Total
36605 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-9502 | 1 Webmandesign | 1 Auberge Theme | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Auberge theme before 1.4.5 for WordPress has XSS via the genericons/example.html anchor identifier. | |||||
| CVE-2015-9501 | 1 Artificial Intelligence Project | 1 Artificial Intelligence | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Artificial Intelligence theme before 1.2.4 for WordPress has XSS because Genericons HTML files are unnecessarily placed under the web root. | |||||
| CVE-2015-9500 | 1 Exquisite Ultimate Newspaper Project | 1 Exquisite Ultimate Newspaper | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Exquisite Ultimate Newspaper theme 1.3.3 for WordPress has XSS via the anchor identifier to assets/js/jquery.foundation.plugins.js. | |||||
| CVE-2015-9495 | 1 Syndication Links Project | 1 Syndication Links | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The syndication-links plugin before 1.0.3 for WordPress has XSS via the genericons/example.html anchor identifier. | |||||
| CVE-2015-9494 | 1 Indieweb Post Kinds Project | 1 Indieweb Post Kinds | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The indieweb-post-kinds plugin before 1.3.1.1 for WordPress has XSS via the genericons/example.html anchor identifier. | |||||
| CVE-2015-9493 | 1 Nlb-creationst | 1 My Wish List | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The my-wish-list plugin before 1.4.2 for WordPress has multiple XSS issues. | |||||
| CVE-2015-9478 | 1 No-margin-for-error | 1 Prettyphoto | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| prettyPhoto before 3.1.6 has js/jquery.prettyPhoto.js XSS. | |||||
| CVE-2015-9472 | 1 Monitorbacklinks | 1 Incoming Links | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The incoming-links plugin before 0.9.10b for WordPress has referrers.php XSS via the Referer HTTP header. | |||||
| CVE-2015-9469 | 1 Cybercraftit | 1 Content-grabber | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| The content-grabber plugin 1.0 for WordPress has XSS via obj_field_name or obj_field_id. | |||||
| CVE-2015-9468 | 1 K-78 | 1 Broken Link Manager | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The broken-link-manager plugin 0.4.5 for WordPress has XSS via the page parameter in a delURL action. | |||||
| CVE-2015-9459 | 1 Seo Searchterms Tagging 2 Project | 1 Seo Searchterms Tagging 2 | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The searchterms-tagging-2 plugin through 1.535 for WordPress has XSS via the wp-admin/options-general.php count parameter. | |||||
| CVE-2015-9453 | 1 K-78 | 1 Broken Link Manager | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The broken-link-manager plugin before 0.6.0 for WordPress has XSS via the HTTP Referer or User-Agent header to a URL that does not exist. | |||||
| CVE-2015-9444 | 1 Altosresearch | 1 Altos-connect | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The altos-connect plugin 1.3.0 for WordPress has XSS via the wp-content/plugins/altos-connect/jquery-validate/demo/demo/captcha/index.php/ PATH_SELF. | |||||
| CVE-2015-9439 | 1 Addthis | 1 Addthis | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| The addthis plugin before 5.0.13 for WordPress has CSRF with resultant XSS via the wp-admin/options-general.php?page=addthis_social_widget pubid parameter. | |||||
| CVE-2015-9438 | 1 Display-widgets Project | 1 Display-widgets | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| The display-widgets plugin before 2.04 for WordPress has XSS via the wp-admin/admin-ajax.php?action=dw_show_widget id_base, widget_number, or instance parameter. | |||||
| CVE-2015-9430 | 1 Crazy Bone Project | 1 Crazy Bone | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The crazy-bone plugin before 0.6.0 for WordPress has XSS via the User-Agent HTTP header. | |||||
| CVE-2015-9426 | 1 Manual Image Crop Project | 1 Manual Image Crop | 2024-11-21 | 3.5 LOW | 4.6 MEDIUM |
| The manual-image-crop plugin before 1.11 for WordPress has CSRF with resultant XSS via the wp-admin/admin-ajax.php?action=mic_editor_window postId parameter. | |||||
| CVE-2015-9423 | 1 Simplysymphony | 1 Plugnedit | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| The PlugNedit Adaptive Editor plugin before 6.2.0 for WordPress has XSS via wp-admin/admin-ajax.php?action=simple_fields_field_type_post_dialog_load PlugneditBGColor, PlugneditEditorMargin, plugnedit_width, pnemedcount, or plugneditcontent parameters. | |||||
| CVE-2015-9420 | 1 Mightymess | 1 Soundcloud Is Gold | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The soundcloud-is-gold plugin before 2.3.2 for WordPress has XSS via the wp-admin/admin-ajax.php?action=get_soundcloud_player id parameter. | |||||
| CVE-2015-9419 | 1 Captain-slider Project | 1 Captain-slider | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The captain-slider plugin 1.0.6 for WordPress has XSS via a Title or Caption section. | |||||