Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In September 2019
CVE-2015-9449
The microblog-poster plugin before 1.6.2 for WordPress has SQL Injection via the wp-admin/options-general.php?page=microblogposter.php account_id parameter.
CVSS Score
7.2
EPSS Score
0.007
Published
2019-09-26
CVE-2019-16899
In Advantech WebAccess/HMI Designer 2.1.9.31, Data from a Faulting Address controls Code Flow starting at PM_V3!CTagInfoThreadBase::GetNICInfo+0x0000000000512918.
CVSS Score
7.5
EPSS Score
0.003
Published
2019-09-26
CVE-2019-16900
Advantech WebAccess/HMI Designer 2.1.9.31 has a User Mode Write AV starting at MSVCR90!memcpy+0x000000000000015c.
CVSS Score
7.5
EPSS Score
0.003
Published
2019-09-26
CVE-2019-16901
Advantech WebAccess/HMI Designer 2.1.9.31 has Exception Handler Chain corruption starting at Unknown Symbol @ 0x0000000000000000 called from ntdll!RtlRaiseStatus+0x00000000000000b4.
CVSS Score
7.5
EPSS Score
0.003
Published
2019-09-26
CVE-2015-9419
The captain-slider plugin 1.0.6 for WordPress has XSS via a Title or Caption section.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-09-26
CVE-2015-9420
The soundcloud-is-gold plugin before 2.3.2 for WordPress has XSS via the wp-admin/admin-ajax.php?action=get_soundcloud_player id parameter.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-09-26
CVE-2015-9421
The olevmedia-shortcodes plugin before 1.1.9 for WordPress has CSRF with resultant XSS via the wp-admin/admin-ajax.php?action=omsc_popup id parameter.
CVSS Score
6.5
EPSS Score
0.002
Published
2019-09-26
CVE-2015-9422
The PlugNedit Adaptive Editor plugin before 6.2.0 for WordPress has CSRF with resultant XSS via wp-admin/admin-ajax.php?action=simple_fields_field_type_post_dialog_load plugnedit_width, pnemedcount, PlugneditBGColor, PlugneditEditorMargin, or plugneditcontent parameters.
CVSS Score
6.5
EPSS Score
0.002
Published
2019-09-26
CVE-2015-9423
The PlugNedit Adaptive Editor plugin before 6.2.0 for WordPress has XSS via wp-admin/admin-ajax.php?action=simple_fields_field_type_post_dialog_load PlugneditBGColor, PlugneditEditorMargin, plugnedit_width, pnemedcount, or plugneditcontent parameters.
CVSS Score
5.4
EPSS Score
0.002
Published
2019-09-26
CVE-2015-9424
The multicons plugin before 3.0 for WordPress has CSRF with resultant XSS via the wp-admin/options-general.php?page=multicons%2Fmulticons.php global_url or admin_url parameter.
CVSS Score
6.5
EPSS Score
0.002
Published
2019-09-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved