Shodan

166.62.26.12

Regular View Raw Data
Last Seen: 2024-09-12
Tags:
database

GeneralInformation

Hostnames liataaronson.com
www.liataaronson.com
12.26.62.166.host.secureserver.net
prod.sin2.secureserver.net
Domains liataaronson.com secureserver.net 
Country Singapore
City Singapore
Organization GoDaddy.com, LLC
ISP GoDaddy.com, LLC
ASN AS26496

WebTechnologies

Blogs
WordPress4.6.14.6.29
CDN
Google Hosted Libraries
CMS
WordPress4.6.14.6.29
Databases
MySQL
Font scripts
Cufon
Form builders
Contact Form 7
JavaScript graphics
Supersized3.1.3
JavaScript libraries
jQuery1.7.1
jQuery UI1.8.13
jQuery Migrate1.4.1
Programming languages
PHP
UI frameworks
Bootstrap
Video players
FitVids.JS1.1
Widgets
FitVids.JS1.1
WordPress plugins
Contact Form 7

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

OpenPorts 

-310225503 | 2024-09-08T05:50:10.693995
22 / tcp 
1842018003 | 2024-09-12T22:16:38.311742
80 / tcp 
-793859345 | 2024-08-17T16:50:05.388269
443 / tcp 
-1001764030 | 2024-08-24T17:11:23.966675
995 / tcp 
965382378 | 2024-09-12T10:09:58.106042
2083 / tcp 
-1987580057 | 2024-08-15T06:55:59.338856
3306 / tcp



Products
Pricing
Contact Us

Shodan ® - All rights reserved

\", which results in the enclosed script logic to be executed.","verified":false},"CVE-2020-4050":{"cvss":6.0,"ports":[443],"summary":"In affected versions of WordPress, misuse of the `set-screen-option` filter's return value allows arbitrary user meta fields to be saved. It does require an admin to install a plugin that would misuse the filter. Once installed, it can be leveraged by low privileged users. This has been patched in version 5.4.2, along with all the previously affected versions via a minor release (5.3.4, 5.2.7, 5.1.6, 5.0.10, 4.9.15, 4.8.14, 4.7.18, 4.6.19, 4.5.22, 4.4.23, 4.3.24, 4.2.28, 4.1.31, 4.0.31, 3.9.32, 3.8.34, 3.7.34).","verified":false},"CVE-2020-4049":{"cvss":3.5,"ports":[443],"summary":"In affected versions of WordPress, when uploading themes, the name of the theme folder can be crafted in a way that could lead to JavaScript execution in /wp-admin on the themes page. This does require an admin to upload the theme, and is low severity self-XSS. This has been patched in version 5.4.2, along with all the previously affected versions via a minor release (5.3.4, 5.2.7, 5.1.6, 5.0.10, 4.9.15, 4.8.14, 4.7.18, 4.6.19, 4.5.22, 4.4.23, 4.3.24, 4.2.28, 4.1.31, 4.0.31, 3.9.32, 3.8.34, 3.7.34).","verified":false},"CVE-2020-4048":{"cvss":4.9,"ports":[443],"summary":"In affected versions of WordPress, due to an issue in wp_validate_redirect() and URL sanitization, an arbitrary external link can be crafted leading to unintended/open redirect when clicked. This has been patched in version 5.4.2, along with all the previously affected versions via a minor release (5.3.4, 5.2.7, 5.1.6, 5.0.10, 4.9.15, 4.8.14, 4.7.18, 4.6.19, 4.5.22, 4.4.23, 4.3.24, 4.2.28, 4.1.31, 4.0.31, 3.9.32, 3.8.34, 3.7.34).","verified":false},"CVE-2020-4047":{"cvss":3.5,"ports":[443],"summary":"In affected versions of WordPress, authenticated users with upload permissions (like authors) are able to inject JavaScript into some media file attachment pages in a certain way. This can lead to script execution in the context of a higher privileged user when the file is viewed by them. This has been patched in version 5.4.2, along with all the previously affected versions via a minor release (5.3.4, 5.2.7, 5.1.6, 5.0.10, 4.9.15, 4.8.14, 4.7.18, 4.6.19, 4.5.22, 4.4.23, 4.3.24, 4.2.28, 4.1.31, 4.0.31, 3.9.32, 3.8.34, 3.7.34).","verified":false},"CVE-2020-4046":{"cvss":3.5,"ports":[443],"summary":"In affected versions of WordPress, users with low privileges (like contributors and authors) can use the embed block in a certain way to inject unfiltered HTML in the block editor. When affected posts are viewed by a higher privileged user, this could lead to script execution in the editor/wp-admin. This has been patched in version 5.4.2, along with all the previously affected versions via a minor release (5.3.4, 5.2.7, 5.1.6, 5.0.10, 4.9.15, 4.8.14, 4.7.18, 4.6.19, 4.5.22, 4.4.23, 4.3.24, 4.2.28, 4.1.31, 4.0.31, 3.9.32, 3.8.34, 3.7.34).","verified":false},"CVE-2019-20043":{"cvss":5.0,"ports":[443],"summary":"In in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in WordPress 3.7 to 5.3.0, authenticated users who do not have the rights to publish a post are able to mark posts as sticky or unsticky via the REST API. For example, the contributor role does not have such rights, but this allowed them to bypass that. This has been patched in WordPress 5.3.1, along with all the previous WordPress versions from 3.7 to 5.3 via a minor release.","verified":false},"CVE-2019-20042":{"cvss":4.3,"ports":[443],"summary":"In wp-includes/formatting.php in WordPress 3.7 to 5.3.0, the function wp_targeted_link_rel() can be used in a particular way to result in a stored cross-site scripting (XSS) vulnerability. This has been patched in WordPress 5.3.1, along with all the previous WordPress versions from 3.7 to 5.3 via a minor release.","verified":false},"CVE-2019-20041":{"cvss":7.5,"ports":[443],"summary":"wp_kses_bad_protocol in wp-includes/kses.php in WordPress before 5.3.1 mishandles the HTML5 colon named entity, allowing attackers to bypass input sanitization, as demonstrated by the javascript: substring.","verified":false},"CVE-2019-17675":{"cvss":6.8,"ports":[443],"summary":"WordPress before 5.2.4 does not properly consider type confusion during validation of the referer in the admin pages, possibly leading to CSRF.","verified":false},"CVE-2019-17674":{"cvss":3.5,"ports":[443],"summary":"WordPress before 5.2.4 is vulnerable to stored XSS (cross-site scripting) via the Customizer.","verified":false},"CVE-2019-17673":{"cvss":5.0,"ports":[443],"summary":"WordPress before 5.2.4 is vulnerable to poisoning of the cache of JSON GET requests because certain requests lack a Vary: Origin header.","verified":false},"CVE-2019-17672":{"cvss":4.3,"ports":[443],"summary":"WordPress before 5.2.4 is vulnerable to a stored XSS attack to inject JavaScript into STYLE elements.","verified":false},"CVE-2019-17671":{"cvss":5.0,"ports":[443],"summary":"In WordPress before 5.2.4, unauthenticated viewing of certain content is possible because the static query property is mishandled.","verified":false},"CVE-2019-17670":{"cvss":7.5,"ports":[443],"summary":"WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because Windows paths are mishandled during certain