Vulnerabilities (CVE)

  1. Yack CVE
  2. Vulnerabilities (CVE)
Filtered by CWE-79
Angry Yack Logo
Total 42233 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-10976 1 Kodebyraaet 1 Safe Editor 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The safe-editor plugin before 1.2 for WordPress has no se_save authentication, with resultant XSS.
CVE-2016-10975 1 Tonjoostudio 1 Fluid-responsive-slideshow 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The fluid-responsive-slideshow plugin before 2.2.7 for WordPress has reflected XSS via the skin parameter.
CVE-2016-10973 1 Brafton 1 Brafton 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The Brafton plugin before 3.4.8 for WordPress has XSS via the wp-admin/admin.php?page=BraftonArticleLoader tab parameter to BraftonAdminPage.php.
CVE-2016-10970 1 Supportflow Project 1 Supportflow 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The supportflow plugin before 0.7 for WordPress has XSS via a ticket excerpt.
CVE-2016-10969 1 Supportflow Project 1 Supportflow 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The supportflow plugin before 0.7 for WordPress has XSS via a discussion ticket title.
CVE-2016-10967 1 Creativeinteractivemedia 1 Real3d Flipbook 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The real3d-flipbook-lite plugin 1.0 for WordPress has XSS via the wp-content/plugins/real3d-flipbook/includes/flipbooks.php bookId parameter.
CVE-2016-10964 1 Findshorty 1 Dwnldr 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The dwnldr plugin before 1.01 for WordPress has XSS via the User-Agent HTTP header.
CVE-2016-10963 1 Icegram 1 Icegram Engage 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The icegram plugin before 1.9.19 for WordPress has XSS.
CVE-2016-10961 1 Inkthemes 1 Colorway 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The colorway theme before 3.4.2 for WordPress has XSS via the contactName parameter.
CVE-2016-10957 1 Akal Project 1 Akal 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The Akal theme through 2016-08-22 for WordPress has XSS via the framework/brad-shortcodes/tinymce/preview.php sc parameter.
CVE-2016-10953 1 Headwaythemes 1 Headway 2024-11-21 3.5 LOW 5.4 MEDIUM
The Headway theme before 3.8.9 for WordPress has XSS via the license key field.
CVE-2016-10952 1 Quotes Collection Project 1 Quotes Collection 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The quotes-collection plugin before 2.0.6 for WordPress has XSS via the wp-admin/admin.php?page=quotes-collection page parameter.
CVE-2016-10941 1 Podlove 1 Podlove Podcast Publisher 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The podlove-podcasting-plugin-for-wordpress plugin before 2.3.16 for WordPress has XSS exploitable via CSRF.
CVE-2016-10936 1 Wp-polls Project 1 Wp-polls 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The wp-polls plugin before 2.73.1 for WordPress has XSS via the Poll bar option.
CVE-2016-10934 1 Check Email Project 1 Check Email 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The check-email plugin before 0.5.2 for WordPress has XSS.
CVE-2016-10925 1 Profilepress 1 Loginwp 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The peters-login-redirect plugin before 2.9.1 for WordPress has XSS during the editing of redirect URLs.
CVE-2016-10920 1 Sir 1 Gnucommerce 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The gnucommerce plugin before 0.5.7-BETA for WordPress has XSS.
CVE-2016-10919 1 Wassup Real Time Analytics Project 1 Wassup Real Time Analytics 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The wassup plugin before 1.9.1 for WordPress has XSS via the Top stats widget or the wassupURI::add_siteurl method, a different vulnerability than CVE-2012-2633.
CVE-2016-10913 1 Joomunited 1 Wp Latest Posts 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The wp-latest-posts plugin before 3.7.5 for WordPress has XSS.
CVE-2016-10912 1 Matchboxdesigngroup 1 Universal Analytics 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The universal-analytics plugin before 1.3.1 for WordPress has XSS.
CVE-2016-10911 1 Cozmoslabs 1 Profile Builder 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The profile-builder plugin before 2.4.2 for WordPress has multiple XSS issues.
CVE-2016-10910 1 Formbuilder Project 1 Formbuilder 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The formbuilder plugin before 1.06 for WordPress has multiple XSS issues.
CVE-2016-10908 1 Codepeople 1 Booking Calendar Contact Form 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The booking-calendar-contact-form plugin before 1.0.24 for WordPress has XSS.
CVE-2016-10901 1 Gowebsolutions 1 Wp Customer Reviews 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The wp-customer-reviews plugin before 3.0.9 for WordPress has XSS in the admin tools.
CVE-2016-10900 1 Wpmanage 1 Uji Countdown 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The uji-countdown plugin before 2.0.7 for WordPress has XSS.
CVE-2016-10898 1 Fabrix 1 Total Security 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The total-security plugin before 3.4.1 for WordPress has XSS.
CVE-2016-10897 1 Sermon Browser Project 1 Sermon Browser 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The sermon-browser plugin before 0.45.16 for WordPress has multiple XSS issues.
CVE-2016-10896 1 Clogica 1 Seo Redirection 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The seo-redirection plugin before 4.3 for WordPress has stored XSS.
CVE-2016-10895 1 Optiontree Project 1 Optiontree 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The option-tree plugin before 2.6.0 for WordPress has XSS via an add_list_item or add_social_links AJAX request.
CVE-2016-10893 1 Crayon Syntax Highlighter Project 1 Crayon Syntax Highlighter 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The crayon-syntax-highlighter plugin before 2.8.4 for WordPress has multiple XSS issues via AJAX requests.
CVE-2016-10892 1 Kibokolabs 1 Chained Quiz 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The chained-quiz plugin before 1.0 for WordPress has multiple XSS issues.
CVE-2016-10891 1 Pojo 1 Activity Log 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The aryo-activity-log plugin before 2.3.3 for WordPress has XSS.
CVE-2016-10890 1 Pojo 1 Activity Log 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The aryo-activity-log plugin before 2.3.2 for WordPress has XSS.
CVE-2016-10881 1 Google Doc Embedder Project 1 Google Doc Embedder 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The google-document-embedder plugin before 2.6.2 for WordPress has XSS.
CVE-2016-10880 1 Google Doc Embedder Project 1 Google Doc Embedder 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The google-document-embedder plugin before 2.6.1 for WordPress has XSS.
CVE-2016-10879 1 3cx 1 Live Chat 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The wp-live-chat-support plugin before 6.2.02 for WordPress has XSS.
CVE-2016-10877 1 Wp Editor Project 1 Wp Editor 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The wp-editor plugin before 1.2.6.3 for WordPress has multiple XSS issues.
CVE-2016-10875 1 Wpseeds 1 Wp Database Backup 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The wp-database-backup plugin before 4.3.1 for WordPress has XSS.
CVE-2016-10873 1 Wpseeds 1 Wp Database Backup 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The wp-database-backup plugin before 4.3.3 for WordPress has XSS.
CVE-2016-10872 1 Ultimatemember 1 Ultimate Member 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The ultimate-member plugin before 1.3.40 for WordPress has XSS on the login form.