Total
21765 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-15869 | 1 Jobcareer Project | 1 Jobcareer | 2019-09-03 | 3.5 LOW | 5.4 MEDIUM |
| The JobCareer theme before 2.5.1 for WordPress has stored XSS. | |||||
| CVE-2015-9367 | 1 Ithemes | 1 Easy Canadian Sales Taxes | 2019-09-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| Easy Canadian Sales Taxes Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | |||||
| CVE-2015-9368 | 1 Ithemes | 1 Easy Eu Value Added \(vat\) Taxes | 2019-09-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| Easy EU Value Added (VAT) Taxes Add-on for iThemes Exchange before 1.2.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | |||||
| CVE-2019-5590 | 1 Fortinet | 1 Fortiweb | 2019-09-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| The URL part of the report message is not encoded in Fortinet FortiWeb 6.0.2 and below which may allow an attacker to execute unauthorized code or commands (Cross Site Scripting) via attack reports generated in HTML form. | |||||
| CVE-2019-15838 | 1 Custom 404 Pro Project | 1 Custom 404 Pro | 2019-09-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| The custom-404-pro plugin before 3.2.8 for WordPress has reflected XSS, a different vulnerability than CVE-2019-14789. | |||||
| CVE-2015-9358 | 1 Feedwordpress Project | 1 Feedwordpress | 2019-09-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| The feedwordpress plugin before 2015.0514 for WordPress has XSS via add_query_arg() and remove_query_arg(). | |||||
| CVE-2019-15817 | 1 Realestateconnected | 1 Easy Property Listings | 2019-09-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| The easy-property-listings plugin before 3.4 for WordPress has XSS. | |||||
| CVE-2019-15830 | 1 Icegram | 1 Icegram | 2019-09-03 | 3.5 LOW | 5.4 MEDIUM |
| The icegram plugin before 1.10.29 for WordPress has ig_cat_list XSS. | |||||
| CVE-2015-9378 | 1 Ithemes | 1 Builder Theme Market | 2019-09-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| iThemes Builder Theme Market before 5.1.27 for WordPress has XSS via add_query_arg() and remove_query_arg(). | |||||
| CVE-2015-9355 | 1 Simbahosting | 1 Two-factor-authentication | 2019-09-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| The two-factor-authentication plugin before 1.1.10 for WordPress has XSS in the admin area. | |||||
| CVE-2015-9379 | 1 Ithemes | 1 Builder Style Manager | 2019-09-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| iThemes Builder Style Manager before 0.7.7 for WordPress has XSS via add_query_arg() and remove_query_arg(). | |||||
| CVE-2015-9377 | 1 Ithemes | 1 Builder Theme Depot | 2019-09-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| iThemes Builder Theme Depot before 5.0.30 for WordPress has XSS via add_query_arg() and remove_query_arg(). | |||||
| CVE-2019-15811 | 1 Domainmod | 1 Domainmod | 2019-09-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| In DomainMOD through 4.13, the parameter daterange in the file reporting/domains/cost-by-month.php has XSS. | |||||
| CVE-2019-15842 | 1 Easy Pdf Restaurant Menu Upload Project | 1 Easy Pdf Restaurant Menu Upload | 2019-09-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| The easy-pdf-restaurant-menu-upload plugin before 1.1.2 for WordPress has XSS. | |||||
| CVE-2019-15778 | 1 Getwooplugins | 1 Additional Variation Images For Woocommerce | 2019-09-03 | 3.5 LOW | 5.4 MEDIUM |
| The woo-variation-gallery plugin before 1.1.29 for WordPress has XSS. | |||||
| CVE-2018-17866 | 1 Ultimatemember | 1 Ultimate Member | 2019-09-02 | 4.3 MEDIUM | 6.1 MEDIUM |
| Multiple cross-site scripting (XSS) vulnerabilities in includes/core/um-actions-login.php in the "Ultimate Member - User Profile & Membership" plugin before 2.0.28 for WordPress allow remote attackers to inject arbitrary web script or HTML via the "Primary button Text" or "Second button text" field. | |||||
| CVE-2018-16967 | 1 File Manager Project | 1 File Manager | 2019-09-02 | 4.3 MEDIUM | 6.1 MEDIUM |
| There is an XSS vulnerability in the mndpsingh287 File Manager plugin 3.0 for WordPress via the page=wp_file_manager_root public_path parameter. | |||||
| CVE-2019-13234 | 1 Alkacon | 1 Opencms Apollo Template | 2019-09-02 | 4.3 MEDIUM | 6.1 MEDIUM |
| In the Alkacon OpenCms Apollo Template 10.5.4 and 10.5.5, there is XSS in the search engine. | |||||
| CVE-2019-13235 | 1 Alkacon | 1 Opencms Apollo Template | 2019-09-02 | 4.3 MEDIUM | 6.1 MEDIUM |
| In the Alkacon OpenCms Apollo Template 10.5.4 and 10.5.5, there is XSS in the Login form. | |||||
| CVE-2019-13236 | 1 Alkacon | 1 Opencms | 2019-09-02 | 4.3 MEDIUM | 6.1 MEDIUM |
| In system/workplace/ in Alkacon OpenCms 10.5.4 and 10.5.5, there are multiple Reflected and Stored XSS issues in the management interface. | |||||