Security Vulnerabilities - CVEs Published In August 2019
The wp-vipergb plugin before 1.3.16 for WordPress has XSS via add_query_arg() and remove_query_arg(), a different issue than CVE-2014-9460.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-08-28
The akismet plugin before 3.1.5 for WordPress has XSS.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-08-28
The feedwordpress plugin before 2015.0514 for WordPress has XSS via add_query_arg() and remove_query_arg().
CVSS Score
6.1
EPSS Score
0.002
Published
2019-08-28
The updraftplus plugin before 1.9.64 for WordPress has XSS via add_query_arg() and remove_query_arg().
CVSS Score
6.1
EPSS Score
0.004
Published
2019-08-28
The Related Posts plugin before 1.8.2 for WordPress has XSS via add_query_arg() and remove_query_arg().
CVSS Score
6.1
EPSS Score
0.002
Published
2019-08-28
The redirection plugin before 2.2.9 for WordPress has XSS in the admin menu, a different issue than CVE-2011-4562.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-08-28
The redirection plugin before 2.2.12 for WordPress has XSS, a different issue than CVE-2011-4562.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-08-28
The sharebar plugin before 1.2.2 for WordPress has XSS, a different issue than CVE-2013-3491.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-08-28
The sharebar plugin before 1.2.2 for WordPress has SQL injection.
CVSS Score
9.8
EPSS Score
0.005
Published
2019-08-28
The gigpress plugin before 2.3.11 for WordPress has SQL injection in the admin area, a different vulnerability than CVE-2015-4066.
CVSS Score
7.2
EPSS Score
0.006
Published
2019-08-28