All Vulnerabilities

A cross-site scripting (XSS) vulnerability exists in Yoast plugin, used in WordPress, allow remote attackers to execute same-origin JavaScript functions via crafted parameter.
A persistent Cross Site Scripting (XSS) vulnerability has been found in the WooCommerce WordPress Plugin. An attacker can create a specially crafted image file which, when uploaded as a product image in WordPress, injects malicious JavaScript code into the application. An attacker can use this vulnerability to perform a wide variety of actions, such as stealing victims' session tokens or login credentials, and performing arbitrary actions on their behalf.
WordPress WangGuard Plugin Cross-Site Scripting Vulnerability
 Severity:    
 Date Published:  21 Sep 2016
A cross-site scripting (XSS) vulnerability exists in WangGuard plugin, used in WordPress, allow remote attackers to execute same-origin JavaScript functions via crafted parameter.
WordPress Uji Countdown Plugin Cross-Site Scripting Vulnerability
 Severity:    
 Date Published:  21 Sep 2016
A cross-site scripting (XSS) vulnerability exists in WordPress Uji plugin, allow remote attackers to execute same-origin JavaScript functions via crafted parameter. A successful attack could lead sensitive information disclosure.
WordPress Landing Pages Plugin Cross-Site Scripting Vulnerability
 Severity:    
 Date Published:  21 Sep 2016
A cross-site scripting (XSS) vulnerability exists in Landing Pages plugin, used in WordPress, allow remote attackers to execute same-origin JavaScript functions via crafted parameter.
WordPress FormBuilder Plugin Cross-Site Scripting Vulnerability
 Severity:    
 Date Published:  21 Sep 2016
A cross-site scripting (XSS) vulnerability exists in FormBuilder plugin, allow remote attackers to execute same-origin JavaScript functions via crafted parameter.
WordPress Count Per Day Plugin Cross-Site Scripting Vulnerability
 Severity:    
 Date Published:  21 Sep 2016
A cross-site scripting (XSS) vulnerability exists in Count Per Day plugin, used in WordPress, allow remote attackers to execute same-origin JavaScript functions via crafted parameter.
WordPress Core Ajax Handlers Path Traversal Vulnerability
 Severity:    
 Date Published:  21 Sep 2016
WordPress Core is prone to a directory traversal vulnerability. A successful exploit of this vulnerability could allow attackers to read arbitrary files on the computer.
WordPress All In One SEO Pack Plugin Persistent XSS Vulnerability
 Severity:    
 Date Published:  21 Sep 2016
A cross-site scripting (XSS) vulnerability exists in All In One SEO Pack plugin, used in WordPress, allow remote attackers to execute same-origin JavaScript functions via crafted parameter.
WordPress Activity Log Plugin Cross-Site Scripting Vulnerability
 Severity:    
 Date Published:  21 Sep 2016
A cross-site scripting (XSS) vulnerability exists in WordPress Activity Log plugin, allow remote attackers to execute same-origin JavaScript functions via crafted parameter. A successful attack could lead sensitive information disclosure.