CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In August 2019

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1501 CVE-2017-18574 20 2019-08-22 2019-08-26
4.3
None Remote Medium Not required None Partial None
The ninja-forms plugin before 3.0.31 for WordPress has insufficient HTML escaping in the builder.
1502 CVE-2017-18573 89 Sql 2019-08-22 2019-08-26
7.5
None Remote Low Not required Partial Partial Partial
The simple-login-log plugin before 1.1.2 for WordPress has SQL injection.
1503 CVE-2017-18572 79 XSS 2019-08-22 2019-08-26
4.3
None Remote Medium Not required None Partial None
The gnucommerce plugin before 1.4.2 for WordPress has XSS.
1504 CVE-2017-18571 89 Sql 2019-08-22 2019-08-26
7.5
None Remote Low Not required Partial Partial Partial
The search-everything plugin before 8.1.7 for WordPress has SQL injection related to WordPress 4.7.x, a different vulnerability than CVE-2014-2316.
1505 CVE-2017-18570 89 Sql 2019-08-22 2019-08-23
7.5
None Remote Low Not required Partial Partial Partial
The cforms2 plugin before 14.13 for WordPress has SQL injection in the tracking DB GUI via Delete Entries or Download Entries.
1506 CVE-2017-18569 352 CSRF 2019-08-20 2019-08-22
6.8
None Remote Medium Not required Partial Partial Partial
The my-wp-translate plugin before 1.0.4 for WordPress has CSRF.
1507 CVE-2017-18568 79 XSS 2019-08-20 2019-08-22
4.3
None Remote Medium Not required None Partial None
The my-wp-translate plugin before 1.0.4 for WordPress has XSS.
1508 CVE-2017-18567 79 XSS 2019-08-20 2019-08-22
4.3
None Remote Medium Not required None Partial None
The wp-all-import plugin before 3.4.6 for WordPress has XSS.
1509 CVE-2017-18566 79 XSS 2019-08-20 2019-08-21
4.3
None Remote Medium Not required None Partial None
The user-role plugin before 1.5.6 for WordPress has multiple XSS issues.
1510 CVE-2017-18565 79 XSS 2019-08-21 2019-08-21
4.3
None Remote Medium Not required None Partial None
The updater plugin before 1.35 for WordPress has multiple XSS issues.
1511 CVE-2017-18564 79 XSS 2019-08-21 2019-08-23
4.3
None Remote Medium Not required None Partial None
The sender plugin before 1.2.1 for WordPress has multiple XSS issues.
1512 CVE-2017-18563 79 XSS 2019-08-21 2019-08-23
4.3
None Remote Medium Not required None Partial None
The rsvp plugin before 2.3.8 for WordPress has persistent XSS via the note field on the attendee-list screen.
1513 CVE-2017-18562 79 XSS 2019-08-21 2019-08-22
4.3
None Remote Medium Not required None Partial None
The error-log-viewer plugin before 1.0.6 for WordPress has multiple XSS issues.
1514 CVE-2017-18561 79 XSS 2019-08-21 2019-08-22
4.3
None Remote Medium Not required None Partial None
The embed-comment-images plugin before 0.6 for WordPress has XSS.
1515 CVE-2017-18560 79 XSS 2019-08-21 2019-08-21
4.3
None Remote Medium Not required None Partial None
The content-audit plugin before 1.9.2 for WordPress has XSS.
1516 CVE-2017-18559 79 XSS 2019-08-21 2019-09-08
4.3
None Remote Medium Not required None Partial None
The cforms2 plugin before 14.13.3 for WordPress has multiple XSS issues.
1517 CVE-2017-18558 79 XSS 2019-08-21 2019-08-21
4.3
None Remote Medium Not required None Partial None
The bws-testimonials plugin before 0.1.9 for WordPress has multiple XSS issues.
1518 CVE-2017-18557 79 XSS 2019-08-21 2019-08-21
4.3
None Remote Medium Not required None Partial None
The bws-google-maps plugin before 1.3.6 for WordPress has multiple XSS issues.
1519 CVE-2017-18556 79 XSS 2019-08-21 2019-08-21
4.3
None Remote Medium Not required None Partial None
The bws-google-analytics plugin before 1.7.1 for WordPress has multiple XSS issues.
1520 CVE-2017-18555 79 XSS 2019-08-21 2019-08-21
4.3
None Remote Medium Not required None Partial None
The booking-sms plugin before 1.1.0 for WordPress has XSS.
1521 CVE-2017-18554 79 XSS 2019-08-21 2019-08-21
4.3
None Remote Medium Not required None Partial None
The analytics-tracker plugin before 1.1.1 for WordPress has XSS via a search event.
1522 CVE-2017-18553 79 XSS 2019-08-21 2019-08-21
4.3
None Remote Medium Not required None Partial None
The ad-buttons plugin before 2.3.2 for WordPress has XSS.
1523 CVE-2017-18552 787 2019-08-19 2019-10-07
4.6
None Local Low Not required Partial Partial Partial
An issue was discovered in net/rds/af_rds.c in the Linux kernel before 4.11. There is an out of bounds write and read in the function rds_recv_track_latency.
1524 CVE-2017-18551 787 2019-08-19 2020-05-04
4.6
None Local Low Not required Partial Partial Partial
An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux kernel before 4.14.15. There is an out of bounds write in the function i2c_smbus_xfer_emulated.
1525 CVE-2017-18550 200 +Info 2019-08-19 2019-08-23
2.1
None Local Low Not required Partial None None
An issue was discovered in drivers/scsi/aacraid/commctrl.c in the Linux kernel before 4.13. There is potential exposure of kernel stack memory because aac_get_hba_info does not initialize the hbainfo structure.
