Show filters
242 Total Results
Displaying 181-190 of 242
Sort by:
Attacker Value
Unknown

CVE-2015-9485

Disclosure Date: October 11, 2019 (last updated November 27, 2024)
The ThemeMakers Accio Responsive Parallax One Page Site Template component through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information (such as user_login, user_pass, and user_email values) via a direct request for the wp-content/uploads/tmm_db_migrate/wp_users.dat URI.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2015-9482

Disclosure Date: October 11, 2019 (last updated November 27, 2024)
The ThemeMakers Car Dealer / Auto Dealer Responsive theme through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information (such as user_login, user_pass, and user_email values) via a direct request for the wp-content/uploads/tmm_db_migrate/wp_users.dat URI.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2016-10974

Disclosure Date: September 17, 2019 (last updated November 27, 2024)
The fluid-responsive-slideshow plugin before 2.2.7 for WordPress has frs_save CSRF with resultant stored XSS.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2016-10975

Disclosure Date: September 17, 2019 (last updated November 27, 2024)
The fluid-responsive-slideshow plugin before 2.2.7 for WordPress has reflected XSS via the skin parameter.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2017-18597

Disclosure Date: September 10, 2019 (last updated November 27, 2024)
The jtrt-responsive-tables plugin before 4.1.2 for WordPress has SQL Injection via the admin/class-jtrt-responsive-tables-admin.php tableId parameter.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2014-10390

Disclosure Date: August 22, 2019 (last updated November 27, 2024)
The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has directory traversal.
0
0
Attacker Value
Unknown

CVE-2014-10388

Disclosure Date: August 22, 2019 (last updated November 27, 2024)
The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has full path disclosure.
0
0
Attacker Value
Unknown

CVE-2014-10391

Disclosure Date: August 22, 2019 (last updated November 27, 2024)
The wp-support-plus-responsive-ticket-system plugin before 4.1 for WordPress has JavaScript injection.
0
0
Attacker Value
Unknown

CVE-2016-10930

Disclosure Date: August 22, 2019 (last updated November 27, 2024)
The wp-support-plus-responsive-ticket-system plugin before 7.1.0 for WordPress has insecure direct object reference via a ticket number.
0
0
Attacker Value
Unknown

CVE-2014-10389

Disclosure Date: August 22, 2019 (last updated November 27, 2024)
The wp-support-plus-responsive-ticket-system plugin before 4.2 for WordPress has incorrect authentication.
0
0
View More Topics  < Previous  Next >