admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-09-20 15:00:52 +00:00
parent 135ca4c9d1
commit 4168719109
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
27 changed files with 1824 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

67
2015/9xxx/CVE-2015-9384.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-9384",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The relevant plugin before 1.0.8 for WordPress has XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wpvulndb.com/vulnerabilities/8361",
"refsource": "MISC",
"name": "https://wpvulndb.com/vulnerabilities/8361"
},
{
"url": "https://wordpress.org/plugins/relevant/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/relevant/#developers"
}
]
}
}

67
2015/9xxx/CVE-2015-9385.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-9385",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The quotes-and-tips plugin before 1.20 for WordPress has XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wpvulndb.com/vulnerabilities/8359",
"refsource": "MISC",
"name": "https://wpvulndb.com/vulnerabilities/8359"
},
{
"url": "https://wordpress.org/plugins/quotes-and-tips/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/quotes-and-tips/#developers"
}
]
}
}

67
2015/9xxx/CVE-2015-9386.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-9386",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The mtouch-quiz plugin before 3.1.3 for WordPress has XSS via the quiz parameter during a Quiz Manage operation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wordpress.org/plugins/mtouch-quiz/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/mtouch-quiz/#developers"
},
{
"url": "https://www.davidsopas.com/multiple-vulns-on-mtouch-quiz-wordpress-plugin/",
"refsource": "MISC",
"name": "https://www.davidsopas.com/multiple-vulns-on-mtouch-quiz-wordpress-plugin/"
}
]
}
}

67
2015/9xxx/CVE-2015-9387.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-9387",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The mtouch-quiz plugin before 3.1.3 for WordPress has wp-admin/options-general.php CSRF."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wordpress.org/plugins/mtouch-quiz/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/mtouch-quiz/#developers"
},
{
"url": "https://www.davidsopas.com/multiple-vulns-on-mtouch-quiz-wordpress-plugin/",
"refsource": "MISC",
"name": "https://www.davidsopas.com/multiple-vulns-on-mtouch-quiz-wordpress-plugin/"
}
]
}
}

67
2015/9xxx/CVE-2015-9388.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-9388",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The mtouch-quiz plugin before 3.1.3 for WordPress has wp-admin/edit.php CSRF with resultant XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wordpress.org/plugins/mtouch-quiz/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/mtouch-quiz/#developers"
},
{
"url": "https://www.davidsopas.com/multiple-vulns-on-mtouch-quiz-wordpress-plugin/",
"refsource": "MISC",
"name": "https://www.davidsopas.com/multiple-vulns-on-mtouch-quiz-wordpress-plugin/"
}
]
}
}

67
2015/9xxx/CVE-2015-9389.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-9389",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The mtouch-quiz plugin before 3.1.3 for WordPress has XSS via a quiz name."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wordpress.org/plugins/mtouch-quiz/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/mtouch-quiz/#developers"
},
{
"url": "https://www.davidsopas.com/multiple-vulns-on-mtouch-quiz-wordpress-plugin/",
"refsource": "MISC",
"name": "https://www.davidsopas.com/multiple-vulns-on-mtouch-quiz-wordpress-plugin/"
}
]
}
}

67
2015/9xxx/CVE-2015-9390.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-9390",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The admin-management-xtended plugin before 2.4.0.1 for WordPress has privilege escalation because wp_ajax functions are mishandled."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wordpress.org/plugins/admin-management-xtended/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/admin-management-xtended/#developers"
},
{
"url": "https://security.szurek.pl/admin-management-xtended-240-privilege-escalation.html",
"refsource": "MISC",
"name": "https://security.szurek.pl/admin-management-xtended-240-privilege-escalation.html"
}
]
}
}

67
2015/9xxx/CVE-2015-9391.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-9391",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The yawpp plugin through 1.2.2 for WordPress has XSS via the field1 parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wpvulndb.com/vulnerabilities/8351",
"refsource": "MISC",
"name": "https://wpvulndb.com/vulnerabilities/8351"
},
{
"url": "https://wordpress.org/plugins/yawpp/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/yawpp/#developers"
}
]
}
}

67
2016/10xxx/CVE-2016-10996.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10996",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The optinmonster plugin before 1.1.4.6 for WordPress has incorrect access control for shortcodes because of a nonce leak."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wordpress.org/plugins/optinmonster/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/optinmonster/#developers"
},
{
"url": "http://www.pritect.net/blog/optinmonster-1-1-4-6-security-vulnerability",
"refsource": "MISC",
"name": "http://www.pritect.net/blog/optinmonster-1-1-4-6-security-vulnerability"
}
]
}
}