1526 CVE-2017-18549 200 +Info 2019-08-19 2019-08-23
2.1
None Local Low Not required Partial None None
An issue was discovered in drivers/scsi/aacraid/commctrl.c in the Linux kernel before 4.13. There is potential exposure of kernel stack memory because aac_send_raw_srb does not initialize the reply structure.
1527 CVE-2017-18548 89 Sql 2019-08-16 2019-08-16
7.5
None Remote Low Not required Partial Partial Partial
The note-press plugin before 0.1.2 for WordPress has SQL injection.
1528 CVE-2017-18547 352 CSRF 2019-08-16 2019-08-21
6.8
None Remote Medium Not required Partial Partial Partial
The nelio-ab-testing plugin before 4.6.4 for WordPress has CSRF in experiment forms.
1529 CVE-2017-18546 352 CSRF 2019-08-16 2019-08-21
6.8
None Remote Medium Not required Partial Partial Partial
The jayj-quicktag plugin before 1.3.2 for WordPress has CSRF.
1530 CVE-2017-18545 20 2019-08-16 2019-08-21
5.0
None Remote Low Not required None Partial None
The invite-anyone plugin before 1.3.16 for WordPress has incorrect escaping of untrusted Dashboard and front-end input.
1531 CVE-2017-18544 352 CSRF 2019-08-16 2019-08-21
6.8
None Remote Medium Not required Partial Partial Partial
The invite-anyone plugin before 1.3.16 for WordPress has admin-panel CSRF.
1532 CVE-2017-18543 284 2019-08-16 2019-08-21
7.5
None Remote Low Not required Partial Partial Partial
The invite-anyone plugin before 1.3.16 for WordPress has incorrect access control for email-based invitations.
1533 CVE-2017-18542 79 XSS 2019-08-16 2019-08-21
4.3
None Remote Medium Not required None Partial None
The zendesk-help-center plugin before 1.0.5 for WordPress has multiple XSS issues.
1534 CVE-2017-18541 79 XSS 2019-08-16 2019-08-21
4.3
None Remote Medium Not required None Partial None
The xo-security plugin before 1.5.3 for WordPress has XSS.
1535 CVE-2017-18540 79 XSS 2019-08-21 2019-08-28
4.3
None Remote Medium Not required None Partial None
The weblibrarian plugin before 3.4.8.7 for WordPress has XSS via front-end short codes.
1536 CVE-2017-18539 79 XSS 2019-08-21 2019-09-10
4.3
None Remote Medium Not required None Partial None
The weblibrarian plugin before 3.4.8.6 for WordPress has XSS via front-end short codes.
1537 CVE-2017-18538 79 XSS 2019-08-21 2020-02-10
4.3
None Remote Medium Not required None Partial None
The weblibrarian plugin before 3.4.8.5 for WordPress has XSS via front-end short codes.
1538 CVE-2017-18537 79 XSS 2019-08-21 2019-08-21
4.3
None Remote Medium Not required None Partial None
The visitors-online plugin before 1.0.0 for WordPress has multiple XSS issues.
1539 CVE-2017-18536 79 XSS 2019-08-21 2019-08-21
4.3
None Remote Medium Not required None Partial None
The stop-user-enumeration plugin before 1.3.8 for WordPress has XSS.
1540 CVE-2017-18535 79 XSS 2019-08-21 2019-08-22
4.3
None Remote Medium Not required None Partial None
The smokesignal plugin before 1.2.7 for WordPress has XSS.
1541 CVE-2017-18534 79 XSS 2019-08-21 2019-08-23
4.3
None Remote Medium Not required None Partial None
The share-on-diaspora plugin before 0.7.2 for WordPress has reflected XSS in share URL parameters.
1542 CVE-2017-18533 79 XSS 2019-08-20 2019-08-21
4.3
None Remote Medium Not required None Partial None
The rimons-twitter-widget plugin before 1.3 for WordPress has XSS.
1543 CVE-2017-18532 79 XSS 2019-08-20 2019-08-21
4.3
None Remote Medium Not required None Partial None
The realty plugin before 1.1.0 for WordPress has multiple XSS issues.
1544 CVE-2017-18531 79 XSS 2019-08-20 2019-08-22
4.3
None Remote Medium Not required None Partial None
The raygun4wp plugin before 1.8.3 for WordPress has XSS in the settings, a different issue than CVE-2017-9288.
1545 CVE-2017-18530 79 XSS 2019-08-20 2019-08-22
4.3
None Remote Medium Not required None Partial None
The rating-bws plugin before 0.2 for WordPress has multiple XSS issues.
1546 CVE-2017-18529 79 XSS 2019-08-20 2019-08-22
4.3
None Remote Medium Not required None Partial None
The promobar plugin before 1.1.1 for WordPress has multiple XSS issues.
1547 CVE-2017-18528 79 XSS 2019-08-20 2019-08-22
4.3
None Remote Medium Not required None Partial None
The pdf-print plugin before 1.9.4 for WordPress has multiple XSS issues.
1548 CVE-2017-18527 79 XSS 2019-08-20 2019-08-22
4.3
None Remote Medium Not required None Partial None
The pagination plugin before 1.0.7 for WordPress has multiple XSS issues.
1549 CVE-2017-18526 79 XSS 2019-08-20 2019-08-22
4.3
None Remote Medium Not required None Partial None
The moreads-se plugin before 1.4.7 for WordPress has XSS.
1550 CVE-2017-18525 79 XSS 2019-08-21 2019-08-22
4.3
None Remote Medium Not required None Partial None
The megamenu plugin before 2.4 for WordPress has XSS.
Total number of vulnerabilities : 2004   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 (This Page)32 33 34 35 36 37 38 39 40 41
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.