Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.8

    MEDIUM
    CVE-2015-9401

    The websimon-tables plugin through 1.3.4 for WordPress has wp-admin/tools.php edit_style id XSS.... Read more

    Affected Products : websimon-tables
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2015-9400

    The wordpress-meta-robots plugin through 2.1 for WordPress has wp-admin/post-new.php text SQL injection.... Read more

    Affected Products : wordpress_meta_robots
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2015-9399

    The wp-stats-dashboard plugin through 2.9.4 for WordPress has admin/graph_trend.php type SQL injection.... Read more

    Affected Products : wp-stats-dashboard
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2015-9398

    The gocodes plugin through 1.3.5 for WordPress has wp-admin/tools.php gcid SQL injection.... Read more

    Affected Products : gocodes
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2015-9397

    The gocodes plugin through 1.3.5 for WordPress has wp-admin/tools.php deletegc XSS.... Read more

    Affected Products : gocodes
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-9396

    The auto-thickbox-plus plugin through 1.9 for WordPress has wp-content/plugins/auto-thickbox-plus/download.min.php?file= XSS.... Read more

    Affected Products : auto_thickbox_plus
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2015-9395

    The users-ultra plugin before 1.5.64 for WordPress has SQL Injection via an ajax action.... Read more

    Affected Products : users_ultra_membership
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2015-9394

    The users-ultra plugin before 1.5.63 for WordPress has CSRF via action=package_add_new to wp-admin/admin-ajax.php.... Read more

    Affected Products : users_ultra_membership
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2015-9393

    The users-ultra plugin before 1.5.63 for WordPress has XSS via the p_desc parameter.... Read more

    Affected Products : users_ultra_membership
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2015-9392

    The users-ultra plugin before 1.5.63 for WordPress has XSS via the p_name parameter.... Read more

    Affected Products : users_ultra_membership
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-9391

    The yawpp plugin through 1.2.2 for WordPress has XSS via the field1 parameter.... Read more

    Affected Products : yawpp
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2015-9390

    The admin-management-xtended plugin before 2.4.0.1 for WordPress has privilege escalation because wp_ajax functions are mishandled.... Read more

    Affected Products : admin_management_xtended
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2015-9389

    The mtouch-quiz plugin before 3.1.3 for WordPress has XSS via a quiz name.... Read more

    Affected Products : mtouch_quiz
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2015-9388

    The mtouch-quiz plugin before 3.1.3 for WordPress has wp-admin/edit.php CSRF with resultant XSS.... Read more

    Affected Products : mtouch_quiz
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2015-9387

    The mtouch-quiz plugin before 3.1.3 for WordPress has wp-admin/options-general.php CSRF.... Read more

    Affected Products : mtouch_quiz
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-9386

    The mtouch-quiz plugin before 3.1.3 for WordPress has XSS via the quiz parameter during a Quiz Manage operation.... Read more

    Affected Products : mtouch_quiz
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-9385

    The quotes-and-tips plugin before 1.20 for WordPress has XSS.... Read more

    Affected Products : quotes_and_tips
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2015-9384

    The relevant plugin before 1.0.8 for WordPress has XSS.... Read more

    Affected Products : relevant
    • Published: Sep. 20, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2015-9383

    FreeType before 2.6.2 has a heap-based buffer over-read in tt_cmap14_validate in sfnt/ttcmap.c.... Read more

    Affected Products : ubuntu_linux debian_linux freetype
    • Published: Sep. 03, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2015-9382

    FreeType before 2.6.1 has a buffer over-read in skip_comment in psaux/psobjs.c because ps_parser_skip_PS_token is mishandled in an FT_New_Memory_Face operation.... Read more

    Affected Products : debian_linux freetype
    • Published: Sep. 03, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 292811 Results