Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2016-10969

    The supportflow plugin before 0.7 for WordPress has XSS via a discussion ticket title.... Read more

    Affected Products : supportflow
    • EPSS Score: %0.26
    • Published: Sep. 16, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-10968

    The peepso-core plugin before 1.6.1 for WordPress has PeepSoProfilePreferencesAjax->save() privilege escalation.... Read more

    Affected Products : peepso
    • EPSS Score: %0.23
    • Published: Sep. 16, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-10967

    The real3d-flipbook-lite plugin 1.0 for WordPress has XSS via the wp-content/plugins/real3d-flipbook/includes/flipbooks.php bookId parameter.... Read more

    Affected Products : real3d_flipbook
    • EPSS Score: %0.19
    • Published: Sep. 16, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2016-10966

    The real3d-flipbook-lite plugin 1.0 for WordPress has bookName=../ directory traversal for file upload.... Read more

    Affected Products : real3d_flipbook
    • EPSS Score: %0.36
    • Published: Sep. 16, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2016-10965

    The real3d-flipbook-lite plugin 1.0 for WordPress has deleteBook=../ directory traversal for file deletion.... Read more

    Affected Products : real3d_flipbook
    • EPSS Score: %0.52
    • Published: Sep. 16, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-10964

    The dwnldr plugin before 1.01 for WordPress has XSS via the User-Agent HTTP header.... Read more

    Affected Products : dwnldr
    • EPSS Score: %0.19
    • Published: Sep. 16, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-10963

    The icegram plugin before 1.9.19 for WordPress has XSS.... Read more

    Affected Products : icegram_engage icegram_express
    • EPSS Score: %0.19
    • Published: Sep. 16, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2016-10962

    The icegram plugin before 1.9.19 for WordPress has CSRF via the wp-admin/edit.php option_name parameter.... Read more

    Affected Products : icegram_engage icegram_express
    • EPSS Score: %0.14
    • Published: Sep. 16, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-10961

    The colorway theme before 3.4.2 for WordPress has XSS via the contactName parameter.... Read more

    Affected Products : colorway
    • EPSS Score: %0.19
    • Published: Sep. 16, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-10960

    The wsecure plugin before 2.4 for WordPress has remote code execution via shell metacharacters in the wsecure-config.php publish parameter.... Read more

    Affected Products : wsecure
    • EPSS Score: %58.12
    • Published: Sep. 16, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2016-10959

    The estatik plugin before 2.3.1 for WordPress has authenticated arbitrary file upload (exploitable with CSRF) via es_media_images[] to wp-admin/admin-ajax.php.... Read more

    Affected Products : estatik
    • EPSS Score: %0.44
    • Published: Sep. 16, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2016-10958

    The estatik plugin before 2.3.0 for WordPress has unauthenticated arbitrary file upload via es_media_images[] to wp-admin/admin-ajax.php.... Read more

    Affected Products : estatik
    • EPSS Score: %0.59
    • Published: Sep. 16, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-10957

    The Akal theme through 2016-08-22 for WordPress has XSS via the framework/brad-shortcodes/tinymce/preview.php sc parameter.... Read more

    Affected Products : akal
    • EPSS Score: %0.19
    • Published: Sep. 16, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2016-10956

    The mail-masta plugin 1.0 for WordPress has local file inclusion in count_of_send.php and csvexport.php.... Read more

    Affected Products : mail-masta
    • EPSS Score: %86.94
    • Published: Sep. 16, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-10955

    The cysteme-finder plugin before 1.4 for WordPress has unrestricted file upload because of incorrect session tracking.... Read more

    Affected Products : cysteme-finder
    • EPSS Score: %0.84
    • Published: Sep. 13, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-10954

    The Neosense theme before 1.8 for WordPress has qquploader unrestricted file upload.... Read more

    Affected Products : neosense
    • EPSS Score: %0.84
    • Published: Sep. 13, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2016-10953

    The Headway theme before 3.8.9 for WordPress has XSS via the license key field.... Read more

    Affected Products : headway
    • EPSS Score: %0.16
    • Published: Sep. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-10952

    The quotes-collection plugin before 2.0.6 for WordPress has XSS via the wp-admin/admin.php?page=quotes-collection page parameter.... Read more

    Affected Products : quotes_collection
    • EPSS Score: %0.24
    • Published: Sep. 13, 2019
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2016-10951

    The fs-shopping-cart plugin 2.07.02 for WordPress has SQL injection via the pid parameter.... Read more

    Affected Products : fs-shopping-cart
    • EPSS Score: %0.69
    • Published: Sep. 13, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-10950

    The sirv plugin before 1.3.2 for WordPress has SQL injection via the id parameter.... Read more

    Affected Products : sirv
    • EPSS Score: %0.65
    • Published: Sep. 13, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291756 Results