Filtered by vendor Automattic
Subscribe
Total
68 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-9357 | 1 Automattic | 1 Akismet | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The akismet plugin before 3.1.5 for WordPress has XSS. | |||||
| CVE-2014-125104 | 1 Automattic | 1 Vaultpress | 2024-11-21 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in VaultPress Plugin up to 1.6.0 on WordPress. It has been declared as critical. Affected by this vulnerability is the function protect_aioseo_ajax of the file class.vaultpress-hotfixes.php of the component MailPoet Plugin. The manipulation leads to unrestricted upload. The attack can be launched remotely. Upgrading to version 1.6.1 is able to address this issue. The patch is named e3b92b14edca6291c5f998d54c90cbe98a1fb0e3. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-230263. | |||||
| CVE-2013-2011 | 1 Automattic | 1 W3 Super Cache | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| WordPress W3 Super Cache Plugin before 1.3.2 contains a PHP code-execution vulnerability which could allow remote attackers to inject arbitrary code. This issue exists because of an incomplete fix for CVE-2013-2009. | |||||
| CVE-2013-2010 | 2 Automattic, Boldgrid | 2 Wp Super Cache, W3 Total Cache | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| WordPress W3 Total Cache Plugin 0.9.2.8 has a Remote PHP Code Execution Vulnerability | |||||
| CVE-2013-2009 | 1 Automattic | 1 Wp Super Cache | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| WordPress WP Super Cache Plugin 1.2 has Remote PHP Code Execution | |||||
| CVE-2013-2008 | 1 Automattic | 1 Wp Super Cache | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| WordPress Super Cache Plugin 1.3 has XSS. | |||||
| CVE-2024-7786 | 1 Automattic | 1 Sensei Lms | 2024-10-07 | N/A | 5.3 MEDIUM |
| The Sensei LMS WordPress plugin before 4.24.2 does not properly protect some its REST API routes, allowing unauthenticated attackers to leak email templates. | |||||
| CVE-2024-43949 | 1 Automattic | 2 Ghacitivity, Ghactivity | 2024-09-03 | N/A | 5.4 MEDIUM |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Automattic GHActivity allows Stored XSS.This issue affects GHActivity: from n/a through 2.0.0-alpha. | |||||