Search
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2010-1186 | medium | — | 5.3 | EXP | alex_rabewordpress | 16y ago | Cross-site scripting (XSS) vulnerability in xml/media-rss.php in the NextGEN Gallery plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the mode para… | |
| CVE-2010-0682 | medium | — | 5.0 | EXPFIX | debian | wordpress | 17y ago | WordPress 2.9 before 2.9.2 allows remote authenticated users to read trash posts from other authors via a direct request with a modified p parameter. |