67
2016/10xxx/CVE-2016-10997.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10997",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The beauty-premium theme 1.0.8 for WordPress has CSRF with resultant arbitrary file upload in includes/sendmail.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wpvulndb.com/vulnerabilities/8412",
"refsource": "MISC",
"name": "https://wpvulndb.com/vulnerabilities/8412"
},
{
"refsource": "EXPLOIT-DB",
"name": "Exploit Database",
"url": "https://www.exploit-db.com/exploits/39552"
}
]
}
}

62
2016/10xxx/CVE-2016-10998.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10998",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ocim-mp3 plugin through 2016-03-07 for WordPress has wp-content/plugins/ocim-mp3/source/pages.php?id= XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wpvulndb.com/vulnerabilities/8425",
"refsource": "MISC",
"name": "https://wpvulndb.com/vulnerabilities/8425"
}
]
}
}

62
2016/10xxx/CVE-2016-10999.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10999",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Goodnews theme through 2016-02-28 for WordPress has XSS via the s parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.vulnerability-lab.com/get_content.php?id=1771",
"refsource": "MISC",
"name": "https://www.vulnerability-lab.com/get_content.php?id=1771"
}
]
}
}

67
2016/11xxx/CVE-2016-11000.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-11000",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The wp-ultimate-exporter plugin through 1.1 for WordPress has SQL injection via the export_type_name parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wordpress.org/plugins/wp-ultimate-exporter/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/wp-ultimate-exporter/#developers"
},
{
"url": "https://seclists.org/bugtraq/2016/Feb/183",
"refsource": "MISC",
"name": "https://seclists.org/bugtraq/2016/Feb/183"
}
]
}
}

67
2016/11xxx/CVE-2016-11001.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-11001",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The user-submitted-posts plugin before 20160215 for WordPress has XSS via the user-submitted-content field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wordpress.org/plugins/user-submitted-posts/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/user-submitted-posts/#developers"
},
{
"url": "https://www.securityfocus.com/archive/1/537616/30/0/threaded",
"refsource": "MISC",
"name": "https://www.securityfocus.com/archive/1/537616/30/0/threaded"
}
]
}
}

67
2016/11xxx/CVE-2016-11002.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-11002",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Elegant Themes Extra theme before 1.2.4 for WordPress has privilege escalation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wptavern.com/critical-security-vulnerability-discovered-in-elegant-themes-products",
"refsource": "MISC",
"name": "https://wptavern.com/critical-security-vulnerability-discovered-in-elegant-themes-products"
},
{
"url": "http://www.pritect.net/blog/elegant-themes-security-vulnerability",
"refsource": "MISC",
"name": "http://www.pritect.net/blog/elegant-themes-security-vulnerability"
}
]
}
}

67
2016/11xxx/CVE-2016-11003.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-11003",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Elegant Themes Bloom plugin before 1.1.1 for WordPress has privilege escalation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wptavern.com/critical-security-vulnerability-discovered-in-elegant-themes-products",
"refsource": "MISC",
"name": "https://wptavern.com/critical-security-vulnerability-discovered-in-elegant-themes-products"
},
{
"url": "http://www.pritect.net/blog/elegant-themes-security-vulnerability",
"refsource": "MISC",
"name": "http://www.pritect.net/blog/elegant-themes-security-vulnerability"
}
]
}
}

67
2016/11xxx/CVE-2016-11004.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-11004",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Elegant Themes Monarch plugin before 1.2.7 for WordPress has privilege escalation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wptavern.com/critical-security-vulnerability-discovered-in-elegant-themes-products",
"refsource": "MISC",
"name": "https://wptavern.com/critical-security-vulnerability-discovered-in-elegant-themes-products"
},
{
"url": "http://www.pritect.net/blog/elegant-themes-security-vulnerability",
"refsource": "MISC",
"name": "http://www.pritect.net/blog/elegant-themes-security-vulnerability"
}
]
}
}

67
2016/11xxx/CVE-2016-11005.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-11005",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The instalinker plugin before 1.1.2 for WordPress has includes/instalinker-admin-preview.php?client_id= XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wordpress.org/plugins/instalinker/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/instalinker/#developers"
},
{
"url": "https://rastating.github.io/instalinker-reflected-xss-information-disclosure/",
"refsource": "MISC",
"name": "https://rastating.github.io/instalinker-reflected-xss-information-disclosure/"
}
]
}
}

72
2016/11xxx/CVE-2016-11006.json Normal file
View File

@ -0,0 +1,72 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-11006",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control for admin_init settings changes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wpvulndb.com/vulnerabilities/8378",
"refsource": "MISC",
"name": "https://wpvulndb.com/vulnerabilities/8378"
},
{
"url": "https://wordpress.org/plugins/wp-invoice/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/wp-invoice/#developers"
},
{
"url": "http://www.pritect.net/blog/wp-invoice-4-1-1-security-vulnerabilities",
"refsource": "MISC",
"name": "http://www.pritect.net/blog/wp-invoice-4-1-1-security-vulnerabilities"
}
]
}
}

