The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date |
|---|---|---|---|
| CVE-2017-18567 | The wp-all-import plugin before 3.4.6 for WordPress has XSS. | MEDIUM | Aug 22, 2019 |
| CVE-2017-18566 | The user-role plugin before 1.5.6 for WordPress has multiple XSS issues. | MEDIUM | Aug 21, 2019 |
| CVE-2017-18565 | The updater plugin before 1.35 for WordPress has multiple XSS issues. | MEDIUM | Aug 21, 2019 |
| CVE-2017-18564 | The sender plugin before 1.2.1 for WordPress has multiple XSS issues. | MEDIUM | Aug 23, 2019 |
| CVE-2017-18563 | The rsvp plugin before 2.3.8 for WordPress has persistent XSS via the note field on the attendee-list screen. | MEDIUM | Aug 23, 2019 |
| CVE-2017-18562 | The error-log-viewer plugin before 1.0.6 for WordPress has multiple XSS issues. | MEDIUM | Aug 22, 2019 |
| CVE-2017-18561 | The embed-comment-images plugin before 0.6 for WordPress has XSS. | MEDIUM | Aug 22, 2019 |
| CVE-2017-18560 | The content-audit plugin before 1.9.2 for WordPress has XSS. | MEDIUM | Aug 21, 2019 |
| CVE-2017-18559 | The cforms2 plugin before 14.13.3 for WordPress has multiple XSS issues. | MEDIUM | Aug 22, 2019 |
| CVE-2017-18558 | The bws-testimonials plugin before 0.1.9 for WordPress has multiple XSS issues. | MEDIUM | Aug 21, 2019 |
| CVE-2017-18557 | The bws-google-maps plugin before 1.3.6 for WordPress has multiple XSS issues. | MEDIUM | Aug 21, 2019 |
| CVE-2017-18556 | The bws-google-analytics plugin before 1.7.1 for WordPress has multiple XSS issues. | MEDIUM | Aug 21, 2019 |
| CVE-2017-18555 | The booking-sms plugin before 1.1.0 for WordPress has XSS. | MEDIUM | Aug 21, 2019 |
| CVE-2017-18554 | The analytics-tracker plugin before 1.1.1 for WordPress has XSS via a search event. | MEDIUM | Aug 21, 2019 |
| CVE-2017-18553 | The ad-buttons plugin before 2.3.2 for WordPress has XSS. | MEDIUM | Aug 21, 2019 |
| CVE-2017-18552 | An issue was discovered in net/rds/af_rds.c in the Linux kernel before 4.11. There is an out of bounds write and read in the function rds_recv_track_latency. | Medium | Aug 23, 2019 |
| CVE-2017-18551 | An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux kernel before 4.14.15. There is an out of bounds write in the function i2c_smbus_xfer_emulated. | Medium | Aug 23, 2019 |
| CVE-2017-18550 | An issue was discovered in drivers/scsi/aacraid/commctrl.c in the Linux kernel before 4.13. There is potential exposure of kernel stack memory because aac_get_hba_info does not initialize the hbainfo structure. | Low | Aug 23, 2019 |
| CVE-2017-18549 | An issue was discovered in drivers/scsi/aacraid/commctrl.c in the Linux kernel before 4.13. There is potential exposure of kernel stack memory because aac_send_raw_srb does not initialize the reply structure. | Low | Aug 23, 2019 |
| CVE-2017-18548 | The note-press plugin before 0.1.2 for WordPress has SQL injection. | HIGH | Aug 16, 2019 |
| CVE-2017-18547 | The nelio-ab-testing plugin before 4.6.4 for WordPress has CSRF in experiment forms. | MEDIUM | Aug 21, 2019 |
| CVE-2017-18546 | The jayj-quicktag plugin before 1.3.2 for WordPress has CSRF. | MEDIUM | Aug 21, 2019 |
| CVE-2017-18545 | The invite-anyone plugin before 1.3.16 for WordPress has incorrect escaping of untrusted Dashboard and front-end input. | MEDIUM | Aug 21, 2019 |