validation of relative URLs.","verified":false},"CVE-2019-17669":{"cvss":7.5,"ports":[443],"summary":"WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because URL validation does not consider the interpretation of a name as a series of hex characters.","verified":false},"CVE-2019-16905":{"cvss":4.4,"ports":[22],"summary":"OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.","verified":false},"CVE-2019-16781":{"cvss":3.5,"ports":[443],"summary":"In WordPress before 5.3.1, authenticated users with lower privileges (like contributors) can inject JavaScript code in the block editor, which is executed within the dashboard. It can lead to an admin opening the affected post in the editor leading to XSS.","verified":false},"CVE-2019-16780":{"cvss":3.5,"ports":[443],"summary":"WordPress users with lower privileges (like contributors) can inject JavaScript code in the block editor using a specific payload, which is executed within the dashboard. This can lead to XSS if an admin opens the post in the editor. Execution of this attack does require an authenticated user. This has been patched in WordPress 5.3.1, along with all the previous WordPress versions from 3.7 to 5.3 via a minor release. Automatic updates are enabled by default for minor releases and we strongly recommend that you keep them enabled.","verified":false},"CVE-2019-16223":{"cvss":3.5,"ports":[443],"summary":"WordPress before 5.2.3 allows XSS in post previews by authenticated users.","verified":false},"CVE-2019-16222":{"cvss":4.3,"ports":[443],"summary":"WordPress before 5.2.3 has an issue with URL sanitization in wp_kses_bad_protocol_once in wp-includes/kses.php that can lead to cross-site scripting (XSS) attacks.","verified":false},"CVE-2019-16221":{"cvss":4.3,"ports":[443],"summary":"WordPress before 5.2.3 allows reflected XSS in the dashboard.","verified":false},"CVE-2019-16220":{"cvss":5.8,"ports":[443],"summary":"In WordPress before 5.2.3, validation and sanitization of a URL in wp_validate_redirect in wp-includes/pluggable.php could lead to an open redirect.","verified":false},"CVE-2019-16219":{"cvss":4.3,"ports":[443],"summary":"WordPress before 5.2.3 allows XSS in shortcode previews.","verified":false},"CVE-2019-16218":{"cvss":4.3,"ports":[443],"summary":"WordPress before 5.2.3 allows XSS in stored comments.","verified":false},"CVE-2019-16217":{"cvss":4.3,"ports":[443],"summary":"WordPress before 5.2.3 allows XSS in media uploads because wp_ajax_upload_attachment is mishandled.","verified":false},"CVE-2019-11358":{"cvss":4.3,"ports":[80],"summary":"jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.","verified":false},"CVE-2019-9787":{"cvss":6.8,"ports":[443],"summary":"WordPress before 5.1.1 does not properly filter comment content, leading to Remote Code Execution by unauthenticated users in a default configuration. This occurs because CSRF protection is mishandled, and because Search Engine Optimization of A elements is performed incorrectly, leading to XSS. The XSS results in administrative access, which allows arbitrary changes to .php files. This is related to wp-admin/includes/ajax-actions.php and wp-includes/comment.php.","verified":false},"CVE-2019-8943":{"cvss":4.0,"ports":[443],"summary":"WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An attacker (who has privileges to crop an image) can write the output image to an arbitrary directory via a filename containing two image extensions and ../ sequences, such as a filename ending with the .jpg?/../../file.jpg substring.","verified":false},"CVE-2019-8942":{"cvss":6.5,"ports":[443],"summary":"WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an _wp_attached_file Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image containing PHP code in the Exif metadata. Exploitation can leverage CVE-2019-8943.","verified":false},"CVE-2018-1000773":{"cvss":6.5,"ports":[443],"summary":"WordPress version 4.9.8 and earlier contains a CWE-20 Input Validation vulnerability in thumbnail processing that can result in remote code execution due to an incomplete fix for CVE-2017-1000600. This attack appears to be exploitable via thumbnail upload by an authenticated user and may require additional plugins in order to be exploited however this has not been confirmed at this time.","verified":false},"CVE-2018-20153":{"cvss":3.5,"ports":[443],"summary":"In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could modify new comments made by users with greater privileges, possibly causing XSS.","verified":false},"CVE-2018-20152":{"cvss":4.0,"ports":[443],"summary":"In WordPress before 4.9.9 and 5.x before 5.0.1, authors could bypass intended restrictions on post types via crafted input.","verified":false},"CVE-2018-20151":{"cvss":5.0,"ports":[443],"summary":"In WordPress before 4.9.9 and 5.x before 5.0.1, the user-activation page could be read by a search engine's web crawler if an unusual configuration were chosen. The search engine could then index and display a user's e-mail address and (rarely) the password that was generated by default.","verified":false},"CVE-2018-20150":{"cvss":4.3,"ports":[443],"summary":"In WordPress before 4.9.9 and 5.x before 5.0.1, crafted URLs could trigger XSS for certain use cases involving plugins.","verified":false},"CVE-2018-20149":{"cvss":3.5,"ports":[443],"summary":"In WordPress before 4.9.9 and 5.x before 5.0.1, when the Apache HTTP Server is used, authors could upload crafted files that bypass intended MIME type restrictions, leading to XSS, as demonstrated by a .jpg file without JPEG data.","verified":false},"CVE-2018-20148":{"cvss":7.5,"ports":[443],"summary":"In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could conduct PHP object injection attacks via crafted metadata in a wp.getMediaItem XMLRPC call. This is caused by mishandling of serialized data at phar:// URLs in the wp_get_attachment_thumb_file function in wp-includes/post.php.","verified":false},"CVE-2018-20147":{"cvss":5.5,"ports":[443],"summary":"In WordPress before 4.9.9 and 5.x before 5.0.1, authors could modify metadata to bypass intended restrictions on deleting files.","verified":false},"CVE-2018-19296":{"cvss":6.8,"ports":[443],"summary":"PHPMailer before 5.2.27 and 6.x before 6.0.6 is vulnerable to an object injection attack.","verified":false},"CVE-2018-12895":{"cvss":6.5,"ports":[443],"summary":"WordPress through 4.9.6 allows Author users to execute arbitrary code by leveraging directory traversal in the wp-admin/post.php thumb