Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Optiontree Project Subscribe
Filtered by product Optiontree
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-9320 1 Optiontree Project 1 Optiontree 2023-02-24 4.3 MEDIUM 6.1 MEDIUM
The option-tree plugin before 2.5.4 for WordPress has XSS related to add_query_arg.
CVE-2019-15319 1 Optiontree Project 1 Optiontree 2020-08-24 7.5 HIGH 9.8 CRITICAL
The option-tree plugin before 2.7.0 for WordPress has Object Injection by leveraging a valid nonce.
CVE-2019-15320 1 Optiontree Project 1 Optiontree 2020-08-24 7.5 HIGH 9.8 CRITICAL
The option-tree plugin before 2.7.3 for WordPress has Object Injection because the + character is mishandled.
CVE-2019-15321 1 Optiontree Project 1 Optiontree 2020-08-24 7.5 HIGH 9.8 CRITICAL
The option-tree plugin before 2.7.3 for WordPress has Object Injection because serialized classes are mishandled.
CVE-2016-10895 1 Optiontree Project 1 Optiontree 2019-08-22 4.3 MEDIUM 6.1 MEDIUM
The option-tree plugin before 2.6.0 for WordPress has XSS via an add_list_item or add_social_links AJAX request.