Total
36870 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-18612 | 1 Netattingo | 1 Wp-whois-domain | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The wp-whois-domain plugin 1.0.0 for WordPress has XSS via the pages/func-whois.php domain parameter. | |||||
| CVE-2017-18611 | 1 Magicfields | 1 Magic Fields | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The magic-fields plugin before 1.7.2 for WordPress has XSS via the RCCWP_CreateCustomFieldPage.php custom-field-css parameter. | |||||
| CVE-2017-18610 | 1 Magicfields | 1 Magic Fields | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The magic-fields plugin before 1.7.2 for WordPress has XSS via the RCCWP_CreateCustomFieldPage.php custom-group-id parameter. | |||||
| CVE-2017-18609 | 1 Magicfields | 1 Magic Fields | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The magic-fields plugin before 1.7.2 for WordPress has XSS via the custom-write-panel-id parameter. | |||||
| CVE-2017-18608 | 1 Spot | 1 Spot.im Comments | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The spotim-comments plugin before 4.0.4 for WordPress has multiple XSS issues. | |||||
| CVE-2017-18606 | 1 Theme-fusion | 1 Avada | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The avada theme before 5.1.5 for WordPress has stored XSS. | |||||
| CVE-2017-18603 | 1 Postman-smtp Project | 1 Postman-smtp | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The postman-smtp plugin through 2017-10-04 for WordPress has XSS via the wp-admin/tools.php?page=postman_email_log page parameter. | |||||
| CVE-2017-18601 | 1 Ibps Online Exam Project | 1 Ibps Online Exam | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| The examapp plugin 1.0 for WordPress has XSS via exam input text fields. | |||||
| CVE-2017-18600 | 1 Ncrafts | 1 Formcraft | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| The formcraft3 plugin before 3.4 for WordPress has stored XSS via the "New Form > Heading > Heading Text" field. | |||||
| CVE-2017-18599 | 1 Pinfinity Project | 1 Pinfinity | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Pinfinity theme before 2.0 for WordPress has XSS via the s parameter. | |||||
| CVE-2017-18598 | 1 Designmodo | 1 Qards | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Qards plugin through 2017-10-11 for WordPress has XSS via a remote document specified in the url parameter to html2canvasproxy.php. | |||||
| CVE-2017-18593 | 1 Updraftplus | 1 Updraftplus | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The updraftplus plugin before 1.13.5 for WordPress has XSS in rare cases where an attacker controls a string logged to a log file. | |||||
| CVE-2017-18590 | 1 Bestwebsoft | 1 Timesheet | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The timesheet plugin before 0.1.5 for WordPress has multiple XSS issues. | |||||
| CVE-2017-18582 | 1 Time Sheets Project | 1 Time Sheets | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The time-sheets plugin before 1.5.2 for WordPress has multiple XSS issues. | |||||
| CVE-2017-18581 | 1 Time Sheets Project | 1 Time Sheets | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The time-sheets plugin before 1.5.0 for WordPress has XSS via the old timesheet list. | |||||
| CVE-2017-18579 | 1 Dwbooster | 1 Corner Ad | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The corner-ad plugin before 1.0.8 for WordPress has XSS. | |||||
| CVE-2017-18578 | 1 Crafty Social Buttons Project | 1 Crafty Social Buttons | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The crafty-social-buttons plugin before 1.5.8 for WordPress has XSS. | |||||
| CVE-2017-18577 | 1 Ibericode | 1 Mailchimp | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The mailchimp-for-wp plugin before 4.1.8 for WordPress has XSS via the return value of add_query_arg. | |||||
| CVE-2017-18576 | 1 Event Notifier Project | 1 Event Notifier | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The event-notifier plugin before 1.2.1 for WordPress has XSS via the loading animation. | |||||
| CVE-2017-18575 | 1 Newstatpress Project | 1 Newstatpress | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The newstatpress plugin before 1.2.5 for WordPress has multiple stored XSS issues. | |||||