Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.4

    MEDIUM
    CVE-2016-11012

    The sola-support-tickets plugin before 3.13 for WordPress has incorrect access control for /wp-admin with resultant XSS.... Read more

    Affected Products : sola_support_tickets
    • EPSS Score: %0.18
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2016-11011

    The wp-invoice plugin before 4.1.1 for WordPress has wpi_update_user_option privilege escalation.... Read more

    Affected Products : wp-invoice
    • EPSS Score: %0.17
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2016-11010

    The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_twocheckout payer metadata updates.... Read more

    Affected Products : wp-invoice
    • EPSS Score: %0.25
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2016-11009

    The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_interkassa payer metadata updates.... Read more

    Affected Products : wp-invoice
    • EPSS Score: %0.23
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2016-11008

    The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_paypal payer metadata updates.... Read more

    Affected Products : wp-invoice
    • EPSS Score: %0.23
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2016-11007

    The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_user_id for invoice retrieval.... Read more

    Affected Products : wp-invoice
    • EPSS Score: %0.32
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2016-11006

    The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control for admin_init settings changes.... Read more

    Affected Products : wp-invoice
    • EPSS Score: %0.23
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-11005

    The instalinker plugin before 1.1.2 for WordPress has includes/instalinker-admin-preview.php?client_id= XSS.... Read more

    Affected Products : instalinker
    • EPSS Score: %0.19
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-11004

    The Elegant Themes Monarch plugin before 1.2.7 for WordPress has privilege escalation.... Read more

    Affected Products : monarch
    • EPSS Score: %0.20
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-11003

    The Elegant Themes Bloom plugin before 1.1.1 for WordPress has privilege escalation.... Read more

    Affected Products : monarch
    • EPSS Score: %0.20
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-11002

    The Elegant Themes Extra theme before 1.2.4 for WordPress has privilege escalation.... Read more

    Affected Products : extra
    • EPSS Score: %0.20
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-11001

    The user-submitted-posts plugin before 20160215 for WordPress has XSS via the user-submitted-content field.... Read more

    Affected Products : user_submitted_posts
    • EPSS Score: %0.17
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-11000

    The wp-ultimate-exporter plugin through 1.1 for WordPress has SQL injection via the export_type_name parameter.... Read more

    Affected Products : ultimate_exporter
    • EPSS Score: %0.55
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-10999

    The Goodnews theme through 2016-02-28 for WordPress has XSS via the s parameter.... Read more

    Affected Products : goodnews
    • EPSS Score: %0.19
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-10998

    The ocim-mp3 plugin through 2016-03-07 for WordPress has wp-content/plugins/ocim-mp3/source/pages.php?id= XSS.... Read more

    Affected Products : ocim-mp3
    • EPSS Score: %0.19
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2016-10997

    The beauty-premium theme 1.0.8 for WordPress has CSRF with resultant arbitrary file upload in includes/sendmail.php.... Read more

    Affected Products : beauty-premium
    • EPSS Score: %0.19
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2016-10996

    The optinmonster plugin before 1.1.4.6 for WordPress has incorrect access control for shortcodes because of a nonce leak.... Read more

    Affected Products : optinmonster
    • EPSS Score: %0.16
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-10995

    The Tevolution plugin before 2.3.0 for WordPress has arbitrary file upload via single_upload.php or single-upload.php.... Read more

    Affected Products : telvolution
    • EPSS Score: %0.84
    • Published: Sep. 18, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-10994

    The Truemag theme 2016 Q2 for WordPress has XSS via the s parameter.... Read more

    Affected Products : truemag_theme
    • EPSS Score: %0.94
    • Published: Sep. 18, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2016-10993

    The ScoreMe theme through 2016-04-01 for WordPress has XSS via the s parameter.... Read more

    Affected Products : scoreme
    • EPSS Score: %6.28
    • Published: Sep. 17, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291779 Results