Http\ CVEs and Security Vulnerabilities

Export limit exceeded: 338937 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Expected end of text, found ':' (at char 6), (line:1, col:7)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (338937 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2015-9443	1 Wp Accurate Form Data Project	1 Wp Accurate Form Data	2024-11-21	6.5 Medium
The accurate-form-data-real-time-form-validation plugin 1.2 for WordPress has CSRF with resultant XSS via wp-admin/options-general.php?page=Accu_Data_WP.
CVE-2015-9442	1 Avenirsoft	1 Directdownload	2024-11-21	6.5 Medium
The avenirsoft-directdownload plugin 1.0 for WordPress has CSRF with resultant XSS via wp-admin/admin.php?page=avenir_plugin.
CVE-2015-9441	1 Bookmarkify Project	1 Bookmarkify	2024-11-21	6.5 Medium
The bookmarkify plugin 2.9.2 for WordPress has CSRF with resultant XSS via wp-admin/options-general.php?page=bookmarkify.php.
CVE-2015-9440	1 Monetize Project	1 Monetize	2024-11-21	6.5 Medium
The monetize plugin through 1.03 for WordPress has CSRF with resultant XSS via wp-admin/admin.php?page=monetize-zones-new.
CVE-2015-9439	1 Addthis	1 Addthis	2024-11-21	4.8 Medium
The addthis plugin before 5.0.13 for WordPress has CSRF with resultant XSS via the wp-admin/options-general.php?page=addthis_social_widget pubid parameter.
CVE-2015-9438	1 Display-widgets Project	1 Display-widgets	2024-11-21	5.4 Medium
The display-widgets plugin before 2.04 for WordPress has XSS via the wp-admin/admin-ajax.php?action=dw_show_widget id_base, widget_number, or instance parameter.
CVE-2015-9435	1 Dash10	1 Oauth Server	2024-11-21	9.8 Critical
The oauth2-provider plugin before 3.1.5 for WordPress has incorrect generation of random numbers.
CVE-2015-9434	1 Kiwi-logo-carousel Project	1 Kiwi-logo-carousel	2024-11-21	6.5 Medium
The kiwi-logo-carousel plugin before 1.7.2 for WordPress has CSRF with resultant XSS via the wp-admin/edit.php?post_type=kwlogos&page=kwlogos_settings tab or tab_flags_order parameter.
CVE-2015-9433	1 Wp Social Bookmarking Light Project	1 Wp Social Bookmarking Light	2024-11-21	6.5 Medium
The wp-social-bookmarking-light plugin before 1.7.10 for WordPress has CSRF with resultant XSS via configuration parameters for Tumblr, Twitter, Facebook, etc. in wp-admin/options-general.php?page=wp-social-bookmarking-light%2Fmodules%2Fadmin.php.
CVE-2015-9432	1 Thealpinepress	1 Alpine-photo-tile-for-instagram	2024-11-21	6.5 Medium
The alpine-photo-tile-for-instagram plugin before 1.2.7.6 for WordPress has CSRF with resultant XSS via the wp-admin/options-general.php?page=alpine-photo-tile-for-instagram-settings tab parameter.
CVE-2015-9431	1 Qtranslate X Project	1 Qtranslate X	2024-11-21	6.5 Medium
The qtranslate-x plugin before 3.4.4 for WordPress has CSRF with resultant XSS via the wp-admin/options-general.php?page=qtranslate-x json_config_files or json_custom_i18n_config parameter.
CVE-2015-9430	1 Crazy Bone Project	1 Crazy Bone	2024-11-21	6.1 Medium
The crazy-bone plugin before 0.6.0 for WordPress has XSS via the User-Agent HTTP header.
CVE-2015-9429	1 Yithemes	1 Yith Maintenance Mode	2024-11-21	6.5 Medium
The yith-maintenance-mode plugin before 1.2.0 for WordPress has CSRF with resultant XSS via the wp-admin/themes.php?page=yith-maintenance-mode panel_page parameter.
CVE-2015-9428	1 Wplegalpages	1 Wp Legal Pages	2024-11-21	6.5 Medium
The wplegalpages plugin before 1.1 for WordPress has CSRF with resultant XSS via wp-admin/admin.php?page=legal-pages lp-domain-name, lp-business-name, lp-phone, lp-street, lp-city-state, lp-country, lp-email, lp-address, or lp-niche parameters.
CVE-2015-9427	1 Googmonify Project	1 Googmonify	2024-11-21	6.5 Medium
The googmonify plugin through 0.5.1 for WordPress has CSRF with resultant XSS via the wp-admin/options-general.php?page=googmonify.php PID or AID parameter.
CVE-2015-9426	1 Manual Image Crop Project	1 Manual Image Crop	2024-11-21	4.6 Medium
The manual-image-crop plugin before 1.11 for WordPress has CSRF with resultant XSS via the wp-admin/admin-ajax.php?action=mic_editor_window postId parameter.
CVE-2015-9425	1 Byonepress	1 Social Locker	2024-11-21	5.4 Medium
The social-locker plugin before 4.2.5 for WordPress has CSRF with resultant XSS via the wp-admin/edit.php?post_type=opanda-item&page=license-manager-sociallocker-next licensekey parameter.
CVE-2015-9424	1 Doc4design	1 Multicons	2024-11-21	6.5 Medium
The multicons plugin before 3.0 for WordPress has CSRF with resultant XSS via the wp-admin/options-general.php?page=multicons%2Fmulticons.php global_url or admin_url parameter.
CVE-2015-9423	1 Simplysymphony	1 Plugnedit	2024-11-21	5.4 Medium
The PlugNedit Adaptive Editor plugin before 6.2.0 for WordPress has XSS via wp-admin/admin-ajax.php?action=simple_fields_field_type_post_dialog_load PlugneditBGColor, PlugneditEditorMargin, plugnedit_width, pnemedcount, or plugneditcontent parameters.
CVE-2015-9422	1 Simplysymphony	1 Plugnedit	2024-11-21	6.5 Medium
The PlugNedit Adaptive Editor plugin before 6.2.0 for WordPress has CSRF with resultant XSS via wp-admin/admin-ajax.php?action=simple_fields_field_type_post_dialog_load plugnedit_width, pnemedcount, PlugneditBGColor, PlugneditEditorMargin, or plugneditcontent parameters.

« first previous Page 15831 of 16947. next last »