72
2016/11xxx/CVE-2016-11007.json Normal file
View File

@ -0,0 +1,72 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-11007",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_user_id for invoice retrieval."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wpvulndb.com/vulnerabilities/8378",
"refsource": "MISC",
"name": "https://wpvulndb.com/vulnerabilities/8378"
},
{
"url": "https://wordpress.org/plugins/wp-invoice/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/wp-invoice/#developers"
},
{
"url": "http://www.pritect.net/blog/wp-invoice-4-1-1-security-vulnerabilities",
"refsource": "MISC",
"name": "http://www.pritect.net/blog/wp-invoice-4-1-1-security-vulnerabilities"
}
]
}
}

72
2016/11xxx/CVE-2016-11008.json Normal file
View File

@ -0,0 +1,72 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-11008",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_paypal payer metadata updates."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wpvulndb.com/vulnerabilities/8378",
"refsource": "MISC",
"name": "https://wpvulndb.com/vulnerabilities/8378"
},
{
"url": "https://wordpress.org/plugins/wp-invoice/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/wp-invoice/#developers"
},
{
"url": "http://www.pritect.net/blog/wp-invoice-4-1-1-security-vulnerabilities",
"refsource": "MISC",
"name": "http://www.pritect.net/blog/wp-invoice-4-1-1-security-vulnerabilities"
}
]
}
}

72
2016/11xxx/CVE-2016-11009.json Normal file
View File

@ -0,0 +1,72 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-11009",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_interkassa payer metadata updates."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wpvulndb.com/vulnerabilities/8378",
"refsource": "MISC",
"name": "https://wpvulndb.com/vulnerabilities/8378"
},
{
"url": "https://wordpress.org/plugins/wp-invoice/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/wp-invoice/#developers"
},
{
"url": "http://www.pritect.net/blog/wp-invoice-4-1-1-security-vulnerabilities",
"refsource": "MISC",
"name": "http://www.pritect.net/blog/wp-invoice-4-1-1-security-vulnerabilities"
}
]
}
}

72
2016/11xxx/CVE-2016-11010.json Normal file
View File

@ -0,0 +1,72 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-11010",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_twocheckout payer metadata updates."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wpvulndb.com/vulnerabilities/8378",
"refsource": "MISC",
"name": "https://wpvulndb.com/vulnerabilities/8378"
},
{
"url": "https://wordpress.org/plugins/wp-invoice/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/wp-invoice/#developers"
},
{
"url": "http://www.pritect.net/blog/wp-invoice-4-1-1-security-vulnerabilities",
"refsource": "MISC",
"name": "http://www.pritect.net/blog/wp-invoice-4-1-1-security-vulnerabilities"
}
]
}
}

72
2016/11xxx/CVE-2016-11011.json Normal file
View File

@ -0,0 +1,72 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-11011",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The wp-invoice plugin before 4.1.1 for WordPress has wpi_update_user_option privilege escalation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wpvulndb.com/vulnerabilities/8378",
"refsource": "MISC",
"name": "https://wpvulndb.com/vulnerabilities/8378"
},
{
"url": "https://wordpress.org/plugins/wp-invoice/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/wp-invoice/#developers"
},
{
"url": "http://www.pritect.net/blog/wp-invoice-4-1-1-security-vulnerabilities",
"refsource": "MISC",
"name": "http://www.pritect.net/blog/wp-invoice-4-1-1-security-vulnerabilities"
}
]
}
}

67
2016/11xxx/CVE-2016-11012.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-11012",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The sola-support-tickets plugin before 3.13 for WordPress has incorrect access control for /wp-admin with resultant XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wpvulndb.com/vulnerabilities/8389",
"refsource": "MISC",
"name": "https://wpvulndb.com/vulnerabilities/8389"
},
{
"url": "https://wordpress.org/plugins/sola-support-tickets/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/sola-support-tickets/#developers"
}
]
}
}

67
2016/11xxx/CVE-2016-11013.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-11013",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The wp-listings plugin before 2.0.2 for WordPress has includes/views/single-listing.php XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wordpress.org/plugins/wp-listings/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/wp-listings/#developers"
},
{
"url": "https://github.com/agentevolution/wp-listings/pull/52",
"refsource": "MISC",
"name": "https://github.com/agentevolution/wp-listings/pull/52"
}
]
}
}

62
2019/16xxx/CVE-2019-16642.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-16642",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "App\\Mobile\\Controller\\ZhuantiController.class.php in TuziCMS 2.0.6 has SQL injection via the index.php/Mobile/Zhuanti/group?id= substring."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/yeyinshi/tuzicms/issues/6",
"refsource": "MISC",
"name": "https://github.com/yeyinshi/tuzicms/issues/6"
}
]
}
}