| CVE-2017-18544 | The invite-anyone plugin before 1.3.16 for WordPress has admin-panel CSRF. | MEDIUM | Aug 21, 2019 |
| CVE-2017-18543 | The invite-anyone plugin before 1.3.16 for WordPress has incorrect access control for email-based invitations. | HIGH | Aug 21, 2019 |
| CVE-2017-18542 | The zendesk-help-center plugin before 1.0.5 for WordPress has multiple XSS issues. | MEDIUM | Aug 21, 2019 |
| CVE-2017-18541 | The xo-security plugin before 1.5.3 for WordPress has XSS. | MEDIUM | Aug 21, 2019 |
| CVE-2017-18540 | The weblibrarian plugin before 3.4.8.7 for WordPress has XSS via front-end short codes. | MEDIUM | Aug 28, 2019 |
| CVE-2017-18539 | The weblibrarian plugin before 3.4.8.6 for WordPress has XSS via front-end short codes. | MEDIUM | Aug 21, 2019 |
| CVE-2017-18538 | The weblibrarian plugin before 3.4.8.5 for WordPress has XSS via front-end short codes. | MEDIUM | Aug 21, 2019 |
| CVE-2017-18537 | The visitors-online plugin before 1.0.0 for WordPress has multiple XSS issues. | MEDIUM | Aug 21, 2019 |
| CVE-2017-18536 | The stop-user-enumeration plugin before 1.3.8 for WordPress has XSS. | MEDIUM | Aug 21, 2019 |
| CVE-2017-18535 | The smokesignal plugin before 1.2.7 for WordPress has XSS. | MEDIUM | Aug 22, 2019 |
| CVE-2017-18534 | The share-on-diaspora plugin before 0.7.2 for WordPress has reflected XSS in share URL parameters. | MEDIUM | Aug 23, 2019 |
| CVE-2017-18533 | The rimons-twitter-widget plugin before 1.3 for WordPress has XSS. | MEDIUM | Aug 21, 2019 |
| CVE-2017-18532 | The realty plugin before 1.1.0 for WordPress has multiple XSS issues. | MEDIUM | Aug 21, 2019 |
| CVE-2017-18531 | The raygun4wp plugin before 1.8.3 for WordPress has XSS in the settings, a different issue than CVE-2017-9288. | MEDIUM | Aug 22, 2019 |
| CVE-2017-18530 | The rating-bws plugin before 0.2 for WordPress has multiple XSS issues. | MEDIUM | Aug 22, 2019 |
| CVE-2017-18529 | The promobar plugin before 1.1.1 for WordPress has multiple XSS issues. | MEDIUM | Aug 22, 2019 |
| CVE-2017-18528 | The pdf-print plugin before 1.9.4 for WordPress has multiple XSS issues. | MEDIUM | Aug 22, 2019 |
| CVE-2017-18527 | The pagination plugin before 1.0.7 for WordPress has multiple XSS issues. | MEDIUM | Aug 22, 2019 |
| CVE-2017-18526 | The moreads-se plugin before 1.4.7 for WordPress has XSS. | MEDIUM | Aug 22, 2019 |
| CVE-2017-18525 | The megamenu plugin before 2.4 for WordPress has XSS. | MEDIUM | Aug 22, 2019 |
| CVE-2017-18524 | The football-pool plugin before 2.6.5 for WordPress has multiple XSS issues. | MEDIUM | Aug 22, 2019 |
| CVE-2017-18523 | The eelv-newsletter plugin before 4.6.1 for WordPress has CSRF in the address book. | MEDIUM | Aug 22, 2019 |
| CVE-2017-18522 | The eelv-newsletter plugin before 4.6.1 for WordPress has XSS in the address book. | MEDIUM | Aug 22, 2019 |
| CVE-2017-18521 | The democracy-poll plugin before 5.4 for WordPress has CSRF via wp-admin/options-general.php?page=democracy-poll&subpage=l10n. | MEDIUM | Aug 23, 2019 |
| CVE-2017-18520 | The democracy-poll plugin before 5.4 for WordPress has XSS via update_l10n in admin/class.DemAdminInit.php. | MEDIUM | Aug 22, 2019 |
| CVE-2017-18519 | The customer-area plugin before 7.4.3 for WordPress has XSS via admin pages. | MEDIUM | Aug 22, 2019 |
| CVE-2017-18518 | The bws-smtp plugin before 1.1.0 for WordPress has multiple XSS issues. | MEDIUM | Aug 22, 2019 |
