Security Vulnerabilities - CVEs Published In August 2019
The memphis-documents-library plugin before 3.0 for WordPress has Remote File Inclusion.
CVSS Score
9.8
EPSS Score
0.015
Published
2019-08-22
The memphis-documents-library plugin before 3.0 for WordPress has Local File Inclusion.
CVSS Score
9.8
EPSS Score
0.009
Published
2019-08-22
The memphis-documents-library plugin before 3.0 for WordPress has XSS via $_REQUEST.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-08-22
The profile-builder plugin before 2.1.4 for WordPress has no access control for activating or deactivating addons via AJAX.
CVSS Score
7.5
EPSS Score
0.002
Published
2019-08-22
The woocommerce-store-toolkit plugin before 1.5.7 for WordPress has privilege escalation.
CVSS Score
9.8
EPSS Score
0.003
Published
2019-08-22
The woocommerce-store-toolkit plugin before 1.5.8 for WordPress has privilege escalation.
CVSS Score
9.8
EPSS Score
0.003
Published
2019-08-22
The ebook-download plugin before 1.2 for WordPress has directory traversal.
CVSS Score
7.5
EPSS Score
0.622
Published
2019-08-22
The peters-login-redirect plugin before 2.9.1 for WordPress has XSS during the editing of redirect URLs.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-08-22
The nelio-ab-testing plugin before 4.5.9 for WordPress has SSRF in ajax/iesupport.php.
CVSS Score
10.0
EPSS Score
0.005
Published
2019-08-22
The nelio-ab-testing plugin before 4.5.11 for WordPress has SSRF in ajax/iesupport.php.
CVSS Score
10.0
EPSS Score
0.005
Published
2019-08-22