Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 ... 14 15 16 17 18 19 20 21 22 23 [24] 25 26 27 28 29 30 31 32 33 34 ...Result(s) : 154580

Alerts Feed Alerts

DateNameCategoriesDetail
6.52019-10-10CVE-2015-9477cve The Vernissage theme 1.2.8 for WordPress has insufficient restrictions on option updates.
6.52019-10-10CVE-2015-9476cve The Teardrop theme 1.8.1 for WordPress has insufficient restrictions on option updates.
6.52019-10-10CVE-2015-9475cve The Pont theme 1.5 for WordPress has insufficient restrictions on option updates.
6.52019-10-10CVE-2015-9474cve The Simpolio theme 1.3.2 for WordPress has insufficient restrictions on option updates.
52019-10-10CVE-2015-9473cve The estrutura-basica theme through 2015-09-13 for WordPress has directory traversal via the scripts/download.php arquivo parameter.
4.32019-10-10CVE-2015-9472cve The incoming-links plugin before 0.9.10b for WordPress has referrers.php XSS via the Referer HTTP header.
7.52019-10-10CVE-2015-9471cve The dzs-zoomsounds plugin through 2.0 for WordPress has admin/upload.php arbitrary file upload.
N/A2019-10-10CVE-2015-9470cve The history-collection plugin through 1.1.1 for WordPress has directory traversal via the download.php var parameter.
N/A2019-10-10CVE-2015-9469cve The content-grabber plugin 1.0 for WordPress has XSS via obj_field_name or obj_field_id.
4.32019-10-10CVE-2015-9468cve The broken-link-manager plugin 0.4.5 for WordPress has XSS via the page parameter in a delURL action.
7.52019-10-10CVE-2015-9467cve The broken-link-manager plugin before 0.5.0 for WordPress has wpslDelURL or wpslEditURL SQL injection via the url parameter.
N/A2019-10-10CVE-2015-9466cve The wti-like-post plugin before 1.4.3 for WordPress has WtiLikePostProcessVote SQL injection via the HTTP_CLIENT_IP, HTTP_X_FORWARDED_FOR, HTTP_X_FORWARDED, HTTP_FORWARDED_FOR, ...
6.52019-10-10CVE-2015-9465cve The yet-another-stars-rating plugin before 0.9.1 for WordPress has yasr_get_multi_set_values_and_field SQL injection via the set_id parameter.
52019-10-10CVE-2015-9464cve The s3bubble-amazon-s3-html-5-video-with-adverts plugin 0.7 for WordPress has directory traversal via the adverts/assets/plugins/ultimate/content/downloader.php path parameter.
52019-10-10CVE-2015-9463cve The s3bubble-amazon-s3-audio-streaming plugin 2.0 for WordPress has directory traversal via the adverts/assets/plugins/ultimate/content/downloader.php path parameter.
6.52019-10-10CVE-2015-9462cve The awesome-filterable-portfolio plugin before 1.9 for WordPress has afp_get_new_category_page SQL injection via the cat_id parameter.
6.52019-10-10CVE-2015-9461cve The awesome-filterable-portfolio plugin before 1.9 for WordPress has afp_get_new_portfolio_item_page SQL injection via the item_id parameter.
6.52019-10-10CVE-2015-9460cve The booking-system plugin before 2.1 for WordPress has DOPBSPBackEndTranslation::display SQL injection via the language parameter.
4.32019-10-10CVE-2015-9459cve The searchterms-tagging-2 plugin through 1.535 for WordPress has XSS via the wp-admin/options-general.php count parameter.
6.52019-10-10CVE-2015-9458cve The searchterms-tagging-2 plugin through 1.535 for WordPress has SQL injection via the pk_stt2_db_get_popular_terms count parameter exploitable via CSRF.
Page(s) : 1 ... 14 15 16 17 18 19 20 21 22 23 [24] 25 26 27 28 29 30 31 32 33 34 ...Result(s) : 154580