CVE-2017-18519
The customer-area plugin before 7.4.3 for WordPress has XSS via admin pages.
Source: CVE-2017-18519
[월:] 2019년 08월
CVE-2017-18518
CVE-2017-18518
The bws-smtp plugin before 1.1.0 for WordPress has multiple XSS issues.
Source: CVE-2017-18518
CVE-2015-9319
CVE-2015-9319
The gregs-high-performance-seo plugin before 1.6.2 for WordPress has XSS in the context of an old browser.
Source: CVE-2015-9319
CVE-2017-18568
CVE-2017-18568
The my-wp-translate plugin before 1.0.4 for WordPress has XSS.
Source: CVE-2017-18568
CVE-2017-18569
CVE-2017-18569
The my-wp-translate plugin before 1.0.4 for WordPress has CSRF.
Source: CVE-2017-18569
CVE-2019-15238
CVE-2019-15238
The cforms2 plugin before 15.0.2 for WordPress has CSRF related to the IP address field.
Source: CVE-2019-15238
CVE-2016-10915
CVE-2016-10915
The popup-by-supsystic plugin before 1.7.9 for WordPress has CSRF.
Source: CVE-2016-10915
CVE-2015-9331
CVE-2015-9331
The wp-all-import plugin before 3.2.4 for WordPress has no prevention of unauthenticated requests to adminInit.
Source: CVE-2015-9331
CVE-2015-9332
CVE-2015-9332
The uninstall plugin before 1.2 for WordPress has CSRF to delete all tables via the wp-admin/admin-ajax.php?action=uninstall URI.
Source: CVE-2015-9332
CVE-2016-10893
CVE-2016-10893
The crayon-syntax-highlighter plugin before 2.8.4 for WordPress has multiple XSS issues via AJAX requests.
Source: CVE-2016-10893