• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2018-11580

February 26, 2023 by

An issue was discovered in mass-pages-posts-creator.php in the MULTIDOTS Mass Pages/Posts Creator plugin 1.2.2 for WordPress. Any logged in user can launch Mass Pages/Posts creation with custom content. There is no nonce or user capability check, so anyone can launch a DoS attack against a site and create hundreds of thousands of posts with custom content.

CVE-2018-11581

February 26, 2023 by

Cross-site scripting (XSS) vulnerability on Brother HL series printers allows remote attackers to inject arbitrary web script or HTML via the url parameter to etc/loginerror.html.

CVE-2018-11512

February 26, 2023 by

Stored cross-site scripting (XSS) vulnerability in the “Website’s name” field found in the “Settings” page under the “General” menu in Creatiwity wityCMS 0.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted website name by doing an authenticated POST HTTP request to admin/settings/general.

CVE-2018-11522

February 26, 2023 by

Yosoro 1.0.4 has stored XSS.

CVE-2018-11532

February 26, 2023 by

An issue was discovered in the ChangUonDyU Advanced Statistics plugin 1.0.2 for MyBB. changstats.php has XSS, as demonstrated by a subject field.

CVE-2018-11549

February 26, 2023 by

An issue was discovered in WUZHI CMS 4.1.0 There is a Stored XSS Vulnerability in “Account Settings -> Member Centre -> Chinese information -> Ordinary member” via a QQ number, as demonstrated by a form[qq_10]= substring.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 511
  • Go to page 512
  • Go to page 513
  • Go to page 514
  • Go to page 515
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE