Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-4938 | 1 Wp Rss Poster Plugin Project | 1 Wp-rss-poster | 2014-07-14 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the WP Rss Poster (wp-rss-poster) plugin 1.0.0 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter in the wrp-add-new page to wp-admin/admin.php. | |||||
| CVE-2013-6117 | 1 Dahuasecurity | 1 Dvr Firmware | 2014-07-14 | 7.5 HIGH | N/A |
| Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777. | |||||
| CVE-2014-4527 | 1 Envialosimple | 1 Email Marketing Y Newsletters | 2014-07-11 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in paginas/vista-previa-form.php in the EnvialoSimple: Email Marketing and Newsletters (envialosimple-email-marketing-y-newsletters-gratis) plugin before 1.98 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) FormID or (2) AdministratorID parameter. | |||||
| CVE-2014-3889 | 1 Silex | 2 Sx-2000wg, Sx-2000wg Firmware | 2014-07-11 | 5.0 MEDIUM | N/A |
| silex SX-2000WG devices with firmware before 1.5.4 allow remote attackers to cause a denial of service (connectivity outage) via crafted data in the Options field of a TCP header, a different vulnerability than CVE-2014-3890. | |||||
| CVE-2014-4532 | 1 Garagesale Project | 1 Garagesale | 2014-07-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in templates/printAdminUsersList_Footer.tpl.php in the GarageSale plugin before 1.2.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter. | |||||
| CVE-2014-3890 | 1 Silex | 2 Sx-2000wg, Sx-2000wg Firmware | 2014-07-11 | 5.0 MEDIUM | N/A |
| silex SX-2000WG devices with firmware before 1.5.4 allow remote attackers to cause a denial of service (connectivity outage) via a crafted IP packet, a different vulnerability than CVE-2014-3889. | |||||
| CVE-2014-4531 | 1 Game Tabs Project | 1 Game Tabs | 2014-07-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in main_page.php in the Game tabs plugin 0.4.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the n parameter. | |||||
| CVE-2014-4522 | 1 Dssearchagent Project | 1 Dssearchagent | 2014-07-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in client-assist.php in the dsSearchAgent: WordPress Edition plugin 1.0-beta10 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the action parameter. | |||||
| CVE-2014-4524 | 1 Wp Easy Post Types Project | 1 Wp Easy Post Types | 2014-07-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in classes/custom-image/media.php in the WP Easy Post Types plugin before 1.4.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the ref parameter. | |||||
| CVE-2014-4526 | 1 Efence Project | 1 Efence | 2014-07-11 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in callback.php in the efence plugin 1.3.2 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) message, (2) zoneid, (3) pubKey, or (4) privKey parameter. | |||||
| CVE-2014-4529 | 2 Flash Photo Gallery Project, Wordpress | 2 Flash Photo Gallery, Wordpress | 2014-07-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in fpg_preview.php in the Flash Photo Gallery plugin 0.7 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the path parameter. | |||||
| CVE-2014-4574 | 1 Webengage Project | 1 Webengage | 2014-07-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in resize.php in the WebEngage plugin before 2.0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the height parameter. | |||||
| CVE-2014-4537 | 1 Keyword Strategy Internal Links Project | 1 Keyword Strategy Internal Links | 2014-07-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in inpage.tpl.php in the Keyword Strategy Internal Links plugin 2.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the (1) sort, (2) search, or (3) dir parameter. | |||||
| CVE-2014-4576 | 1 Wordpress Social Login Project | 1 Wordpress Social Login | 2014-07-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in services/diagnostics.php in the WordPress Social Login plugin 2.0.3 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the xhrurl parameter. | |||||
| CVE-2014-4540 | 1 Oleggo Livestream Project | 1 Oleggo Livestream | 2014-07-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in oleggo-twitter/twitter_login_form.php in the Oleggo LiveStream plugin 0.2.6 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | |||||
| CVE-2014-4541 | 1 Omfg Mobile Project | 1 Omfg Mobile | 2014-07-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in shortcode-generator/preview-shortcode-external.php in the OMFG Mobile Pro plugin 1.1.26 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the shortcode parameter. | |||||
| CVE-2014-4542 | 1 Ooorl Project | 1 Ooorl | 2014-07-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in redirect.php in the Ooorl plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the url parameter. | |||||
| CVE-2014-4597 | 1 Wp Social Invitations Project | 1 Wp Social Invitations | 2014-07-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in test.php in the WP Social Invitations plugin before 1.4.4.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the xhrurl parameter. | |||||
| CVE-2014-4547 | 1 Rezgo | 1 Online Booking | 2014-07-11 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in templates/default/index_ajax.php in the Rezgo Online Booking plugin before 1.8.2 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) tags or (2) search_for parameter. | |||||
| CVE-2014-4591 | 1 Wp Picasa Image Project | 1 Wp Picasa Image | 2014-07-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in picasa_upload.php in the WP-Picasa-Image plugin 1.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the post_id parameter. | |||||