Security Vulnerabilities - CVEs Published In January 2018
Discuz! DiscuzX X3.4 has XSS via the include\spacecp\spacecp_space.php appid parameter in a delete action.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-01-12
Discuz! DiscuzX X3.4 has XSS via the include\spacecp\spacecp_upload.php op parameter.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-01-12
Discuz! DiscuzX X3.4 allows remote attackers to bypass intended access restrictions via the archiver\index.php action parameter.
CVSS Score
9.8
EPSS Score
0.001
Published
2018-01-12
The WPGlobus plugin 1.9.6 for WordPress has XSS via the wpglobus_option[post_type][page] parameter to wp-admin/options.php.
CVSS Score
4.8
EPSS Score
0.004
Published
2018-01-12
The WPGlobus plugin 1.9.6 for WordPress has XSS via the wpglobus_option[enabled_languages][en] or wpglobus_option[enabled_languages][fr] (or any other language) parameter to wp-admin/options.php.
CVSS Score
4.8
EPSS Score
0.003
Published
2018-01-12
The WPGlobus plugin 1.9.6 for WordPress has XSS via the wpglobus_option[browser_redirect][redirect_by_language] parameter to wp-admin/options.php.
CVSS Score
4.8
EPSS Score
0.004
Published
2018-01-12
The WPGlobus plugin 1.9.6 for WordPress has XSS via the wpglobus_option[selector_wp_list_pages][show_selector] parameter to wp-admin/options.php.
CVSS Score
4.8
EPSS Score
0.003
Published
2018-01-12
The WPGlobus plugin 1.9.6 for WordPress has XSS via the wpglobus_option[more_languages] parameter to wp-admin/options.php.
CVSS Score
4.8
EPSS Score
0.003
Published
2018-01-12
The WPGlobus plugin 1.9.6 for WordPress has XSS via the wpglobus_option[post_type][post] parameter to wp-admin/options.php.
CVSS Score
4.8
EPSS Score
0.004
Published
2018-01-12
The SrbTransLatin plugin 1.46 for WordPress has CSRF via an srbtranslatoptions action to wp-admin/options-general.php.
CVSS Score
8.8
EPSS Score
0.002
Published
2018-01-12