CVE-2015-9404
The neuvoo-jobroll plugin 2.0 for WordPress has neuvoo_keywords XSS.
Source: CVE-2015-9404
[월:] 2019년 09월
CVE-2015-9398
CVE-2015-9398
The gocodes plugin through 1.3.5 for WordPress has wp-admin/tools.php gcid SQL injection.
Source: CVE-2015-9398
CVE-2015-9399
CVE-2015-9399
The wp-stats-dashboard plugin through 2.9.4 for WordPress has admin/graph_trend.php type SQL injection.
Source: CVE-2015-9399
CVE-2015-9395
CVE-2015-9395
The users-ultra plugin before 1.5.64 for WordPress has SQL Injection via an ajax action.
Source: CVE-2015-9395
CVE-2015-9396
CVE-2015-9396
The auto-thickbox-plus plugin through 1.9 for WordPress has wp-content/plugins/auto-thickbox-plus/download.min.php?file= XSS.
Source: CVE-2015-9396
CVE-2015-9394
CVE-2015-9394
The users-ultra plugin before 1.5.63 for WordPress has CSRF via action=package_add_new to wp-admin/admin-ajax.php.
Source: CVE-2015-9394
CVE-2015-9393
CVE-2015-9393
The users-ultra plugin before 1.5.63 for WordPress has XSS via the p_desc parameter.
Source: CVE-2015-9393
CVE-2015-9392
CVE-2015-9392
The users-ultra plugin before 1.5.63 for WordPress has XSS via the p_name parameter.
Source: CVE-2015-9392
CVE-2019-16642
CVE-2019-16642
AppMobileControllerZhuantiController.class.php in TuziCMS 2.0.6 has SQL injection via the index.php/Mobile/Zhuanti/group?id= substring.
Source: CVE-2019-16642
CVE-2016-11002
CVE-2016-11002
The Elegant Themes Extra theme before 1.2.4 for WordPress has privilege escalation.
Source: CVE-2016-11002