CVE-2018-21002

The js-support-ticket plugin before 2.0.6 for WordPress has CSRF.

Source: CVE-2018-21002

CVE-2019-15646

The rsvpmaker plugin before 6.2 for WordPress has SQL injection.

Source: CVE-2019-15646

CVE-2019-15645

The zoho-salesiq plugin before 1.0.9 for WordPress has CSRF.

Source: CVE-2019-15645

CVE-2019-13236

In system/workplace/ in Alkacon OpenCms 10.5.4 and 10.5.5, there are multiple Reflected and Stored XSS issues in the management interface.

Source: CVE-2019-13236

CVE-2018-21006

The bbp-move-topics plugin before 1.1.6 for WordPress has CSRF.

Source: CVE-2018-21006

CVE-2019-13234

In the Alkacon OpenCms Apollo Template 10.5.4 and 10.5.5, there is XSS in the search engine.

Source: CVE-2019-13234

CVE-2015-9349

The ckeditor-for-wordpress plugin before 4.5.3.1 for WordPress has reflected XSS in the "built-in (old)" file browser.

Source: CVE-2015-9349

CVE-2015-9346

The cp-polls plugin before 1.0.5 for WordPress has XSS.

Source: CVE-2015-9346

CVE-2015-9345

The link-log plugin before 2.0 for WordPress has HTTP Response Splitting.

Source: CVE-2015-9345

CVE-2015-9347

The wp-plotly plugin before 1.0.3 for WordPress has XSS by authors.

Source: CVE-2015-9347