CVE-2016-10946
The wp-d3 plugin before 2.4.1 for WordPress has CSRF.
Source: CVE-2016-10946
[월:] 2019년 09월
CVE-2016-10947
CVE-2016-10947
The Post Indexer plugin before 3.0.6.2 for WordPress has SQL injection via the period parameter by a super admin.
Source: CVE-2016-10947
CVE-2016-10948
CVE-2016-10948
The Post Indexer plugin before 3.0.6.2 for WordPress has incorrect handling of data passed to the unserialize function.
Source: CVE-2016-10948
CVE-2016-10949
CVE-2016-10949
The Relevanssi Premium plugin before 1.14.6.1 for WordPress has SQL injection with resultant unsafe unserialization.
Source: CVE-2016-10949
CVE-2016-10950
CVE-2016-10950
The sirv plugin before 1.3.2 for WordPress has SQL injection via the id parameter.
Source: CVE-2016-10950
CVE-2016-10951
CVE-2016-10951
The fs-shopping-cart plugin 2.07.02 for WordPress has SQL injection via the pid parameter.
Source: CVE-2016-10951
CVE-2016-10952
CVE-2016-10952
The quotes-collection plugin before 2.0.6 for WordPress has XSS via the wp-admin/admin.php?page=quotes-collection page parameter.
Source: CVE-2016-10952
CVE-2017-18612
CVE-2017-18612
The wp-whois-domain plugin 1.0.0 for WordPress has XSS via the pages/func-whois.php domain parameter.
Source: CVE-2017-18612
CVE-2016-10945
CVE-2016-10945
The PageLines theme 1.1.4 for WordPress has wp-admin/admin-post.php?page=pagelines CSRF.
Source: CVE-2016-10945
CVE-2016-10944
CVE-2016-10944
The multisite-post-duplicator plugin before 1.1.3 for WordPress has wp-admin/tools.php?page=mpd CSRF.
Source: CVE-2016-10944