Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In September 2019
CVE-2016-11001
The user-submitted-posts plugin before 20160215 for WordPress has XSS via the user-submitted-content field.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-09-20
CVE-2016-11002
The Elegant Themes Extra theme before 1.2.4 for WordPress has privilege escalation.
CVSS Score
8.8
EPSS Score
0.002
Published
2019-09-20
CVE-2016-11003
The Elegant Themes Bloom plugin before 1.1.1 for WordPress has privilege escalation.
CVSS Score
8.8
EPSS Score
0.002
Published
2019-09-20
CVE-2016-11004
The Elegant Themes Monarch plugin before 1.2.7 for WordPress has privilege escalation.
CVSS Score
8.8
EPSS Score
0.002
Published
2019-09-20
CVE-2016-11005
The instalinker plugin before 1.1.2 for WordPress has includes/instalinker-admin-preview.php?client_id= XSS.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-09-20
CVE-2016-11006
The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control for admin_init settings changes.
CVSS Score
5.3
EPSS Score
0.002
Published
2019-09-20
CVE-2016-11007
The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_user_id for invoice retrieval.
CVSS Score
5.3
EPSS Score
0.003
Published
2019-09-20
CVE-2016-11008
The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_paypal payer metadata updates.
CVSS Score
5.3
EPSS Score
0.002
Published
2019-09-20
CVE-2016-11009
The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_interkassa payer metadata updates.
CVSS Score
5.3
EPSS Score
0.002
Published
2019-09-20
CVE-2016-11010
The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_twocheckout payer metadata updates.
CVSS Score
5.3
EPSS Score
0.002
Published
2019-09-20


Products
Pricing
Contact Us

Shodan ® - All rights reserved