CVE-2019-15660
The wp-members plugin before 3.2.8 for WordPress has CSRF.
Source: CVE-2019-15660
[월:] 2019년 08월
CVE-2015-9352
CVE-2015-9352
The wp-polls plugin before 2.72 for WordPress has SQL injection.
Source: CVE-2015-9352
CVE-2019-15650
CVE-2019-15650
The stops-core-theme-and-plugin-updates plugin before 8.0.5 for WordPress has insufficient restrictions on option changes (such as disabling unattended theme updates) because of a nonce check error.
Source: CVE-2019-15650
CVE-2016-10936
CVE-2016-10936
The wp-polls plugin before 2.73.1 for WordPress has XSS via the Poll bar option.
Source: CVE-2016-10936
CVE-2017-18591
CVE-2017-18591
The gd-rating-system plugin before 2.1 for WordPress has XSS in log.php.
Source: CVE-2017-18591
CVE-2017-18592
CVE-2017-18592
The woocommerce-catalog-enquiry plugin before 3.1.0 for WordPress has an incorrect wp_upload directory for file uploads.
Source: CVE-2017-18592
CVE-2015-9348
CVE-2015-9348
The sell-downloads plugin before 1.0.8 for WordPress has insufficient restrictions on brute-force guessing of purchase IDs.
Source: CVE-2015-9348
CVE-2015-9350
CVE-2015-9350
The feed-them-social plugin before 1.7.0 for WordPress has reflected XSS in the Facebook Feeds load more button.
Source: CVE-2015-9350
CVE-2015-9351
CVE-2015-9351
The feed-them-social plugin before 1.7.0 for WordPress has possible shortcode execution in the Facebook Feeds load more button.
Source: CVE-2015-9351
CVE-2019-15649
CVE-2019-15649
The insert-or-embed-articulate-content-into-wordpress plugin before 4.2999 for WordPress has insufficient restrictions on file upload.
Source: CVE-2019-15649