Total
299162 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-10982 | 1 Kentothemes | 1 Kento-post-view-counter | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The kento-post-view-counter plugin through 2.8 for WordPress has wp-admin/admin.php?page=kentopvc_settings CSRF. | |||||
| CVE-2016-10981 | 1 Kentothemes | 1 Kento-post-view-counter | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The kento-post-view-counter plugin through 2.8 for WordPress has stored XSS via kento_pvc_numbers_lang, kento_pvc_today_text, or kento_pvc_total_text. | |||||
| CVE-2016-10980 | 1 Kentothemes | 1 Kento-post-view-counter | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The kento-post-view-counter plugin through 2.8 for WordPress has XSS via kento_pvc_geo. | |||||
| CVE-2016-10979 | 1 Fossura | 1 Tag Miner | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The fossura-tag-miner plugin before 1.1.5 for WordPress has XSS. | |||||
| CVE-2016-10978 | 1 Fossura | 1 Tag Miner | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The fossura-tag-miner plugin before 1.1.5 for WordPress has CSRF. | |||||
| CVE-2016-10977 | 1 Neliosoftware | 1 Nelio Ab Testing | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| The nelio-ab-testing plugin before 4.5.0 for WordPress has filename=..%2f directory traversal. | |||||
| CVE-2016-10976 | 1 Kodebyraaet | 1 Safe Editor | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The safe-editor plugin before 1.2 for WordPress has no se_save authentication, with resultant XSS. | |||||
| CVE-2016-10975 | 1 Tonjoostudio | 1 Fluid-responsive-slideshow | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The fluid-responsive-slideshow plugin before 2.2.7 for WordPress has reflected XSS via the skin parameter. | |||||
| CVE-2016-10974 | 1 Tonjoostudio | 1 Fluid-responsive-slideshow | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The fluid-responsive-slideshow plugin before 2.2.7 for WordPress has frs_save CSRF with resultant stored XSS. | |||||
| CVE-2016-10973 | 1 Brafton | 1 Brafton | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Brafton plugin before 3.4.8 for WordPress has XSS via the wp-admin/admin.php?page=BraftonArticleLoader tab parameter to BraftonAdminPage.php. | |||||
| CVE-2016-10972 | 1 Tagdiv | 1 Newspaper | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The newspaper theme before 6.7.2 for WordPress has a lack of options access control via td_ajax_update_panel. | |||||
| CVE-2016-10971 | 1 Membersonic | 1 Membersonic | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The MemberSonic Lite plugin before 1.302 for WordPress has incorrect login access control because only knowlewdge of an e-mail address is required. | |||||
| CVE-2016-10970 | 1 Supportflow Project | 1 Supportflow | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The supportflow plugin before 0.7 for WordPress has XSS via a ticket excerpt. | |||||
| CVE-2016-10969 | 1 Supportflow Project | 1 Supportflow | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The supportflow plugin before 0.7 for WordPress has XSS via a discussion ticket title. | |||||
| CVE-2016-10968 | 1 Peepso | 1 Peepso | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| The peepso-core plugin before 1.6.1 for WordPress has PeepSoProfilePreferencesAjax->save() privilege escalation. | |||||
| CVE-2016-10967 | 1 Creativeinteractivemedia | 1 Real3d Flipbook | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The real3d-flipbook-lite plugin 1.0 for WordPress has XSS via the wp-content/plugins/real3d-flipbook/includes/flipbooks.php bookId parameter. | |||||
| CVE-2016-10966 | 1 Creativeinteractivemedia | 1 Real3d Flipbook | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The real3d-flipbook-lite plugin 1.0 for WordPress has bookName=../ directory traversal for file upload. | |||||
| CVE-2016-10965 | 1 Creativeinteractivemedia | 1 Real3d Flipbook | 2024-11-21 | 6.4 MEDIUM | 7.5 HIGH |
| The real3d-flipbook-lite plugin 1.0 for WordPress has deleteBook=../ directory traversal for file deletion. | |||||
| CVE-2016-10964 | 1 Findshorty | 1 Dwnldr | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The dwnldr plugin before 1.01 for WordPress has XSS via the User-Agent HTTP header. | |||||
| CVE-2016-10963 | 1 Icegram | 1 Icegram | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The icegram plugin before 1.9.19 for WordPress has XSS. | |||||