Unrestricted file upload vulnerability in Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote authenticated users to upload arbitrary image files via unspecified vectors. Date published : 2018-05-14 Ultimate Member – User...
Directory traversal vulnerability in the shortcodes function of Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote authenticated attackers to read arbitrary files via unspecified vectors. Date published : 2018-05-14 Ultimate Member...
Cross-site scripting vulnerability in Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Date published : 2018-05-14 Ultimate Member – User...
Cross-site scripting vulnerability in ASUS RT-AC1200HP Firmware version prior to 3.0.0.4.380.4180 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Date published : 2018-05-14 http://jvn.jp/en/jp/JVN34562916/index.html https://www.asus.com/Networking/RTAC1200HP/HelpDesk_BIOS/
Cross-site scripting vulnerability in ASUS RT-AC68U Firmware version prior to 3.0.0.4.380.1031 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Date published : 2018-05-14 http://jvn.jp/en/jp/JVN73742314/index.html https://www.asus.com/Networking/RTAC68U/HelpDesk_BIOS/
Cross-site scripting vulnerability in ASUS RT-AC87U Firmware version prior to 3.0.0.4.378.9383 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Date published : 2018-05-14 http://jvn.jp/en/jp/JVN33901663/index.html https://www.asus.com/Networking/RTAC87U/HelpDesk_BIOS/
Untrusted search path vulnerability in CELSYS, Inc CLIP STUDIO series (CLIP STUDIO PAINT (for Windows) EX/PRO/DEBUT Ver.1.7.3 and earlier, CLIP STUDIO ACTION (for Windows) Ver.1.5.5 and earlier, with its timestamp prior to April 25,...
Cross-site scripting vulnerability in Open Graph for Facebook, Google+ and Twitter Card Tags plugin prior to version 2.2.4.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Date...
Cross-site scripting vulnerability in PixelYourSite plugin prior to version 5.3.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Date published : 2018-05-14 PixelYourSite – Your smart PIXEL...
Cross-site scripting vulnerability in WP Google Map Plugin prior to version 4.0.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Date published : 2018-05-14 http://jvn.jp/en/jp/JVN01040170/index.html WP Maps...
Cross-site scripting vulnerability in Events Manager plugin prior to version 5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Date published : 2018-05-14 Events Manager – Calendar,...
Unrestricted file upload vulnerability in SiteBridge Inc. Joruri Gw Ver 3.2.0 and earlier allows remote authenticated users to execute arbitrary PHP code via unspecified vectors. Date published : 2018-05-14 http://jvn.jp/en/jp/JVN95589314/index.html https://github.com/joruri/joruri-gw/blob/master/doc/INSTALL.txt
In Exiv2 0.26, the Exiv2::PngImage::printStructure function in pngimage.cpp allows remote attackers to cause an information leak via a crafted file. Date published : 2018-05-13 https://security.gentoo.org/glsa/201811-14 https://github.com/Exiv2/exiv2/issues/307
In 2345 Security Guard 3.7, the driver file (2345NsProtect.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from...