Total
37294 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-10981 | 1 Kentothemes | 1 Kento-post-view-counter | 2024-11-21 | 6.1 Medium |
| The kento-post-view-counter plugin through 2.8 for WordPress has stored XSS via kento_pvc_numbers_lang, kento_pvc_today_text, or kento_pvc_total_text. | ||||
| CVE-2016-10980 | 1 Kentothemes | 1 Kento-post-view-counter | 2024-11-21 | 6.1 Medium |
| The kento-post-view-counter plugin through 2.8 for WordPress has XSS via kento_pvc_geo. | ||||
| CVE-2016-10979 | 1 Fossura | 1 Tag Miner | 2024-11-21 | 6.1 Medium |
| The fossura-tag-miner plugin before 1.1.5 for WordPress has XSS. | ||||
| CVE-2016-10976 | 1 Kodebyraaet | 1 Safe Editor | 2024-11-21 | 6.1 Medium |
| The safe-editor plugin before 1.2 for WordPress has no se_save authentication, with resultant XSS. | ||||
| CVE-2016-10975 | 1 Tonjoostudio | 1 Fluid-responsive-slideshow | 2024-11-21 | 6.1 Medium |
| The fluid-responsive-slideshow plugin before 2.2.7 for WordPress has reflected XSS via the skin parameter. | ||||
| CVE-2016-10973 | 1 Brafton | 1 Brafton | 2024-11-21 | 6.1 Medium |
| The Brafton plugin before 3.4.8 for WordPress has XSS via the wp-admin/admin.php?page=BraftonArticleLoader tab parameter to BraftonAdminPage.php. | ||||
| CVE-2016-10970 | 1 Supportflow Project | 1 Supportflow | 2024-11-21 | 6.1 Medium |
| The supportflow plugin before 0.7 for WordPress has XSS via a ticket excerpt. | ||||
| CVE-2016-10969 | 1 Supportflow Project | 1 Supportflow | 2024-11-21 | 6.1 Medium |
| The supportflow plugin before 0.7 for WordPress has XSS via a discussion ticket title. | ||||
| CVE-2016-10967 | 1 Creativeinteractivemedia | 1 Real3d Flipbook | 2024-11-21 | 6.1 Medium |
| The real3d-flipbook-lite plugin 1.0 for WordPress has XSS via the wp-content/plugins/real3d-flipbook/includes/flipbooks.php bookId parameter. | ||||
| CVE-2016-10964 | 1 Findshorty | 1 Dwnldr | 2024-11-21 | 6.1 Medium |
| The dwnldr plugin before 1.01 for WordPress has XSS via the User-Agent HTTP header. | ||||
| CVE-2016-10963 | 1 Icegram | 1 Icegram Engage | 2024-11-21 | 6.1 Medium |
| The icegram plugin before 1.9.19 for WordPress has XSS. | ||||
| CVE-2016-10961 | 1 Inkthemes | 1 Colorway | 2024-11-21 | 6.1 Medium |
| The colorway theme before 3.4.2 for WordPress has XSS via the contactName parameter. | ||||
| CVE-2016-10957 | 1 Akal Project | 1 Akal | 2024-11-21 | 6.1 Medium |
| The Akal theme through 2016-08-22 for WordPress has XSS via the framework/brad-shortcodes/tinymce/preview.php sc parameter. | ||||
| CVE-2016-10953 | 1 Headwaythemes | 1 Headway | 2024-11-21 | 5.4 Medium |
| The Headway theme before 3.8.9 for WordPress has XSS via the license key field. | ||||
| CVE-2016-10952 | 1 Quotes Collection Project | 1 Quotes Collection | 2024-11-21 | 6.1 Medium |
| The quotes-collection plugin before 2.0.6 for WordPress has XSS via the wp-admin/admin.php?page=quotes-collection page parameter. | ||||
| CVE-2016-10941 | 1 Podlove | 1 Podlove Podcast Publisher | 2024-11-21 | 6.1 Medium |
| The podlove-podcasting-plugin-for-wordpress plugin before 2.3.16 for WordPress has XSS exploitable via CSRF. | ||||
| CVE-2016-10936 | 1 Wp-polls Project | 1 Wp-polls | 2024-11-21 | N/A |
| The wp-polls plugin before 2.73.1 for WordPress has XSS via the Poll bar option. | ||||
| CVE-2016-10934 | 1 Check Email Project | 1 Check Email | 2024-11-21 | N/A |
| The check-email plugin before 0.5.2 for WordPress has XSS. | ||||
| CVE-2016-10925 | 1 Profilepress | 1 Loginwp | 2024-11-21 | N/A |
| The peters-login-redirect plugin before 2.9.1 for WordPress has XSS during the editing of redirect URLs. | ||||
| CVE-2016-10920 | 1 Sir | 1 Gnucommerce | 2024-11-21 | N/A |
| The gnucommerce plugin before 0.5.7-BETA for WordPress has XSS. | ||||