Weekly Update: a new vulnerability is published on the National Vulnerability Database (41 items)

New vulnerabilities from the NVD: CVE-2015-9456 The orbisius-child-theme-creator plugin before 1.2.8 for WordPress has incorrect access control for file modification via the wp-admin/admin-ajax.php?action=orbisius_ctc_theme_editor_ajax&sub_cmd=save_file theme_1, theme_1_file, or theme_1_file_contents parameter. Published at: October 07, 2019 at 06:15PM View on website October 08, 2019 at 05:16PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2015-9455 The buddypress-activity-plus plugin before 1.6.2 for WordPress has CSRF with resultant directory traversal via the wp-admin/admin-ajax.php bpfb_photos[] parameter in a bpfb_remove_temp_images action. Published at: October 07, 2019 at 06:15PM View on website October 08, 2019 at 05:16PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2015-9454 The smooth-slider plugin before 2.7 for WordPress has SQL Injection via the wp-admin/admin.php?page=smooth-slider-admin current_slider_id parameter. Published at: October 07, 2019 at 06:15PM View on website October 08, 2019 at 05:16PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2015-9453 The broken-link-manager plugin before 0.6.0 for WordPress has XSS via the HTTP Referer or User-Agent header to a URL that does not exist. Published at: October 07, 2019 at 06:15PM View on website October 08, 2019 at 05:16PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2015-9452 The nex-forms-express-wp-form-builder plugin before 4.6.1 for WordPress has SQL injection via the wp-admin/admin.php?page=nex-forms-main nex_forms_Id parameter. Published at: October 07, 2019 at 06:15PM View on website October 08, 2019 at 05:16PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2015-9451 The plugmatter-optin-feature-box-lite plugin before 2.0.14 for WordPress has SQL injection via the wp-admin/admin-ajax.php?action=pmfb_mailchimp pmfb_tid parameter. Published at: October 07, 2019 at 06:15PM View on website October 08, 2019 at 05:16PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2015-9450 The plugmatter-optin-feature-box-lite plugin before 2.0.14 for WordPress has SQL injection via the wp-admin/admin-ajax.php?action=pmfb_cc pmfb_tid parameter. Published at: October 07, 2019 at 06:15PM View on website October 08, 2019 at 05:16PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2017-2679 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none. Published at: October 10, 2019 at 02:27AM View on website October 10, 2019 at 04:05AM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2017-2678 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none. Published at: October 10, 2019 at 02:27AM View on website October 10, 2019 at 04:05AM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2017-2677 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none. Published at: October 10, 2019 at 02:27AM View on website October 10, 2019 at 04:05AM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2017-2676 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none. Published at: October 10, 2019 at 02:27AM View on website October 10, 2019 at 04:05AM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2015-9479 The ACF-Frontend-Display plugin through 2015-07-03 for WordPress has arbitrary file upload via an action=upload request to js/blueimp-jQuery-File-Upload-d45deb1/server/php/index.php. Published at: October 10, 2019 at 08:15PM View on website October 10, 2019 at 10:05PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2015-9478 prettyPhoto before 3.1.6 has js/jquery.prettyPhoto.js XSS. Published at: October 10, 2019 at 08:15PM View on website October 10, 2019 at 10:05PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2015-9477 The Vernissage theme 1.2.8 for WordPress has insufficient restrictions on option updates. Published at: October 10, 2019 at 08:15PM View on website October 10, 2019 at 10:06PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2015-9476 The Teardrop theme 1.8.1 for WordPress has insufficient restrictions on option updates. Published at: October 10, 2019 at 08:15PM View on website October 10, 2019 at 10:06PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2015-9475 The Pont theme 1.5 for WordPress has insufficient restrictions on option updates. Published at: October 10, 2019 at 08:15PM View on website October 10, 2019 at 10:06PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2015-9474 The Simpolio theme 1.3.2 for WordPress has insufficient restrictions on option updates. Published at: October 10, 2019 at 08:15PM View on website October 10, 2019 at 10:06PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2015-9473 The estrutura-basica theme through 2015-09-13 for WordPress has directory traversal via the scripts/download.php arquivo parameter. Published at: October 10, 2019 at 08:15PM View on website October 10, 2019 at 10:06PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2015-9472 The incoming-links plugin before 0.9.10b for WordPress has referrers.php XSS via the Referer HTTP header. Published at: October 10, 2019 at 08:15PM View on website October 10, 2019 at 10:06PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2015-9471 The dzs-zoomsounds plugin through 2.0 for WordPress has admin/upload.php arbitrary file upload. Published at: October 10, 2019 at 08:15PM View on website October 10, 2019 at 10:06PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2015-9470 The history-collection plugin through 1.1.1 for WordPress has directory traversal via the download.php var parameter. Published at: October 10, 2019 at 08:15PM View on website October 10, 2019 at 10:06PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2015-9469 The content-grabber plugin 1.0 for WordPress has XSS via obj_field_name or obj_field_id. Published at: October 10, 2019 at 08:15PM View on website October 10, 2019 at 