Total
21765 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-20975 | 1 Fatfreecrm | 1 Fat Free Crm | 2019-08-26 | 4.3 MEDIUM | 6.1 MEDIUM |
| Fat Free CRM before 0.18.1 has XSS in the tags_helper in app/helpers/tags_helper.rb. | |||||
| CVE-2015-9336 | 1 Codection | 1 Clean Login | 2019-08-26 | 4.3 MEDIUM | 6.1 MEDIUM |
| The clean-login plugin before 1.5.1 for WordPress has reflected XSS. | |||||
| CVE-2019-15228 | 1 Thedaylightstudio | 1 Fuel Cms | 2019-08-26 | 3.5 LOW | 5.4 MEDIUM |
| FUEL CMS 1.4.4 has XSS in the Create Blocks section of the Admin console. This could lead to cookie stealing and other malicious actions. This vulnerability can be exploited with an authenticated account but can also impact unauthenticated visitors. | |||||
| CVE-2013-7481 | 1 Bestwebsoft | 1 Contact Form | 2019-08-26 | 4.3 MEDIUM | 6.1 MEDIUM |
| The contact-form-plugin plugin before 3.3.5 for WordPress has XSS. | |||||
| CVE-2019-14469 | 1 Sonatype | 1 Nexus Repository Manager | 2019-08-26 | 3.5 LOW | 5.4 MEDIUM |
| In Nexus Repository Manager before 3.18.0, users with elevated privileges can create stored XSS. | |||||
| CVE-2013-7479 | 1 Wp-events-plugin | 1 Events Manager | 2019-08-26 | 4.3 MEDIUM | 6.1 MEDIUM |
| The events-manager plugin before 5.3.9 for WordPress has XSS in the search form field. | |||||
| CVE-2013-7480 | 1 Wp-events-plugin | 1 Events Manager | 2019-08-26 | 4.3 MEDIUM | 6.1 MEDIUM |
| The events-manager plugin before 5.3.6.1 for WordPress has XSS via the booking form and admin areas. | |||||
| CVE-2013-7478 | 1 Wp-events-plugin | 1 Events Manager | 2019-08-26 | 4.3 MEDIUM | 6.1 MEDIUM |
| The events-manager plugin before 5.5 for WordPress has XSS via EM_Ticket::get_post. | |||||
| CVE-2013-7477 | 1 Wp-events-plugin | 1 Events Manager | 2019-08-26 | 4.3 MEDIUM | 6.1 MEDIUM |
| The events-manager plugin before 5.5.2 for WordPress has XSS in the booking form. | |||||
| CVE-2012-6716 | 1 Wp-events-plugin | 1 Events Manager | 2019-08-26 | 4.3 MEDIUM | 6.1 MEDIUM |
| The events-manager plugin before 5.1.7 for WordPress has XSS via JSON call links. | |||||
| CVE-2017-1000227 | 1 Parallelus | 1 Salutation | 2019-08-24 | 3.5 LOW | 5.4 MEDIUM |
| Stored XSS in Salutation Responsive WordPress + BuddyPress Theme version 3.0.15 could allow logged-in users to do almost anything an admin can | |||||
| CVE-2019-11522 | 1 Open-xchange | 1 Open-xchange Appsuite | 2019-08-23 | 3.5 LOW | 5.4 MEDIUM |
| OX App Suite 7.10.0 to 7.10.2 allows XSS. | |||||
| CVE-2017-18577 | 1 Ibericode | 1 Mailchimp | 2019-08-23 | 4.3 MEDIUM | 6.1 MEDIUM |
| The mailchimp-for-wp plugin before 4.1.8 for WordPress has XSS via the return value of add_query_arg. | |||||
| CVE-2017-18576 | 1 Event Notifier Project | 1 Event Notifier | 2019-08-23 | 4.3 MEDIUM | 6.1 MEDIUM |
| The event-notifier plugin before 1.2.1 for WordPress has XSS via the loading animation. | |||||
| CVE-2017-18581 | 1 Time Sheets Project | 1 Time Sheets | 2019-08-23 | 4.3 MEDIUM | 6.1 MEDIUM |
| The time-sheets plugin before 1.5.0 for WordPress has XSS via the old timesheet list. | |||||
| CVE-2008-7321 | 1 Tubepress | 1 Tubepress | 2019-08-23 | 4.3 MEDIUM | 6.1 MEDIUM |
| The tubepress plugin before 1.6.5 for WordPress has XSS. | |||||
| CVE-2017-18564 | 1 Bestwebsoft | 1 Sender | 2019-08-23 | 4.3 MEDIUM | 6.1 MEDIUM |
| The sender plugin before 1.2.1 for WordPress has multiple XSS issues. | |||||
| CVE-2017-18563 | 1 Swimordiesoftware | 1 Rsvp | 2019-08-23 | 4.3 MEDIUM | 6.1 MEDIUM |
| The rsvp plugin before 2.3.8 for WordPress has persistent XSS via the note field on the attendee-list screen. | |||||
| CVE-2015-9327 | 1 Flickr Justified Gallery Project | 1 Flickr Justified Gallery | 2019-08-23 | 4.3 MEDIUM | 6.1 MEDIUM |
| The flickr-justified-gallery plugin before 3.4.0 for WordPress has XSS. | |||||
| CVE-2014-10392 | 1 Cformsii Project | 1 Cformsii | 2019-08-23 | 4.3 MEDIUM | 6.1 MEDIUM |
| The cforms2 plugin before 10.2 for WordPress has XSS. | |||||