Security Vulnerabilities - CVEs Published In August 2019
The feed-them-social plugin before 1.7.0 for WordPress has reflected XSS in the Facebook Feeds load more button.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-08-27
The feed-them-social plugin before 1.7.0 for WordPress has possible shortcode execution in the Facebook Feeds load more button.
CVSS Score
9.8
EPSS Score
0.033
Published
2019-08-27
The insert-or-embed-articulate-content-into-wordpress plugin before 4.29991 for WordPress has insufficient restrictions on deleting or renaming by a Subscriber.
CVSS Score
6.5
EPSS Score
0.002
Published
2019-08-27
The insert-or-embed-articulate-content-into-wordpress plugin before 4.2999 for WordPress has insufficient restrictions on file upload.
CVSS Score
8.8
EPSS Score
0.008
Published
2019-08-27
The pie-register plugin before 3.1.2 for WordPress has SQL injection, a different issue than CVE-2018-10969.
CVSS Score
9.8
EPSS Score
0.005
Published
2019-08-27
The js-support-ticket plugin before 2.0.6 for WordPress has CSRF.
CVSS Score
8.8
EPSS Score
0.001
Published
2019-08-27
The buddyforms plugin before 2.2.8 for WordPress has SQL injection.
CVSS Score
9.8
EPSS Score
0.005
Published
2019-08-27
The rsvpmaker plugin before 5.6.4 for WordPress has SQL injection.
CVSS Score
9.8
EPSS Score
0.007
Published
2019-08-27
The bbp-move-topics plugin before 1.1.6 for WordPress has code injection.
CVSS Score
9.8
EPSS Score
0.01
Published
2019-08-27
The bbp-move-topics plugin before 1.1.6 for WordPress has CSRF.
CVSS Score
8.8
EPSS Score
0.001
Published
2019-08-27