10:06PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2015-9468 The broken-link-manager plugin 0.4.5 for WordPress has XSS via the page parameter in a delURL action. Published at: October 10, 2019 at 08:15PM View on website October 10, 2019 at 10:06PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2015-9467 The broken-link-manager plugin before 0.5.0 for WordPress has wpslDelURL or wpslEditURL SQL injection via the url parameter. Published at: October 10, 2019 at 08:15PM View on website October 10, 2019 at 10:06PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2015-9466 The wti-like-post plugin before 1.4.3 for WordPress has WtiLikePostProcessVote SQL injection via the HTTP_CLIENT_IP, HTTP_X_FORWARDED_FOR, HTTP_X_FORWARDED, HTTP_FORWARDED_FOR, or HTTP_FORWARDED variable. Published at: October 10, 2019 at 08:15PM View on website October 10, 2019 at 10:06PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2015-9465 The yet-another-stars-rating plugin before 0.9.1 for WordPress has yasr_get_multi_set_values_and_field SQL injection via the set_id parameter. Published at: October 10, 2019 at 08:15PM View on website October 10, 2019 at 10:06PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2015-9464 The s3bubble-amazon-s3-html-5-video-with-adverts plugin 0.7 for WordPress has directory traversal via the adverts/assets/plugins/ultimate/content/downloader.php path parameter. Published at: October 10, 2019 at 07:15PM View on website October 10, 2019 at 10:06PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2015-9463 The s3bubble-amazon-s3-audio-streaming plugin 2.0 for WordPress has directory traversal via the adverts/assets/plugins/ultimate/content/downloader.php path parameter. Published at: October 10, 2019 at 08:15PM View on website October 10, 2019 at 10:06PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2015-9462 The awesome-filterable-portfolio plugin before 1.9 for WordPress has afp_get_new_category_page SQL injection via the cat_id parameter. Published at: October 10, 2019 at 07:15PM View on website October 10, 2019 at 10:06PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2015-9461 The awesome-filterable-portfolio plugin before 1.9 for WordPress has afp_get_new_portfolio_item_page SQL injection via the item_id parameter. Published at: October 10, 2019 at 07:15PM View on website October 10, 2019 at 10:06PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2015-9460 The booking-system plugin before 2.1 for WordPress has DOPBSPBackEndTranslation::display SQL injection via the language parameter. Published at: October 10, 2019 at 07:15PM View on website October 10, 2019 at 10:06PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2015-9459 The searchterms-tagging-2 plugin through 1.535 for WordPress has XSS via the wp-admin/options-general.php count parameter. Published at: October 10, 2019 at 07:15PM View on website October 10, 2019 at 10:06PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2015-9458 The searchterms-tagging-2 plugin through 1.535 for WordPress has SQL injection via the pk_stt2_db_get_popular_terms count parameter exploitable via CSRF. Published at: October 10, 2019 at 07:15PM View on website October 10, 2019 at 10:06PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2015-9457 The pretty-link plugin before 1.6.8 for WordPress has PrliLinksController::list_links SQL injection via the group parameter. Published at: October 10, 2019 at 07:15PM View on website October 10, 2019 at 10:06PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2010-5340 IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/ with the parameter password is non-persistent in 10.2.0. Published at: October 11, 2019 at 02:15PM View on website October 11, 2019 at 04:05PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2010-5339 IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter _dlg[captcha][uid] is non-persistent in 10.1.3 and 10.2.0. Published at: October 11, 2019 at 02:15PM View on website October 11, 2019 at 04:05PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2010-5338 IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter _dlg[captcha][action] is non-persistent in 10.1.3 and 10.2.0. Published at: October 11, 2019 at 02:15PM View on website October 11, 2019 at 04:05PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2010-5337 IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter _dlg[captcha][controller] is non-persistent in 10.1.3 and 10.2.0. Published at: October 11, 2019 at 02:15PM View on website October 11, 2019 at 04:05PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2010-5336 IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: admin/login.html with the parameter username is persistent in 10.2.0. Published at: October 11, 2019 at 02:15PM View on website October 11, 2019 at 04:05PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2010-5335 IceWarp Webclient before 10.2.1 has a directory traversal vulnerability. This can result in loss of confidential data of IceWarp Mailserver and the operating system. Input passed via a certain parameter (script to basic/minimizer/index.php) is not properly sanitised and can therefore be exploited to browse the partition where IceWarp is installed (or the whole system) and read arbitrary files. Published at: October 11, 2019 at 02:15PM View on website October 11, 2019 at 04:05PM via National Vulnerability Database New vulnerabilities from the NVD: CVE-2010-5334 IceWarp Webclient before 10.2.1 has a directory traversal vulnerability. This can result in loss of confidential data of IceWarp Mailserver and the operating system. Input passed via a certain parameter (_c to basic/index.html) is not properly sanitised and can therefore be exploited to browse the partition where IceWarp is installed (or the whole system) and read arbitrary files. Published at: October 11, 2019 at 02:15PM View on website October 11, 2019 at 04:05PM via National Vulnerability Database