Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2019
The events-manager plugin before 5.3.6.1 for WordPress has XSS via the booking form and admin areas.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-08-22
The contact-form-plugin plugin before 3.3.5 for WordPress has XSS.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-08-22
The cforms2 plugin before 14.6.10 for WordPress has SQL injection.
CVSS Score
9.8
EPSS Score
0.006
Published
2019-08-22
The limit-attempts plugin before 1.1.1 for WordPress has SQL injection during IP address handling.
CVSS Score
9.8
EPSS Score
0.005
Published
2019-08-22
The clean-login plugin before 1.5.1 for WordPress has reflected XSS.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-08-22
The appointment-booking-calendar plugin before 1.1.24 for WordPress has SQL injection, a different vulnerability than CVE-2015-7319.
CVSS Score
9.8
EPSS Score
0.005
Published
2019-08-22
The search-everything plugin before 8.1.6 for WordPress has SQL injection related to empty search strings, a different vulnerability than CVE-2014-2316.
CVSS Score
9.8
EPSS Score
0.007
Published
2019-08-22
The gallery-by-supsystic plugin before 1.8.6 for WordPress has CSRF.
CVSS Score
8.8
EPSS Score
0.001
Published
2019-08-22
The wassup plugin before 1.9.1 for WordPress has XSS via the Top stats widget or the wassupURI::add_siteurl method, a different vulnerability than CVE-2012-2633.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-08-22
The gnucommerce plugin before 0.5.7-BETA for WordPress has XSS.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-08-22


Contact Us

Shodan ® - All rights reserved