Total
37891 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-9426 | 1 Manual Image Crop Project | 1 Manual Image Crop | 2024-11-21 | 4.6 Medium |
| The manual-image-crop plugin before 1.11 for WordPress has CSRF with resultant XSS via the wp-admin/admin-ajax.php?action=mic_editor_window postId parameter. | ||||
| CVE-2015-9423 | 1 Simplysymphony | 1 Plugnedit | 2024-11-21 | 5.4 Medium |
| The PlugNedit Adaptive Editor plugin before 6.2.0 for WordPress has XSS via wp-admin/admin-ajax.php?action=simple_fields_field_type_post_dialog_load PlugneditBGColor, PlugneditEditorMargin, plugnedit_width, pnemedcount, or plugneditcontent parameters. | ||||
| CVE-2015-9420 | 1 Mightymess | 1 Soundcloud Is Gold | 2024-11-21 | 6.1 Medium |
| The soundcloud-is-gold plugin before 2.3.2 for WordPress has XSS via the wp-admin/admin-ajax.php?action=get_soundcloud_player id parameter. | ||||
| CVE-2015-9419 | 1 Captain-slider Project | 1 Captain-slider | 2024-11-21 | 6.1 Medium |
| The captain-slider plugin 1.0.6 for WordPress has XSS via a Title or Caption section. | ||||
| CVE-2015-9416 | 1 Onthegosystems | 1 Sitepress-multilingual-cms | 2024-11-21 | 6.1 Medium |
| The sitepress-multilingual-cms (WPML) plugin 2.9.3 to 3.2.6 for WordPress has XSS via the Accept-Language HTTP header. | ||||
| CVE-2015-9414 | 1 Wpsymposiumpro | 1 Wp-symposium | 2024-11-21 | 6.1 Medium |
| The wp-symposium plugin through 15.8.1 for WordPress has XSS via the wp-content/plugins/wp-symposium/get_album_item.php?size parameter. | ||||
| CVE-2015-9412 | 1 Royal-slider Project | 1 Royal-slider | 2024-11-21 | 6.1 Medium |
| The Royal-Slider plugin before 3.2.7 for WordPress has XSS via the rstype parameter. | ||||
| CVE-2015-9411 | 1 Gopostmatic | 1 Replyable | 2024-11-21 | 6.1 Medium |
| The Postmatic plugin before 1.4.6 for WordPress has XSS. | ||||
| CVE-2015-9410 | 1 Blubrry | 1 Powerpress | 2024-11-21 | 5.4 Medium |
| The Blubrry PowerPress Podcasting plugin 6.0.4 for WordPress has XSS via the tab parameter. | ||||
| CVE-2015-9407 | 1 Cyberseo | 1 Xpinner Lite | 2024-11-21 | 6.1 Medium |
| The xpinner-lite plugin through 2.2 for WordPress has xpinner-lite.php XSS. | ||||
| CVE-2015-9405 | 1 Wp-piwik Project | 1 Wp-piwik | 2024-11-21 | 6.1 Medium |
| The wp-piwik plugin before 1.0.5 for WordPress has XSS. | ||||
| CVE-2015-9404 | 1 Neuvoo | 1 Neuvoo-jobroll | 2024-11-21 | 6.1 Medium |
| The neuvoo-jobroll plugin 2.0 for WordPress has neuvoo_keywords XSS. | ||||
| CVE-2015-9403 | 1 Neuvoo | 1 Neuvoo-jobroll | 2024-11-21 | 6.1 Medium |
| The neuvoo-jobroll plugin 2.0 for WordPress has neuvoo_location XSS. | ||||
| CVE-2015-9401 | 1 Websimon-tables Project | 1 Websimon-tables | 2024-11-21 | 4.8 Medium |
| The websimon-tables plugin through 1.3.4 for WordPress has wp-admin/tools.php edit_style id XSS. | ||||
| CVE-2015-9397 | 1 Webmaster-source | 1 Gocodes | 2024-11-21 | 5.4 Medium |
| The gocodes plugin through 1.3.5 for WordPress has wp-admin/tools.php deletegc XSS. | ||||
| CVE-2015-9396 | 1 Attosoft | 1 Auto Thickbox Plus | 2024-11-21 | 6.1 Medium |
| The auto-thickbox-plus plugin through 1.9 for WordPress has wp-content/plugins/auto-thickbox-plus/download.min.php?file= XSS. | ||||
| CVE-2015-9393 | 1 Usersultra | 1 Users Ultra Membership | 2024-11-21 | 5.4 Medium |
| The users-ultra plugin before 1.5.63 for WordPress has XSS via the p_desc parameter. | ||||
| CVE-2015-9392 | 1 Usersultra | 1 Users Ultra Membership | 2024-11-21 | 5.4 Medium |
| The users-ultra plugin before 1.5.63 for WordPress has XSS via the p_name parameter. | ||||
| CVE-2015-9391 | 1 Ostenta | 1 Yawpp | 2024-11-21 | 6.1 Medium |
| The yawpp plugin through 1.2.2 for WordPress has XSS via the field1 parameter. | ||||
| CVE-2015-9389 | 1 Mtouch Quiz Project | 1 Mtouch Quiz | 2024-11-21 | 5.4 Medium |
| The mtouch-quiz plugin before 3.1.3 for WordPress has XSS via a quiz name. | ||||