CVE-2015-9344

The link-log plugin before 2.1 for WordPress has SQL injection.

Source: CVE-2015-9344

CVE-2018-21001

The anycomment plugin before 0.0.33 for WordPress has XSS.

Source: CVE-2018-21001

CVE-2015-9343

The wp-rollback plugin before 1.2.3 for WordPress has CSRF.

Source: CVE-2015-9343

CVE-2016-10935

The woocommerce-exporter plugin before 1.8.4 for WordPress has privilege escalation.

Source: CVE-2016-10935

CVE-2016-10934

The check-email plugin before 0.5.2 for WordPress has XSS.

Source: CVE-2016-10934

CVE-2017-18590

The timesheet plugin before 0.1.5 for WordPress has multiple XSS issues.

Source: CVE-2017-18590

CVE-2015-9342

The wp-rollback plugin before 1.2.3 for WordPress has XSS.

Source: CVE-2015-9342

CVE-2014-10395

The cp-polls plugin before 1.0.1 for WordPress has XSS in the votes list.

Source: CVE-2014-10395

CVE-2018-17557

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-20986. Reason: This candidate is a reservation duplicate of CVE-2018-20986. Notes: All CVE users should reference CVE-2018-20986 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.

Source: CVE-2018-17557

CVE-2019-15666

An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in __xfrm_policy_unlink, which will cause denial of service, because verify_newpolicy_info in net/xfrm/xfrm_user.c mishandles directory validation.

Source: CVE-2019-15666