|
249631
|
7.5 |
HIGH
Network
|
ultimatemember
|
user_profile_\&_membership
|
Directory traversal vulnerability in the AJAX function of Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote attackers to read arbitrary files via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2018-0588
|
2024-11-21 12:38 |
2018-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249632
|
4.3 |
MEDIUM
Network
|
ultimatemember
|
user_profile_\&_membership
|
Unrestricted file upload vulnerability in Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote authenticated users to upload arbitrary image files via unspecified vectors.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2018-0587
|
2024-11-21 12:38 |
2018-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249633
|
4.3 |
MEDIUM
Network
|
ultimatemember
|
user_profile_\&_membership
|
Directory traversal vulnerability in the shortcodes function of Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote authenticated attackers to read arbitrary files via unspecifi…
|
CWE-22
Path Traversal
|
CVE-2018-0586
|
2024-11-21 12:38 |
2018-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249634
|
5.4 |
MEDIUM
Network
|
ultimatemember
|
ultimate_member
|
Cross-site scripting vulnerability in Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2018-0585
|
2024-11-21 12:38 |
2018-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249635
|
6.1 |
MEDIUM
Network
|
asus
|
rt-ac1200hp_firmware
|
Cross-site scripting vulnerability in ASUS RT-AC1200HP Firmware version prior to 3.0.0.4.380.4180 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2018-0583
|
2024-11-21 12:38 |
2018-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249636
|
6.1 |
MEDIUM
Network
|
asus
|
rt-ac68u_firmware
|
Cross-site scripting vulnerability in ASUS RT-AC68U Firmware version prior to 3.0.0.4.380.1031 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2018-0582
|
2024-11-21 12:38 |
2018-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249637
|
6.1 |
MEDIUM
Network
|
asus
|
rt-ac87u_firmware
|
Cross-site scripting vulnerability in ASUS RT-AC87U Firmware version prior to 3.0.0.4.378.9383 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2018-0581
|
2024-11-21 12:38 |
2018-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249638
|
6.1 |
MEDIUM
Network
|
webdados
|
open_graph_for_facebook\
_google\+_and_twitter_card_tags
|
Cross-site scripting vulnerability in Open Graph for Facebook, Google+ and Twitter Card Tags plugin prior to version 2.2.4.1 for WordPress allows remote attackers to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2018-0579
|
2024-11-21 12:38 |
2018-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249639
|
7.8 |
HIGH
Local
|
celsys
|
clip_studio_paint
clip_studio_action
clip_studio_modeler
|
Untrusted search path vulnerability in CELSYS, Inc CLIP STUDIO series (CLIP STUDIO PAINT (for Windows) EX/PRO/DEBUT Ver.1.7.3 and earlier, CLIP STUDIO ACTION (for Windows) Ver.1.5.5 and earlier, with…
|
CWE-426
Untrusted Search Path
|
CVE-2018-0580
|
2024-11-21 12:38 |
2018-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249640
|
5.4 |
MEDIUM
Network
|
pixelyoursite
|
pixelyoursite
|
Cross-site scripting vulnerability in PixelYourSite plugin prior to version 5.3.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2018-0578
|
2024-11-21 12:38 |
2018-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