parameter, which is passed to the PHP unlink function and can delete the wp-config.php file. This is related to missing filename validation in the wp-includes/post.php wp_delete_attachment function. The attacker must have capabilities for files and posts that are normally available only to the Author, Editor, and Administrator roles. The attack methodology is to delete wp-config.php and then launch a new installation process to increase the attacker's privileges.","verified":false},"CVE-2018-10102":{"cvss":4.3,"ports":[443],"summary":"Before WordPress 4.9.5, the version string was not escaped in the get_the_generator function, and could lead to XSS in a generator tag.","verified":false},"CVE-2018-10101":{"cvss":5.8,"ports":[443],"summary":"Before WordPress 4.9.5, the URL validator assumed URLs with the hostname localhost were on the same host as the WordPress server.","verified":false},"CVE-2018-10100":{"cvss":5.8,"ports":[443],"summary":"Before WordPress 4.9.5, the redirection URL for the login page was not validated or sanitized if forced to use HTTPS.","verified":false},"CVE-2018-6389":{"cvss":5.0,"ports":[443],"summary":"In WordPress through 4.9.2, unauthenticated attackers can cause a denial of service (resource consumption) by using the large list of registered .js files (from wp-includes/script-loader.php) to construct a series of requests to load every file many times.","verified":false},"CVE-2018-5776":{"cvss":4.3,"ports":[443],"summary":"WordPress before 4.9.2 has XSS in the Flash fallback files in MediaElement (under wp-includes/js/mediaelement).","verified":false},"CVE-2017-1000600":{"cvss":6.5,"ports":[443],"summary":"WordPress version <4.9 contains a CWE-20 Input Validation vulnerability in thumbnail processing that can result in remote code execution. This attack appears to be exploitable via thumbnail upload by an authenticated user and may require additional plugins in order to be exploited however this has not been confirmed at this time. This issue appears to have been partially, but not completely fixed in WordPress 4.9","verified":false},"CVE-2017-17094":{"cvss":3.5,"ports":[443],"summary":"wp-includes/feed.php in WordPress before 4.9.1 does not properly restrict enclosures in RSS and Atom fields, which might allow attackers to conduct XSS attacks via a crafted URL.","verified":false},"CVE-2017-17093":{"cvss":3.5,"ports":[443],"summary":"wp-includes/general-template.php in WordPress before 4.9.1 does not properly restrict the lang attribute of an HTML element, which might allow attackers to conduct XSS attacks via the language setting of a site.","verified":false},"CVE-2017-17092":{"cvss":3.5,"ports":[443],"summary":"wp-includes/functions.php in WordPress before 4.9.1 does not require the unfiltered_html capability for upload of .js files, which might allow remote attackers to conduct XSS attacks via a crafted file.","verified":false},"CVE-2017-17091":{"cvss":6.5,"ports":[443],"summary":"wp-admin/user-new.php in WordPress before 4.9.1 sets the newbloguser key to a string that can be directly derived from the user ID, which allows remote attackers to bypass intended access restrictions by entering this string.","verified":false},"CVE-2017-16510":{"cvss":7.5,"ports":[443],"summary":"WordPress before 4.8.3 is affected by an issue where $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi) in plugins and themes, as demonstrated by a \"double prepare\" approach, a different vulnerability than CVE-2017-14723.","verified":false},"CVE-2017-14726":{"cvss":4.3,"ports":[443],"summary":"Before version 4.8.2, WordPress was vulnerable to a cross-site scripting attack via shortcodes in the TinyMCE visual editor.","verified":false},"CVE-2017-14725":{"cvss":4.9,"ports":[443],"summary":"Before version 4.8.2, WordPress was susceptible to an open redirect attack in wp-admin/edit-tag-form.php and wp-admin/user-edit.php.","verified":false},"CVE-2017-14724":{"cvss":4.3,"ports":[443],"summary":"Before version 4.8.2, WordPress was vulnerable to cross-site scripting in oEmbed discovery.","verified":false},"CVE-2017-14723":{"cvss":7.5,"ports":[443],"summary":"Before version 4.8.2, WordPress mishandled % characters and additional placeholder values in $wpdb->prepare, and thus did not properly address the possibility of plugins and themes enabling SQL injection attacks.","verified":false},"CVE-2017-14721":{"cvss":4.3,"ports":[443],"summary":"Before version 4.8.2, WordPress allowed Cross-Site scripting in the plugin editor via a crafted plugin name.","verified":false},"CVE-2017-14720":{"cvss":4.3,"ports":[443],"summary":"Before version 4.8.2, WordPress allowed a Cross-Site scripting attack in the template list view via a crafted template name.","verified":false},"CVE-2017-14719":{"cvss":5.0,"ports":[443],"summary":"Before version 4.8.2, WordPress was vulnerable to a directory traversal attack during unzip operations in the ZipArchive and PclZip components.","verified":false},"CVE-2017-14718":{"cvss":4.3,"ports":[443],"summary":"Before version 4.8.2, WordPress was susceptible to a Cross-Site Scripting attack in the link modal via a javascript: or data: URL.","verified":false},"CVE-2017-9066":{"cvss":5.0,"ports":[443],"summary":"In WordPress before 4.7.5, there is insufficient redirect validation in the HTTP class, leading to SSRF.","verified":false},"CVE-2017-9065":{"cvss":5.0,"ports":[443],"summary":"In WordPress before 4.7.5, there is a lack of capability checks for post meta data in the XML-RPC API.","verified":false},"CVE-2017-9064":{"cvss":6.8,"ports":[443],"summary":"In WordPress before 4.7.5, a Cross Site Request Forgery (CSRF) vulnerability exists in the filesystem credentials dialog because a nonce is not required for updating credentials.","verified":false},"CVE-2017-9063":{"cvss":4.3,"ports":[443],"summary":"In WordPress before 4.7.5, a cross-site scripting (XSS) vulnerability related to the Customizer exists, involving an invalid customization session.","verified":false},"CVE-2017-9062":{"cvss":5.0,"ports":[443],"summary":"In WordPress before 4.7.5, there is improper handling of post meta data values in the XML-RPC API.","verified":false},"CVE-2017-9061":{"cvss":4.3,"ports":[443],"summary":"In WordPress before 4.7.5, a cross-site scripting (XSS) vulnerability exists when attempting to upload very large files, because the error message does not properly restrict presentation of the filename.","verified":false},"CVE-2017-8295":{"cvss":4.3,"ports":[443],"summary":"WordPress