501 1 Bestwebsoft 1 Social Login 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The social-login-bws plugin before 0.2 for WordPress has multiple XSS issues.
CVE-2017-18500 1 Bestwebsoft 1 Social Buttons Pack 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The social-buttons-pack plugin before 1.1.1 for WordPress has multiple XSS issues.
CVE-2017-18499 1 Simple-membership-plugin 1 Simple Membership 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The simple-membership plugin before 3.5.7 for WordPress has XSS.
CVE-2017-18498 1 Presstigers 1 Simple Job Board 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The simple-job-board plugin before 2.4.4 for WordPress has reflected XSS via keyword search.
CVE-2017-18497 1 W3eden 1 Live Forms 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The liveforms plugin before 3.4.0 for WordPress has XSS.
CVE-2017-18496 1 Bestwebsoft 1 Htaccess 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The htaccess plugin before 1.7.6 for WordPress has multiple XSS issues.
CVE-2017-18495 1 Mediaburst 1 Gravity Forms 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The gravity-forms-sms-notifications plugin before 2.4.0 for WordPress has XSS.
CVE-2017-18494 1 Bestwebsoft 1 Custom Search 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The custom-search-plugin plugin before 1.36 for WordPress has multiple XSS issues.
CVE-2017-18493 1 Bestwebsoft 1 Custom Admin Page 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The custom-admin-page plugin before 0.1.2 for WordPress has multiple XSS issues.
CVE-2017-18492 1 Bestwebsoft 1 Contact Form To Db 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The contact-form-to-db plugin before 1.5.7 for WordPress has multiple XSS issues.
CVE-2017-18491 1 Bestwebsoft 1 Contact Form 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The contact-form-plugin plugin before 4.0.6 for WordPress has multiple XSS issues.
CVE-2017-18490 1 Bestwebsoft 1 Contact Form Multi 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The contact-form-multi plugin before 1.2.1 for WordPress has multiple XSS issues.
CVE-2017-18489 1 Mediaburst 1 Contact Form 7 - Clockwork Sms 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The contact-form-7-sms-addon plugin before 2.4.0 for WordPress has XSS.
CVE-2017-18488 1 Backup-guard 1 Backup Guard 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The Backup Guard plugin before 1.1.47 for WordPress has multiple XSS issues.
CVE-2017-18487 1 Google Adsense Project 1 Google Adsense 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The adsense-plugin (aka Google AdSense) plugin before 1.44 for WordPress has multiple XSS issues.
CVE-2017-18486 1 Jitbit 1 Helpdesk 2024-11-21 6.5 MEDIUM 7.2 HIGH
Jitbit Helpdesk before 9.0.3 allows remote attackers to escalate privileges because of mishandling of the User/AutoLogin userHash parameter. By inspecting the token value provided in a password reset link, a user can leverage a weak PRNG to recover the shared secret used by the server for remote authentication. The shared secret can be used to escalate privileges by forging new tokens for any user. These tokens can be used to automatically log in as the affected user.
CVE-2017-18485 1 Elementalpath 2 Cognitoys Dino, Cognitoys Dino Firmware 2024-11-21 5.8 MEDIUM 5.4 MEDIUM
Cognitoys Dino devices allow profiles_add.html CSRF.
CVE-2017-18484 1 Elementalpath 2 Cognitoys Dino, Cognitoys Dino Firmware 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Cognitoys Dino devices allow XSS via the SSID.
CVE-2017-18483 1 Annke 2 Sp1, Sp1 Firmware 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
ANNKE SP1 HD wireless camera 3.4.1.1604071109 devices allow XSS via a crafted SSID.