Filtered by vendor Simplysymphony
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2015-9422 | 1 Simplysymphony | 1 Plugnedit | 2019-09-26 | 4.3 MEDIUM | 6.5 MEDIUM |
The PlugNedit Adaptive Editor plugin before 6.2.0 for WordPress has CSRF with resultant XSS via wp-admin/admin-ajax.php?action=simple_fields_field_type_post_dialog_load plugnedit_width, pnemedcount, PlugneditBGColor, PlugneditEditorMargin, or plugneditcontent parameters. | |||||
CVE-2015-9423 | 1 Simplysymphony | 1 Plugnedit | 2019-09-26 | 3.5 LOW | 5.4 MEDIUM |
The PlugNedit Adaptive Editor plugin before 6.2.0 for WordPress has XSS via wp-admin/admin-ajax.php?action=simple_fields_field_type_post_dialog_load PlugneditBGColor, PlugneditEditorMargin, plugnedit_width, pnemedcount, or plugneditcontent parameters. |