through 4.7.4 relies on the Host HTTP header for a password-reset e-mail message, which makes it easier for remote attackers to reset arbitrary passwords by making a crafted wp-login.php?action=lostpassword request and then arranging for this message to bounce or be resent, leading to transmission of the reset key to a mailbox on an attacker-controlled SMTP server. This is related to problematic use of the SERVER_NAME variable in wp-includes/pluggable.php in conjunction with the PHP mail function. Exploitation is not achievable in all cases because it requires at least one of the following: (1) the attacker can prevent the victim from receiving any e-mail messages for an extended period of time (such as 5 days), (2) the victim's e-mail system sends an autoresponse containing the original message, or (3) the victim manually composes a reply containing the original message.","verified":false},"CVE-2017-6819":{"cvss":4.3,"ports":[443],"summary":"In WordPress before 4.7.3, there is cross-site request forgery (CSRF) in Press This (wp-admin/includes/class-wp-press-this.php), leading to excessive use of server resources. The CSRF can trigger an outbound HTTP request for a large file that is then parsed by Press This.","verified":false},"CVE-2017-6818":{"cvss":4.3,"ports":[443],"summary":"In WordPress before 4.7.3 (wp-admin/js/tags-box.js), there is cross-site scripting (XSS) via taxonomy term names.","verified":false},"CVE-2017-6817":{"cvss":3.5,"ports":[443],"summary":"In WordPress before 4.7.3 (wp-includes/embed.php), there is authenticated Cross-Site Scripting (XSS) in YouTube URL Embeds.","verified":false},"CVE-2017-6816":{"cvss":5.5,"ports":[443],"summary":"In WordPress before 4.7.3 (wp-admin/plugins.php), unintended files can be deleted by administrators using the plugin deletion functionality.","verified":false},"CVE-2017-6815":{"cvss":5.8,"ports":[443],"summary":"In WordPress before 4.7.3 (wp-includes/pluggable.php), control characters can trick redirect URL validation.","verified":false},"CVE-2017-6814":{"cvss":3.5,"ports":[443],"summary":"In WordPress before 4.7.3, there is authenticated Cross-Site Scripting (XSS) via Media File Metadata. This is demonstrated by both (1) mishandling of the playlist shortcode in the wp_playlist_shortcode function in wp-includes/media.php and (2) mishandling of meta information in the renderTracks function in wp-includes/js/mediaelement/wp-playlist.js.","verified":false},"CVE-2017-5612":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in wp-admin/includes/class-wp-posts-list-table.php in the posts list table in WordPress before 4.7.2 allows remote attackers to inject arbitrary web script or HTML via a crafted excerpt.","verified":false},"CVE-2017-5611":{"cvss":7.5,"ports":[443],"summary":"SQL injection vulnerability in wp-includes/class-wp-query.php in WP_Query in WordPress before 4.7.2 allows remote attackers to execute arbitrary SQL commands by leveraging the presence of an affected plugin or theme that mishandles a crafted post type name.","verified":false},"CVE-2017-5610":{"cvss":5.0,"ports":[443],"summary":"wp-admin/includes/class-wp-press-this.php in Press This in WordPress before 4.7.2 does not properly restrict visibility of a taxonomy-assignment user interface, which allows remote attackers to bypass intended access restrictions by reading terms.","verified":false},"CVE-2017-5493":{"cvss":5.0,"ports":[443],"summary":"wp-includes/ms-functions.php in the Multisite WordPress API in WordPress before 4.7.1 does not properly choose random numbers for keys, which makes it easier for remote attackers to bypass intended access restrictions via a crafted (1) site signup or (2) user signup.","verified":false},"CVE-2017-5492":{"cvss":6.8,"ports":[443],"summary":"Cross-site request forgery (CSRF) vulnerability in the widget-editing accessibility-mode feature in WordPress before 4.7.1 allows remote attackers to hijack the authentication of unspecified victims for requests that perform a widgets-access action, related to wp-admin/includes/class-wp-screen.php and wp-admin/widgets.php.","verified":false},"CVE-2017-5491":{"cvss":5.0,"ports":[443],"summary":"wp-mail.php in WordPress before 4.7.1 might allow remote attackers to bypass intended posting restrictions via a spoofed mail server with the mail.example.com name.","verified":false},"CVE-2017-5490":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in the theme-name fallback functionality in wp-includes/class-wp-theme.php in WordPress before 4.7.1 allows remote attackers to inject arbitrary web script or HTML via a crafted directory name of a theme, related to wp-admin/includes/class-theme-installer-skin.php.","verified":false},"CVE-2017-5489":{"cvss":6.8,"ports":[443],"summary":"Cross-site request forgery (CSRF) vulnerability in WordPress before 4.7.1 allows remote attackers to hijack the authentication of unspecified victims via vectors involving a Flash file upload.","verified":false},"CVE-2017-5488":{"cvss":4.3,"ports":[443],"summary":"Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/update-core.php in WordPress before 4.7.1 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) version header of a plugin.","verified":false},"CVE-2017-5487":{"cvss":5.0,"ports":[443],"summary":"wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in the REST API implementation in WordPress 4.7 before 4.7.1 does not properly restrict listings of post authors, which allows remote attackers to obtain sensitive information via a wp-json/wp/v2/users request.","verified":false},"CVE-2016-20012":{"cvss":4.3,"ports":[22],"summary":"OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product","verified":false},"CVE-2016-10045":{"cvss":7.5,"ports":[443],"summary":"The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal escaping performed in the mail function in PHP. