Security Vulnerabilities - CVEs Published In October 2019
The Easy Digital Downloads (EDD) Per Product Emails extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.
CVSS Score
6.1
EPSS Score
0.005
Published
2019-10-23
A vulnerability in version 0.90 of the Open Floodlight SDN controller software could allow an attacker with access to the OpenFlow control network to selectively disconnect individual switches from the SDN controller, causing degradation and eventually denial of network access to all devices connected to the targeted switch.
CVSS Score
7.5
EPSS Score
0.004
Published
2019-10-23
The Auberge theme before 1.4.5 for WordPress has XSS via the genericons/example.html anchor identifier.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-10-23
The Modern theme before 1.4.2 for WordPress has XSS via the genericons/example.html anchor identifier.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-10-23
The weeklynews theme before 2.2.9 for WordPress has XSS via the s parameter.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-10-23
The Easy Digital Downloads (EDD) core component 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7 for WordPress has XSS because add_query_arg is misused.
CVSS Score
6.1
EPSS Score
0.005
Published
2019-10-23
The Easy Digital Downloads (EDD) Digital Store theme for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.
CVSS Score
6.1
EPSS Score
0.005
Published
2019-10-23
The Easy Digital Downloads (EDD) Lattice theme for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.
CVSS Score
6.1
EPSS Score
0.005
Published
2019-10-23
The Easy Digital Downloads (EDD) Quota theme for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.
CVSS Score
6.1
EPSS Score
0.006
Published
2019-10-23
The Easy Digital Downloads (EDD) Shoppette theme for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because add_query_arg is misused.
CVSS Score
6.1
EPSS Score
0.006
Published
2019-10-23