Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2019-04-15 CVE-2018-17586 Cross-site Scripting vulnerability in Wpfastestcache WP Fastest Cache 0.8.8.5
The WP Fastest Cache plugin 0.8.8.5 for WordPress has XSS via the rules[0][content] parameter in a wpfc_save_timeout_pages action.
network
low complexity
wpfastestcache CWE-79
6.1
6.1
2019-04-15 CVE-2018-17585 Cross-site Scripting vulnerability in Wpfastestcache WP Fastest Cache 0.8.8.5
The WP Fastest Cache plugin 0.8.8.5 for WordPress has XSS via the wpfastestcacheoptions wpFastestCachePreload_number or wpFastestCacheLanguage parameter.
network
low complexity
wpfastestcache CWE-79
6.1
6.1
2019-04-15 CVE-2018-17583 Cross-site Scripting vulnerability in Wpfastestcache WP Fastest Cache 0.8.8.5
The WP Fastest Cache plugin 0.8.8.5 for WordPress has XSS via the rules[0][content] parameter in a wpfc_save_exclude_pages action.
network
low complexity
wpfastestcache CWE-79
6.1
6.1
2019-04-15 CVE-2018-18261 Cross-site Scripting vulnerability in Bijiadao Waimai Super CMS 20150505
In waimai Super Cms 20150505, there is an XSS vulnerability via the /admin.php/Foodcat/addsave fcname parameter.
network
low complexity
bijiadao CWE-79
6.1
6.1
2019-04-12 CVE-2018-16259 Cross-site Scripting vulnerability in Soflyy WP ALL Import 3.4.9
There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via pmxi-admin-settings large_feed_limit.
network
low complexity
soflyy CWE-79
6.1
6.1
2019-04-12 CVE-2018-16258 Cross-site Scripting vulnerability in Soflyy WP ALL Import 3.4.9
There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via pmxi-admin-import custom_type.
network
low complexity
soflyy CWE-79
6.1
6.1
2019-04-12 CVE-2018-16257 Cross-site Scripting vulnerability in Soflyy WP ALL Import 3.4.9
There are multiple XSS vulnerabilities in WP All Import plugin 3.4.9 for WordPress via action=template.
network
low complexity
soflyy CWE-79
6.1
6.1
2019-04-12 CVE-2018-16256 Cross-site Scripting vulnerability in Soflyy WP ALL Import 3.4.9
There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via Add Filtering Options(Add Rule).
network
low complexity
soflyy CWE-79
6.1
6.1
2019-04-12 CVE-2018-16255 Cross-site Scripting vulnerability in Soflyy WP ALL Import 3.4.9
There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via action=evaluate.
network
low complexity
soflyy CWE-79
6.1
6.1
2019-04-12 CVE-2018-16254 Cross-site Scripting vulnerability in Soflyy WP ALL Import 3.4.9
There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via action=options.
network
low complexity
soflyy CWE-79
6.1
6.1