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-10033.","verified":false},"CVE-2016-10033":{"cvss":7.5,"ports":[443],"summary":"The mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \\\" (backslash double quote) in a crafted Sender property.","verified":false},"CVE-2016-9263":{"cvss":2.6,"ports":[443],"summary":"WordPress through 4.8.2, when domain-based flashmediaelement.swf sandboxing is not used, allows remote attackers to conduct cross-domain Flash injection (XSF) attacks by leveraging code contained within the wp-includes/js/mediaelement/flashmediaelement.swf file.","verified":false},"CVE-2015-9251":{"cvss":4.3,"ports":[80],"summary":"jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.","verified":false},"CVE-2013-5918":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in platinum_seo_pack.php in the Platinum SEO plugin before 1.3.8 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter.","verified":false},"CVE-2012-6708":{"cvss":4.3,"ports":[80],"summary":"jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.","verified":false},"CVE-2012-6707":{"cvss":5.0,"ports":[443],"summary":"WordPress through 4.8.2 uses a weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. NOTE: the approach to changing this may not be fully compatible with certain use cases, such as migration of a WordPress site from a web host that uses a recent PHP version to a different web host that uses PHP 5.2. These use cases are plausible (but very unlikely) based on statistics showing widespread deployment of WordPress with obsolete PHP versions.","verified":false},"CVE-2012-2920":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in the userphoto_options_page function in user-photo.php in the User Photo plugin before 0.9.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to wp-admin/options-general.php. NOTE: some of these details are obtained from third party information.","verified":false},"CVE-2012-2917":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in the Share and Follow plugin 1.80.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the CDN API Key (cnd-key) in a share-and-follow-menu page to wp-admin/admin.php.","verified":false},"CVE-2012-2916":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in sabre_class_admin.php in the SABRE plugin before 2.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the active_option parameter to wp-admin/tools.php.","verified":false},"CVE-2012-2913":{"cvss":4.3,"ports":[443],"summary":"Multiple cross-site scripting (XSS) vulnerabilities in the Leaflet plugin 0.0.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the id parameter to (1) leaflet_layer.php or (2) leaflet_marker.php, as reachable through wp-admin/admin.php.","verified":false},"CVE-2012-2912":{"cvss":4.3,"ports":[443],"summary":"Multiple cross-site scripting (XSS) vulnerabilities in the LeagueManager plugin 3.7 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) group parameter in the show-league page or (2) season parameter in the team page to wp-admin/admin.php.","verified":false},"CVE-2012-2759":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in login-with-ajax.php in the Login With Ajax (aka login-with-ajax) plugin before 3.0.4.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the callback parameter in a lostpassword action to wp-login.php.","verified":false},"CVE-2012-1786":{"cvss":5.0,"ports":[443],"summary":"The Media Upload form in the Video Embed & Thumbnail Generator plugin before 2.0 for WordPress allows remote attackers to obtain the installation path via unknown vectors.","verified":false},"CVE-2012-1785":{"cvss":7.5,"ports":[443],"summary":"kg_callffmpeg.php in the Video Embed & Thumbnail Generator plugin before 2.0 for WordPress allows remote attackers to execute arbitrary commands via unspecified vectors.","verified":false},"CVE-2012-1205":{"cvss":7.5,"ports":[443],"summary":"PHP remote file inclusion vulnerability in relocate-upload.php in Relocate Upload plugin before 0.20 for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter.","verified":false},"CVE-2012-1068":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in the rc_ajax function in core.php in the WP-RecentComments plugin before 2.0.7 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter, related to AJAX paging.","verified":false},"CVE-2012-1067":{"cvss":7.5,"ports":[443],"summary":"SQL injection vulnerability in the WP-RecentComments plugin 2.0.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter in an rc-content action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.","verified":false},"CVE-2012-1011":{"cvss":7.5,"ports":[443],"summary":"actions.php in the AllWebMenus plugin 1.1.8 for WordPress allows remote attackers to bypass intended access restrictions to upload and execute arbitrary PHP code by setting the HTTP_REFERER to a certain value, then uploading a ZIP file containing a PHP file, then accessing it via a direct request to the file in an unspecified directory.","verified":false},"CVE-2012-1010":{"cvss":7.5,"ports":[443],"summary":"Unrestricted file upload vulnerability in actions.php in the AllWebMenus plugin before 1.1.8 for WordPress allows remote attackers to execute arbitrary PHP code by uploading a ZIP file containing a PHP file, then accessing it via a direct request to the file in an unspecified directory.","verified":false},"CVE-2012-0934":{"cvss":7.5,"ports":[443],"summary":"PHP remote file inclusion vulnerability in ajax/savetag.php in the Theme Tuner plugin for WordPress before 0.8 allows remote attackers to execute arbitrary PHP code via a URL in the tt-abspath parameter.","verified":false},"CVE-2012-0898":{"cvss":5.0,"ports":[443],"summary":"Directory traversal vulnerability in meb_download.php in the myEASYbackup plugin 1.0.8.1 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the dwn_file parameter.","verified":false},"CVE-2012-0896":{"cvss":5.0,"ports":[443],"summary":"Absolute path traversal vulnerability in download.php in the Count Per Day module before 3.1.1 for WordPress allows remote attackers to read arbitrary files via the f parameter.","verified":false},"CVE-2012-0895":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in map/map.php in the Count Per Day module before 3.1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the map parameter.","verified":false},"CVE-2011-5082":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in the s2Member Pro plugin before 111220 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s2member_pro_authnet_checkout[coupon] parameter (aka Coupon Code field).","verified":false},"CVE-2011-5051":{"cvss":7.5,"ports":[443],"summary":"Multiple unrestricted file upload vulnerabilities in the WP Symposium plugin before 11.12.24 for WordPress allow remote attackers to execute arbitrary code by uploading a file with an executable extension using (1) uploadify/upload_admin_avatar.php or (2) uploadify/upload_profile_avatar.php, then accessing it via a direct request to the file in an unspecified directory inside the webroot.","verified":false},"CVE-2011-4803":{"cvss":7.5,"ports":[443],"summary":"SQL