Export limit exceeded: 345014 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345014 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-9480 | 1 Robot-cpa | 1 Robotcpa | 2024-11-21 | 7.5 High |
| The RobotCPA plugin 5 for WordPress has directory traversal via the f.php l parameter. | ||||
| CVE-2015-9479 | 1 Advancedcustomfields | 1 Acf Fronted Display | 2024-11-21 | 9.8 Critical |
| The ACF-Frontend-Display plugin through 2015-07-03 for WordPress has arbitrary file upload via an action=upload request to js/blueimp-jQuery-File-Upload-d45deb1/server/php/index.php. | ||||
| CVE-2015-9478 | 1 No-margin-for-error | 1 Prettyphoto | 2024-11-21 | 6.1 Medium |
| prettyPhoto before 3.1.6 has js/jquery.prettyPhoto.js XSS. | ||||
| CVE-2015-9477 | 1 Vernissage Project | 1 Vernissage | 2024-11-21 | 8.8 High |
| The Vernissage theme 1.2.8 for WordPress has insufficient restrictions on option updates. | ||||
| CVE-2015-9476 | 1 Teardrop Project | 1 Teardrop | 2024-11-21 | 8.8 High |
| The Teardrop theme 1.8.1 for WordPress has insufficient restrictions on option updates. | ||||
| CVE-2015-9475 | 1 Pont Project | 1 Pont | 2024-11-21 | 8.8 High |
| The Pont theme 1.5 for WordPress has insufficient restrictions on option updates. | ||||
| CVE-2015-9474 | 1 Simpolio Project | 1 Simpolio | 2024-11-21 | 8.8 High |
| The Simpolio theme 1.3.2 for WordPress has insufficient restrictions on option updates. | ||||
| CVE-2015-9473 | 1 Estrutura-basica Project | 1 Estrutura-basica | 2024-11-21 | 7.5 High |
| The estrutura-basica theme through 2015-09-13 for WordPress has directory traversal via the scripts/download.php arquivo parameter. | ||||
| CVE-2015-9472 | 1 Monitorbacklinks | 1 Incoming Links | 2024-11-21 | 6.1 Medium |
| The incoming-links plugin before 0.9.10b for WordPress has referrers.php XSS via the Referer HTTP header. | ||||
| CVE-2015-9471 | 1 Digitalzoomstudio | 1 Zoomsounds | 2024-11-21 | 9.8 Critical |
| The dzs-zoomsounds plugin through 2.0 for WordPress has admin/upload.php arbitrary file upload. | ||||
| CVE-2015-9470 | 1 Ionadas | 1 History Collection | 2024-11-21 | 7.5 High |
| The history-collection plugin through 1.1.1 for WordPress has directory traversal via the download.php var parameter. | ||||
| CVE-2015-9469 | 1 Cybercraftit | 1 Content-grabber | 2024-11-21 | 4.8 Medium |
| The content-grabber plugin 1.0 for WordPress has XSS via obj_field_name or obj_field_id. | ||||
| CVE-2015-9468 | 1 K-78 | 1 Broken Link Manager | 2024-11-21 | 6.1 Medium |
| The broken-link-manager plugin 0.4.5 for WordPress has XSS via the page parameter in a delURL action. | ||||
| CVE-2015-9467 | 1 K-78 | 1 Broken Link Manager | 2024-11-21 | 9.8 Critical |
| The broken-link-manager plugin before 0.5.0 for WordPress has wpslDelURL or wpslEditURL SQL injection via the url parameter. | ||||
| CVE-2015-9466 | 1 Webtechideas | 1 Wti Like Post | 2024-11-21 | 9.8 Critical |
| The wti-like-post plugin before 1.4.3 for WordPress has WtiLikePostProcessVote SQL injection via the HTTP_CLIENT_IP, HTTP_X_FORWARDED_FOR, HTTP_X_FORWARDED, HTTP_FORWARDED_FOR, or HTTP_FORWARDED variable. | ||||
| CVE-2015-9465 | 1 Yet Another Stars Rating Project | 1 Yet Another Stars Rating | 2024-11-21 | 8.8 High |
| The yet-another-stars-rating plugin before 0.9.1 for WordPress has yasr_get_multi_set_values_and_field SQL injection via the set_id parameter. | ||||
| CVE-2015-9464 | 1 S3bubble | 1 S3bubble-amazon-s3-html-5-video-with-adverts | 2024-11-21 | 7.5 High |
| The s3bubble-amazon-s3-html-5-video-with-adverts plugin 0.7 for WordPress has directory traversal via the adverts/assets/plugins/ultimate/content/downloader.php path parameter. | ||||
| CVE-2015-9463 | 1 S3bubble | 1 S3bubble-amazon-s3-audio-streaming | 2024-11-21 | 7.5 High |
| The s3bubble-amazon-s3-audio-streaming plugin 2.0 for WordPress has directory traversal via the adverts/assets/plugins/ultimate/content/downloader.php path parameter. | ||||
| CVE-2015-9462 | 1 Awesome Filterable Portfolio Project | 1 Awesome Filterable Portfolio | 2024-11-21 | 7.2 High |
| The awesome-filterable-portfolio plugin before 1.9 for WordPress has afp_get_new_category_page SQL injection via the cat_id parameter. | ||||
| CVE-2015-9461 | 1 Brinidesigner | 1 Awesome Filterable Portfolio | 2024-11-21 | 7.2 High |
| The awesome-filterable-portfolio plugin before 1.9 for WordPress has afp_get_new_portfolio_item_page SQL injection via the item_id parameter. | ||||