Latest 7 days CVE Lists

Latest 7 days CVE Lists 피드 구독하기
This feed contains the most recent CVE cyber vulnerabilities published within the National Vulnerability Database.
업데이트: 4시간 51분 지남

CVE-2017-18570

목, 2019/08/22 - 10:15오후
The cforms2 plugin before 14.13 for WordPress has SQL injection in the tracking DB GUI via Delete Entries or Download Entries.

CVE-2017-18571

목, 2019/08/22 - 10:15오후
The search-everything plugin before 8.1.7 for WordPress has SQL injection related to WordPress 4.7.x, a different vulnerability than CVE-2014-2316.

CVE-2017-18572

목, 2019/08/22 - 10:15오후
The gnucommerce plugin before 1.4.2 for WordPress has XSS.

CVE-2017-18573

목, 2019/08/22 - 10:15오후
The simple-login-log plugin before 1.1.2 for WordPress has SQL injection.

CVE-2017-18574

목, 2019/08/22 - 10:15오후
The ninja-forms plugin before 3.0.31 for WordPress has insufficient HTML escaping in the builder.

CVE-2017-18575

목, 2019/08/22 - 10:15오후
The newstatpress plugin before 1.2.5 for WordPress has multiple stored XSS issues.

CVE-2018-20979

목, 2019/08/22 - 10:15오후
The contact-form-7 plugin before 5.0.4 for WordPress has privilege escalation because of capability_type mishandling in register_post_type.

CVE-2018-20980

목, 2019/08/22 - 10:15오후
The ninja-forms plugin before 3.2.15 for WordPress has parameter tampering.

CVE-2018-20981

목, 2019/08/22 - 10:15오후
The ninja-forms plugin before 3.3.9 for WordPress has insufficient restrictions on submission-data retrieval during Export Personal Data requests.

CVE-2018-20982

목, 2019/08/22 - 10:15오후
The media-library-assistant plugin before 2.74 for WordPress has XSS via the Media/Assistant or Settings/Media Library assistant admin submenu screens.

CVE-2019-14511

목, 2019/08/22 - 10:15오후
Sphinx Technologies Sphinx 3.1.1 by default has no authentication and listens on 0.0.0.0, making it exposed to the internet (unless filtered by a firewall or reconfigured to listen to 127.0.0.1 only).

CVE-2012-6716

목, 2019/08/22 - 10:15오후
The events-manager plugin before 5.1.7 for WordPress has XSS via JSON call links.

CVE-2013-7477

목, 2019/08/22 - 10:15오후
The events-manager plugin before 5.5.2 for WordPress has XSS in the booking form.

CVE-2013-7478

목, 2019/08/22 - 10:15오후
The events-manager plugin before 5.5 for WordPress has XSS via EM_Ticket::get_post.

CVE-2013-7479

목, 2019/08/22 - 10:15오후
The events-manager plugin before 5.3.9 for WordPress has XSS in the search form field.

CVE-2013-7480

목, 2019/08/22 - 10:15오후
The events-manager plugin before 5.3.6.1 for WordPress has XSS via the booking form and admin areas.

CVE-2013-7481

목, 2019/08/22 - 10:15오후
The contact-form-plugin plugin before 3.3.5 for WordPress has XSS.

CVE-2015-9333

목, 2019/08/22 - 10:15오후
The cforms2 plugin before 14.6.10 for WordPress has SQL injection.

CVE-2015-9335

목, 2019/08/22 - 10:15오후
The limit-attempts plugin before 1.1.1 for WordPress has SQL injection during IP address handling.

CVE-2015-9336

목, 2019/08/22 - 10:15오후
The clean-login plugin before 1.5.1 for WordPress has reflected XSS.

페이지