Total
41714 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-15898 | 1 Nagios | 1 Log Server | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Nagios Log Server before 2.0.8 allows Reflected XSS via the username on the Login page. | |||||
| CVE-2019-15869 | 1 Jobcareer Project | 1 Jobcareer | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| The JobCareer theme before 2.5.1 for WordPress has stored XSS. | |||||
| CVE-2019-15864 | 1 Holest | 1 Breadcrumbs By Menu | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The breadcrumbs-by-menu plugin before 1.0.3 for WordPress has XSS. | |||||
| CVE-2019-15848 | 1 Jetbrains | 1 Teamcity | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| JetBrains TeamCity 2019.1 and 2019.1.1 allows cross-site scripting (XSS), potentially making it possible to send an arbitrary HTTP request to a TeamCity server under the name of the currently logged-in user. | |||||
| CVE-2019-15842 | 1 Easy Pdf Restaurant Menu Upload Project | 1 Easy Pdf Restaurant Menu Upload | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The easy-pdf-restaurant-menu-upload plugin before 1.1.2 for WordPress has XSS. | |||||
| CVE-2019-15838 | 1 Kunalnagar | 1 Custom 404 Pro | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The custom-404-pro plugin before 3.2.8 for WordPress has reflected XSS, a different vulnerability than CVE-2019-14789. | |||||
| CVE-2019-15837 | 1 Bitwise-it | 1 Webp Express | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| The webp-express plugin before 0.14.8 for WordPress has stored XSS. | |||||
| CVE-2019-15836 | 1 Bootstrapped | 1 Wp Ultimate Recipe | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| The wp-ultimate-recipe plugin before 3.12.7 for WordPress has stored XSS. | |||||
| CVE-2019-15833 | 1 Simple Mail Address Encoder Project | 1 Simple Mail Address Encoder | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The simple-mail-address-encoder plugin before 1.7 for WordPress has reflected XSS. | |||||
| CVE-2019-15830 | 1 Icegram | 1 Icegram Engage | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| The icegram plugin before 1.10.29 for WordPress has ig_cat_list XSS. | |||||
| CVE-2019-15829 | 1 Greentreelabs | 1 Gallery Photoblocks | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| The photoblocks-grid-gallery plugin before 1.1.33 for WordPress has wp-admin/admin.php?page=photoblocks-edit&id= XSS. | |||||
| CVE-2019-15827 | 1 Onesignal | 1 Onesignal-free-web-push-notifications | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| The onesignal-free-web-push-notifications plugin before 1.17.8 for WordPress has XSS via the subdomain parameter. | |||||
| CVE-2019-15817 | 1 Realestateconnected | 1 Easy Property Listings | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The easy-property-listings plugin before 3.4 for WordPress has XSS. | |||||
| CVE-2019-15816 | 1 Wpexpertdeveloper | 1 Wp Private Content Plus | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The wp-private-content-plus plugin before 2.0 for WordPress has no protection against option changes via save_settings_page and other save_ functions. | |||||
| CVE-2019-15814 | 1 Sentrifugo | 1 Sentrifugo | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Multiple stored XSS vulnerabilities in Sentrifugo 3.2 could allow authenticated users to inject arbitrary web script or HTML. | |||||
| CVE-2019-15811 | 1 Domainmod | 1 Domainmod | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| In DomainMOD through 4.13, the parameter daterange in the file reporting/domains/cost-by-month.php has XSS. | |||||
| CVE-2019-15810 | 1 Netdisco | 1 Netdisco | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Insufficient sanitization during device search in Netdisco 2.042010 allows for reflected XSS via manipulation of a URL parameter. | |||||
| CVE-2019-15782 | 1 Webtorrent | 1 Webtorrent | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| WebTorrent before 0.107.6 allows XSS in the HTTP server via a title or file name. | |||||
| CVE-2019-15778 | 1 Getwooplugins | 1 Additional Variation Images For Woocommerce | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| The woo-variation-gallery plugin before 1.1.29 for WordPress has XSS. | |||||
| CVE-2019-15777 | 1 Shapepress | 1 Wp Dsgvo Tools | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| The shapepress-dsgvo plugin before 2.2.19 for WordPress has wp-admin/admin-ajax.php?action=admin-common-settings&admin_email= XSS. | |||||