CVE-2015-9339
The wp-file-upload plugin before 2.7.1 for WordPress has insufficient restrictions on upload of .js files.
Source: CVE-2015-9339
[월:] 2019년 08월
CVE-2015-9338
CVE-2015-9338
The wp-file-upload plugin before 2.5.0 for WordPress has insufficient restrictions on upload of .php files.
Source: CVE-2015-9338
CVE-2017-18585
CVE-2017-18585
The posts-in-page plugin before 1.3.0 for WordPress has ic_add_posts template=’../ directory traversal.
Source: CVE-2017-18585
CVE-2015-9334
CVE-2015-9334
The email-newsletter plugin through 20.15 for WordPress has SQL injection.
Source: CVE-2015-9334
CVE-2018-20986
CVE-2018-20986
The advanced-custom-fields plugin before 5.7.8 for WordPress has XSS by authors.
Source: CVE-2018-20986
CVE-2018-20987
CVE-2018-20987
The newsletters-lite plugin before 4.6.8.6 for WordPress has PHP object injection.
Source: CVE-2018-20987
CVE-2013-7483
CVE-2013-7483
The slidedeck2 plugin before 2.3.5 for WordPress has file inclusion.
Source: CVE-2013-7483
CVE-2014-10386
CVE-2014-10386
The wp-live-chat-support plugin before 4.1.0 for WordPress has JavaScript injections.
Source: CVE-2014-10386
CVE-2014-10382
CVE-2014-10382
The feature-comments plugin before 1.2.5 for WordPress has CSRF for featuring or burying a comment.
Source: CVE-2014-10382
CVE-2019-15330
CVE-2019-15330
The webp-express plugin before 0.14.11 for WordPress has insufficient protection against arbitrary file reading.
Source: CVE-2019-15330