injection vulnerability in wptouch/ajax.php in the WPTouch plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.","verified":false},"CVE-2011-4673":{"cvss":7.5,"ports":[443],"summary":"SQL injection vulnerability in modules/sharedaddy.php in the Jetpack plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.","verified":false},"CVE-2011-4671":{"cvss":7.5,"ports":[443],"summary":"SQL injection vulnerability in adrotate/adrotate-out.php in the AdRotate plugin 3.6.6, and other versions before 3.6.8, for WordPress allows remote attackers to execute arbitrary SQL commands via the track parameter (aka redirect URL).","verified":false},"CVE-2011-4669":{"cvss":7.5,"ports":[443],"summary":"SQL injection vulnerability in wp-users.php in WordPress Users plugin 1.3 and possibly earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the uid parameter to index.php.","verified":false},"CVE-2011-4646":{"cvss":6.0,"ports":[443],"summary":"SQL injection vulnerability in wp-postratings.php in the WP-PostRatings plugin 1.50, 1.61, and probably other versions before 1.62 for WordPress allows remote authenticated users with the Author role to execute arbitrary SQL commands via the id attribute of the ratings shortcode when creating a post. NOTE: some of these details are obtained from third party information.","verified":false},"CVE-2011-4568":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in view/frontend-head.php in the Flowplayer plugin before 1.2.12 for WordPress allows remote attackers to inject arbitrary web script or HTML via the URI.","verified":false},"CVE-2011-4562":{"cvss":4.3,"ports":[443],"summary":"Multiple cross-site scripting (XSS) vulnerabilities in (1) view/admin/log_item.php and (2) view/admin/log_item_details.php in the Redirection plugin 2.2.9 for WordPress allow remote attackers to inject arbitrary web script or HTML via the Referer HTTP header in a request to a post that does not exist.","verified":false},"CVE-2011-3981":{"cvss":7.5,"ports":[443],"summary":"PHP remote file inclusion vulnerability in actions.php in the Allwebmenus plugin 1.1.3 for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter.","verified":false},"CVE-2011-3865":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in the Black-LetterHead theme before 1.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php.","verified":false},"CVE-2011-3864":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in the The Erudite theme before 2.7.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cpage parameter.","verified":false},"CVE-2011-3863":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in the RedLine theme before 1.66 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter.","verified":false},"CVE-2011-3862":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in the Morning Coffee theme before 3.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php.","verified":false},"CVE-2011-3861":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in the Web Minimalist 200901 theme before 1.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php.","verified":false},"CVE-2011-3860":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in the Cover WP theme before 1.6.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter.","verified":false},"CVE-2011-3859":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in the Trending theme before 0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cpage parameter.","verified":false},"CVE-2011-3858":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in the Pixiv Custom theme before 2.1.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter.","verified":false},"CVE-2011-3857":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in the Antisnews theme before 1.10 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter.","verified":false},"CVE-2011-3856":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in the Elegant Grunge theme before 1.0.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter.","verified":false},"CVE-2011-3855":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in the F8 Lite theme before 4.2.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter.","verified":false},"CVE-2011-3854":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in the ZenLite theme before 4.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter.","verified":false},"CVE-2011-3853":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in the Hybrid theme before 0.10 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cpage parameter.","verified":false},"CVE-2011-3852":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in the EvoLve theme before 1.2.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter.","verified":false},"CVE-2011-3851":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in the News theme before 0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cpage parameter.","verified":false},"CVE-2011-3850":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in the Atahualpa theme before 3.6.8 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter.","verified":false},"CVE-2011-1669":{"cvss":5.0,"ports":[443],"summary":"Directory traversal vulnerability in wp-download.php in the WP Custom Pages module 0.5.0.1 for WordPress allows remote attackers to read arbitrary files via ..%2F (encoded dot dot) sequences in the url parameter.","verified":false},"CVE-2011-1047":{"cvss":7.5,"ports":[443],"summary":"Multiple SQL injection vulnerabilities in VastHTML Forum Server (aka ForumPress) plugin 1.6.1 and 1.6.5 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) search_max parameter in a search action to index.php, which is not properly handled by wpf.class.php, (2) id parameter in an editpost action to index.php, which is not properly handled by wpf-post.php, or (3) topic parameter to feed.php.","verified":false},"CVE-2011-0760":{"cvss":4.3,"ports":[443],"summary":"Multiple cross-site request forgery (CSRF) vulnerabilities in the configuration screen in wp-relatedposts.php in the WP Related Posts plugin 1.0 for WordPress allow remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting (XSS) sequences via the (1) wp_relatedposts_title, (2) wp_relatedposts_num, or (3) wp_relatedposts_type parameter.","verified":false},"CVE-2011-0759":{"cvss":6.8,"ports":[443],"summary":"Multiple cross-site request forgery (CSRF) vulnerabilities in the configuration page in the Recaptcha (aka WP-reCAPTCHA) plugin 