|
223121
|
5.5 |
MEDIUM
Local
|
google
|
android
|
On Samsung mobile devices with N(7.x), and O(8.x), P(9.0) software, FotaAgent allows a malicious application to create privileged files. The Samsung ID is SVE-2019-14764.
|
NVD-CWE-noinfo
|
CVE-2019-14783
|
2024-11-21 13:27 |
2019-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223122
|
6.1 |
MEDIUM
Network
|
getwooplugins
|
woo-variation-swatches
|
The woo-variation-swatches (aka Variation Swatches for WooCommerce) plugin 1.0.61 for WordPress allows XSS via the wp-admin/admin.php?page=woo-variation-swatches-settings tab parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2019-14774
|
2024-11-21 13:27 |
2019-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223123
|
7.5 |
HIGH
Network
|
webcraftic
|
woody_ad_snippets
|
admin/includes/class.actions.snippet.php in the "Woody ad snippets" plugin through 2.2.5 for WordPress allows wp-admin/admin-post.php?action=close&post= deletion.
|
NVD-CWE-noinfo
|
CVE-2019-14773
|
2024-11-21 13:27 |
2019-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223124
|
5.7 |
MEDIUM
Network
|
codection
|
import_users_from_csv_with_meta
|
The codection "Import users from CSV with meta" plugin before 1.14.2.2 for WordPress allows wp-admin/admin-ajax.php?action=acui_delete_attachment CSRF.
|
CWE-352
Origin Validation Error
|
CVE-2019-14683
|
2024-11-21 13:27 |
2019-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223125
|
4.3 |
MEDIUM
Network
|
acf\
|
_better_search_project
|
The acf-better-search (aka ACF: Better Search) plugin before 3.3.1 for WordPress allows wp-admin/options-general.php?page=acfbs_admin_page CSRF.
|
CWE-352
Origin Validation Error
|
CVE-2019-14682
|
2024-11-21 13:27 |
2019-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223126
|
8.8 |
HIGH
Network
|
deny_all_firewall_project
|
deny_all_firewall
|
The Deny All Firewall plugin before 1.1.7 for WordPress allows wp-admin/options-general.php?page=daf_settings&daf_remove=true CSRF.
|
CWE-352
Origin Validation Error
|
CVE-2019-14681
|
2024-11-21 13:27 |
2019-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223127
|
5.7 |
MEDIUM
Network
|
mijnpress
|
admin-renamer-extended
|
The admin-renamer-extended (aka Admin renamer extended) plugin 3.2.1 for WordPress allows wp-admin/plugins.php?page=admin-renamer-extended/admin.php CSRF.
|
CWE-352
Origin Validation Error
|
CVE-2019-14680
|
2024-11-21 13:27 |
2019-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223128
|
6.5 |
MEDIUM
Network
|
reputeinfosystems
|
arprice_lite
|
core/views/arprice_import_export.php in the ARPrice Lite plugin 2.2 for WordPress allows wp-admin/admin.php?page=arplite_import_export CSRF.
|
CWE-352
Origin Validation Error
|
CVE-2019-14679
|
2024-11-21 13:27 |
2019-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223129
|
8.1 |
HIGH
Network
|
zohocorp
|
manageengine_assetexplorer
|
Zoho ManageEngine AssetExplorer 6.2.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing license XML data. A remote attacker could exploit this vulnerability to expose sen…
|
CWE-611
XXE
|
CVE-2019-14693
|
2024-11-21 13:27 |
2019-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223130
|
6.1 |
MEDIUM
Network
|
verdaccio
|
verdaccio
|
verdaccio before 3.12.0 allows XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2019-14772
|
2024-11-21 13:27 |
2019-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
