Total
9398 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-18589 | 1 Cookie Project | 1 Cookie | 2019-08-30 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the cookie crate before 0.7.6 for Rust. Large integers in the Max-Age of a cookie cause a panic. | |||||
| CVE-2015-9348 | 1 Codepeople | 1 Sell Downloads | 2019-08-29 | 5.0 MEDIUM | 7.5 HIGH |
| The sell-downloads plugin before 1.0.8 for WordPress has insufficient restrictions on brute-force guessing of purchase IDs. | |||||
| CVE-2013-7483 | 1 Hbwsl | 1 Slidedeck 2 | 2019-08-29 | 7.5 HIGH | 9.8 CRITICAL |
| The slidedeck2 plugin before 2.3.5 for WordPress has file inclusion. | |||||
| CVE-2016-10930 | 1 Wpsupportplus | 1 Wp Support Plus Responsive Ticket System | 2019-08-29 | 7.5 HIGH | 9.8 CRITICAL |
| The wp-support-plus-responsive-ticket-system plugin before 7.1.0 for WordPress has insecure direct object reference via a ticket number. | |||||
| CVE-2015-9351 | 1 Slickremix | 1 Feed Them Social | 2019-08-28 | 7.5 HIGH | 9.8 CRITICAL |
| The feed-them-social plugin before 1.7.0 for WordPress has possible shortcode execution in the Facebook Feeds load more button. | |||||
| CVE-2015-9345 | 1 Petersplugins | 1 Link Log | 2019-08-28 | 5.0 MEDIUM | 7.5 HIGH |
| The link-log plugin before 2.0 for WordPress has HTTP Response Splitting. | |||||
| CVE-2019-11140 | 1 Intel | 8 Compute Card Cd1iv128mk, Compute Card Firmware, Compute Stick Firmware and 5 more | 2019-08-27 | 4.6 MEDIUM | 6.7 MEDIUM |
| Insufficient session validation in system firmware for Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access. | |||||
| CVE-2014-10384 | 1 Memphis Documents Library Project | 1 Memphis Documents Library | 2019-08-26 | 7.5 HIGH | 9.8 CRITICAL |
| The memphis-documents-library plugin before 3.0 for WordPress has Local File Inclusion. | |||||
| CVE-2014-10383 | 1 Memphis Documents Library Project | 1 Memphis Documents Library | 2019-08-26 | 7.5 HIGH | 9.8 CRITICAL |
| The memphis-documents-library plugin before 3.0 for WordPress has Remote File Inclusion. | |||||
| CVE-2019-15324 | 1 Ad Inserter Project | 1 Ad Inserter | 2019-08-26 | 6.5 MEDIUM | 8.8 HIGH |
| The ad-inserter plugin before 2.4.22 for WordPress has remote code execution. | |||||
| CVE-2018-20981 | 1 Ninjaforms | 1 Ninja Forms | 2019-08-26 | 6.4 MEDIUM | 9.1 CRITICAL |
| The ninja-forms plugin before 3.3.9 for WordPress has insufficient restrictions on submission-data retrieval during Export Personal Data requests. | |||||
| CVE-2018-20980 | 1 Ninjaforms | 1 Ninja Forms | 2019-08-26 | 5.0 MEDIUM | 7.5 HIGH |
| The ninja-forms plugin before 3.2.15 for WordPress has parameter tampering. | |||||
| CVE-2017-18574 | 1 Ninjaforms | 1 Ninja Forms | 2019-08-26 | 4.3 MEDIUM | 6.1 MEDIUM |
| The ninja-forms plugin before 3.0.31 for WordPress has insufficient HTML escaping in the builder. | |||||
| CVE-2018-20985 | 1 Payeezy | 1 Wp Payeezy Pay | 2019-08-26 | 7.5 HIGH | 9.8 CRITICAL |
| The wp-payeezy-pay plugin before 2.98 for WordPress has local file inclusion in pay.php, donate.php, donate-rec, and pay-rec. | |||||
| CVE-2009-5158 | 1 Sumo | 1 Google Analyticator | 2019-08-26 | 4.3 MEDIUM | 6.1 MEDIUM |
| The google-analyticator plugin before 5.2.1 for WordPress has insufficient HTML sanitization for Google Analytics API text. | |||||
| CVE-2017-18580 | 1 Getshortcodes | 1 Shortcodes Ultimate | 2019-08-23 | 7.5 HIGH | 9.8 CRITICAL |
| The shortcodes-ultimate plugin before 5.0.1 for WordPress has remote code execution via a filter in a meta, post, or user shortcode. | |||||
| CVE-2016-0785 | 1 Apache | 1 Struts | 2019-08-23 | 9.0 HIGH | 8.8 HIGH |
| Apache Struts 2.x before 2.3.28 allows remote attackers to execute arbitrary code via a "%{}" sequence in a tag attribute, aka forced double OGNL evaluation. | |||||
| CVE-2016-10899 | 1 Fabrix | 1 Total Security | 2019-08-22 | 5.0 MEDIUM | 5.3 MEDIUM |
| The total-security plugin before 3.4.1 for WordPress has a settings-change vulnerability. | |||||
| CVE-2019-7959 | 3 Adobe, Apple, Microsoft | 3 Creative Cloud, Mac Os X, Windows | 2019-08-21 | 10.0 HIGH | 9.8 CRITICAL |
| Creative Cloud Desktop Application versions 4.6.1 and earlier have a using components with known vulnerabilities vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-18545 | 1 Invite Anyone Project | 1 Invite Anyone | 2019-08-21 | 5.0 MEDIUM | 7.5 HIGH |
| The invite-anyone plugin before 1.3.16 for WordPress has incorrect escaping of untrusted Dashboard and front-end input. | |||||