2.9.8.2 for WordPress allow remote attackers to hijack the authentication of administrators for requests that disable the CAPTCHA requirement or insert cross-site scripting (XSS) sequences via the (1) recaptcha_opt_pubkey, (2) recaptcha_opt_privkey, (3) re_tabindex, (4) error_blank, (5) error_incorrect, (6) mailhide_pub, (7) mailhide_priv, (8) mh_replace_link, or (9) mh_replace_title parameter.","verified":false},"CVE-2011-0740":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in magpie/scripts/magpie_slashbox.php in RSS Feed Reader 0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the rss_url parameter.","verified":false},"CVE-2011-0641":{"cvss":4.3,"ports":[443],"summary":"Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/admin.php in the StatPressCN plugin 1.9.0 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) what1, (2) what2, (3) what3, (4) what4, and (5) what5 parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.","verified":false},"CVE-2010-4875":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in vodpod-video-gallery/vodpod_gallery_thumbs.php in the Vodpod Video Gallery Plugin 3.1.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the gid parameter.","verified":false},"CVE-2010-4839":{"cvss":7.5,"ports":[443],"summary":"SQL injection vulnerability in the Event Registration plugin 5.32 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the event_id parameter in a register action.","verified":false},"CVE-2010-4825":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in magpie_debug.php in the Twitter Feed plugin (wp-twitter-feed) 0.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the url parameter.","verified":false},"CVE-2010-4779":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in lib/includes/auth.inc.php in the WPtouch plugin 1.9.19.4 and 1.9.20 for WordPress allows remote attackers to inject arbitrary web script or HTML via the wptouch_settings parameter to include/adsense-new.php. NOTE: some of these details are obtained from third party information.","verified":false},"CVE-2010-4747":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in wordpress-processing-embed/data/popup.php in the Processing Embed plugin 0.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the pluginurl parameter.","verified":false},"CVE-2010-4637":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in feedlist/handler_image.php in the FeedList plugin 2.61.01 for WordPress allows remote attackers to inject arbitrary web script or HTML via the i parameter.","verified":false},"CVE-2010-4630":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in pages/admin/surveys/create.php in the WP Survey And Quiz Tool plugin 1.2.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the action parameter.","verified":false},"CVE-2010-4518":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in wp-safe-search/wp-safe-search-jx.php in the Safe Search plugin 0.7 for WordPress allows remote attackers to inject arbitrary web script or HTML via the v1 parameter.","verified":false},"CVE-2010-4403":{"cvss":5.0,"ports":[443],"summary":"The Register Plus plugin 3.5.1 and earlier for WordPress allows remote attackers to obtain sensitive information via a direct request to (1) dash_widget.php and (2) register-plus.php, which reveals the installation path in an error message.","verified":false},"CVE-2010-4402":{"cvss":4.3,"ports":[443],"summary":"Multiple cross-site scripting (XSS) vulnerabilities in wp-login.php in the Register Plus plugin 3.5.1 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) firstname, (2) lastname, (3) website, (4) aim, (5) yahoo, (6) jabber, (7) about, (8) pass1, and (9) pass2 parameters in a register action.","verified":false},"CVE-2010-4277":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in lembedded-video.php in the Embedded Video plugin 4.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the content parameter to wp-admin/post.php.","verified":false},"CVE-2010-3977":{"cvss":4.3,"ports":[443],"summary":"Multiple cross-site scripting (XSS) vulnerabilities in wp-content/plugins/cforms/lib_ajax.php in cforms WordPress plugin 11.5 allow remote attackers to inject arbitrary web script or HTML via the (1) rs and (2) rsargs[] parameters.","verified":false},"CVE-2010-2924":{"cvss":7.5,"ports":[443],"summary":"SQL injection vulnerability in myLDlinker.php in the myLinksDump Plugin 1.2 for WordPress allows remote attackers to execute arbitrary SQL commands via the url parameter. NOTE: some of these details are obtained from third party information.","verified":false},"CVE-2010-1186":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in xml/media-rss.php in the NextGEN Gallery plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the mode parameter.","verified":false},"CVE-2010-0673":{"cvss":7.5,"ports":[443],"summary":"SQL injection vulnerability in cplphoto.php in the Copperleaf Photolog plugin 0.16, and possibly earlier, for WordPress allows remote attackers to execute arbitrary SQL commands via the postid parameter.","verified":false},"CVE-2009-4748":{"cvss":7.5,"ports":[443],"summary":"SQL injection vulnerability in mycategoryorder.php in the My Category Order plugin 2.8 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the parentID parameter in an act_OrderCategories action to wp-admin/post-new.php.","verified":false},"CVE-2009-4672":{"cvss":7.5,"ports":[443],"summary":"Directory traversal vulnerability in main.php in the WP-Lytebox plugin 1.3 for WordPress allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pg parameter.","verified":false},"CVE-2009-4424":{"cvss":7.5,"ports":[443],"summary":"SQL injection vulnerability in results.php in the Pyrmont plugin 2 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.","verified":false},"CVE-2009-4170":{"cvss":5.0,"ports":[443],"summary":"WP-Cumulus Plug-in 1.20 for WordPress, and possibly other versions, allows remote attackers to obtain sensitive information via a crafted request to wp-cumulus.php, probably without parameters, which reveals the installation path in an error message.","verified":false},"CVE-2009-4169":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in wp-cumulus.php in the WP-Cumulus Plug-in before 1.22 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.","verified":false},"CVE-2009-4168":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in Roy Tanck tagcloud.swf, as used in the WP-Cumulus plugin before 1.23 for WordPress and the Joomulus module 2.0 and earlier for Joomla!, allows remote attackers to inject arbitrary web script or HTML via the tagcloud parameter in a tags action. Cross-site scripting (XSS) vulnerability in tagcloud.swf in the WP-Cumulus Plug-in before 1.23 for WordPress allows remote attackers to inject arbitrary web script or HTML via the tagcloud parameter.","verified":false},"CVE-2009-3703":{"cvss":7.5,"ports":[443],"summary":"Multiple SQL injection vulnerabilities in the WP-Forum plugin before 2.4 for WordPress allow remote attackers to execute arbitrary SQL commands via (1) the search_max parameter in a search action to the default URI, related to wpf.class.php; (2) the forum parameter to an unspecified component, related to wpf.class.php; (3) the topic parameter in a viewforum action to the default URI, related to the remove_topic function in wpf.class.php; or the id parameter in a (4) editpost or (5) viewtopic action to the default URI, related to wpf-post.php.","verified":false},"CVE-2009-2852":{"cvss":6.8,"ports":[443],"summary":"WP-Syntax plugin 0.9.1 and earlier for Wordpress, with register_globals enabled, allows remote attackers to execute arbitrary PHP code via the test_filter[wp_head] array parameter to test/index.php, which is used in a call to the call_user_func_array function.","verified":false},"CVE-2009-2396":{"cvss":9.3,"ports":[443],"summary":"PHP remote file inclusion vulnerability in template/album.php in DM Albums 1.9.2, as used standalone or as a WordPress plugin, allows remote attackers to execute arbitrary PHP code via a URL in the SECURITY_FILE parameter.","verified":false},"CVE-2009-2383":{"cvss":7.5,"ports":[443],"summary":"SQL injection vulnerability in BTE_RW_webajax.php in the Related Sites plugin 2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the guid parameter.","verified":false},"CVE-2009-2144":{"cvss":7.5,"ports":[443],"summary":"SQL injection vulnerability in the FireStats plugin before 1.6.2-stable for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors.","verified":false},"CVE-2009-2143":{"cvss":7.5,"ports":[443],"summary":"PHP remote file inclusion vulnerability in firestats-wordpress.php in the FireStats plugin before 1.6.2-stable for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the fs_javascript parameter.","verified":false},"CVE-2009-2122":{"cvss":7.5,"ports":[443],"summary":"SQL injection vulnerability in viewimg.php in the Paolo Palmonari Photoracer plugin 1.0 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.","verified":false},"CVE-2009-0968":{"cvss":7.5,"ports":[443],"summary":"SQL injection vulnerability in fmoblog.php in the fMoblog plugin 2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: some of these details are obtained from third party information.","verified":false},"CVE-2008-7175":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in NextGEN Gallery 0.96 and earlier plugin for Wordpress allows remote attackers to inject arbitrary web script or HTML via the picture description field in a page edit action.","verified":false},"CVE-2008-7040":{"cvss":7.5,"ports":[443],"summary":"SQL injection vulnerability in ahah/sf-profile.php in the Yellow Swordfish Simple Forum module for Wordpress allows remote attackers to execute arbitrary SQL commands via the u parameter. NOTE: this issue was disclosed by an unreliable researcher, so the details might be incorrect.","verified":false},"CVE-2008-6811":{"cvss":6.8,"ports":[443],"summary":"Unrestricted file upload vulnerability in image_processing.php in the e-Commerce Plugin 3.4 and earlier for Wordpress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in wp-content/plugins/wp-shopping-cart/.","verified":false},"CVE-2008-5752":{"cvss":4.3,"ports":[443],"summary":"Directory traversal vulnerability in getConfig.php in the Page Flip Image Gallery plugin 0.2.2 and earlier for WordPress, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the book_id parameter. NOTE: some of these details are obtained from third party information.","verified":false},"CVE-2008-4734":{"cvss":7.5,"ports":[443],"summary":"Cross-site request forgery (CSRF) vulnerability in the wpcr_do_options_page function in WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to perform unauthorized actions as administrators via a request that sets the wpcr_hidden_form_input parameter.","verified":false},"CVE-2008-4733":{"cvss":4.3,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in wpcommentremix.php in WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the (1) replytotext, (2) quotetext, (3) originallypostedby, (4) sep, (5) maxtags, (6) tagsep, (7) tagheadersep, (8) taglabel, and (9) tagheaderlabel parameters.","verified":false},"CVE-2008-4732":{"cvss":7.5,"ports":[443],"summary":"SQL injection vulnerability in ajax_comments.php in the WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the p parameter.","verified":false},"CVE-2008-4625":{"cvss":7.5,"ports":[443],"summary":"SQL injection vulnerability in stnl_iframe.php in the ShiftThis Newsletter (st_newsletter) plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the newsletter parameter, a different vector than CVE-2008-0683.","verified":false},"CVE-2008-3844":{"cvss":9.3,"ports":[22],"summary":"Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.","verified":false},"CVE-2008-1982":{"cvss":7.5,"ports":[443],"summary":"SQL injection vulnerability in ss_load.php in the Spreadsheet (wpSS) 0.6 and earlier plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the ss_id parameter.","verified":false},"CVE-2007-5800":{"cvss":6.8,"ports":[443],"summary":"Multiple PHP remote file inclusion vulnerabilities in the BackUpWordPress 0.4.2b and earlier plugin for WordPress allow remote attackers to execute arbitrary PHP code via a URL in the bkpwp_plugin_path parameter to (1) plugins/BackUp/Archive.php; and (2) Predicate.php, (3) Writer.php, (4) Reader.php, and other unspecified scripts under plugins/BackUp/Archive/.","verified":false},"CVE-2007-2768":{"cvss":4.3,"ports":[22],"summary":"OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.","verified":false},"CVE-2007-2627":{"cvss":6.8,"ports":[443],"summary":"Cross-site scripting (XSS) vulnerability in sidebar.php in WordPress, when custom 404 pages that call get_sidebar are used, allows remote attackers to inject arbitrary web script or HTML via the query string (PHP_SELF), a different vulnerability than CVE-2007-1622.","verified":false}}; setupBannerCve(); setupVulns(VULNS); })();