CVE-2015-9447
The unite-gallery-lite plugin before 1.5 for WordPress has CSRF and SQL injection via wp-admin/admin.php galleryid or id parameters.
Source: CVE-2015-9447
[월:] 2019년 09월
CVE-2015-9446
CVE-2015-9446
The unite-gallery-lite plugin before 1.5 for WordPress has SQL injection via data[galleryID] to wp-admin/admin-ajax.php.
Source: CVE-2015-9446
CVE-2015-9448
CVE-2015-9448
The sendpress plugin before 1.2 for WordPress has SQL Injection via the wp-admin/admin.php?page=sp-queue listid parameter.
Source: CVE-2015-9448
CVE-2015-9444
CVE-2015-9444
The altos-connect plugin 1.3.0 for WordPress has XSS via the wp-content/plugins/altos-connect/jquery-validate/demo/demo/captcha/index.php/ PATH_SELF.
Source: CVE-2015-9444
CVE-2015-9445
CVE-2015-9445
The unite-gallery-lite plugin before 1.5 for WordPress has CSRF and SQL injection via wp-admin/admin-ajax.php in a unitegallery_ajax_action operation.
Source: CVE-2015-9445
CVE-2015-9443
CVE-2015-9443
The accurate-form-data-real-time-form-validation plugin 1.2 for WordPress has CSRF with resultant XSS via wp-admin/options-general.php?page=Accu_Data_WP.
Source: CVE-2015-9443
CVE-2015-9442
CVE-2015-9442
The avenirsoft-directdownload plugin 1.0 for WordPress has CSRF with resultant XSS via wp-admin/admin.php?page=avenir_plugin.
Source: CVE-2015-9442
CVE-2015-9440
CVE-2015-9440
The monetize plugin through 1.03 for WordPress has CSRF with resultant XSS via wp-admin/admin.php?page=monetize-zones-new.
Source: CVE-2015-9440
CVE-2015-9441
CVE-2015-9441
The bookmarkify plugin 2.9.2 for WordPress has CSRF with resultant XSS via wp-admin/options-general.php?page=bookmarkify.php.
Source: CVE-2015-9441
CVE-2015-9439
CVE-2015-9439
The addthis plugin before 5.0.13 for WordPress has CSRF with resultant XSS via the wp-admin/options-general.php?page=addthis_social_widget pubid parameter.
Source: CVE-2015-9439