WebLibrarian
by WordPress
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-29441 | Hig | 0.46 | 7.1 | 0.00 | Sep 6, 2023 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Robert Heller WebLibrarian plugin <= 3.5.8.1 versions. | ||
| CVE-2019-1010034 | Med | 0.42 | 6.5 | 0.01 | Jul 15, 2019 | Deepwoods Software WebLibrarian 3.5.2 and earlier is affected by: SQL Injection. The impact is: Exposing the entire database. The component is: Function "AllBarCodes" (defined at database_code.php line 1018) is vulnerable to a boolean-based blind sql injection. This function… | ||
| CVE-2017-18540 | Med | 0.40 | 6.1 | 0.01 | Aug 21, 2019 | The weblibrarian plugin before 3.4.8.7 for WordPress has XSS via front-end short codes. | ||
| CVE-2017-18539 | Med | 0.40 | 6.1 | 0.01 | Aug 21, 2019 | The weblibrarian plugin before 3.4.8.6 for WordPress has XSS via front-end short codes. | ||
| CVE-2017-18538 | Med | 0.40 | 6.1 | 0.01 | Aug 21, 2019 | The weblibrarian plugin before 3.4.8.5 for WordPress has XSS via front-end short codes. |
- risk 0.46cvss 7.1epss 0.00
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Robert Heller WebLibrarian plugin <= 3.5.8.1 versions.
- risk 0.42cvss 6.5epss 0.01
Deepwoods Software WebLibrarian 3.5.2 and earlier is affected by: SQL Injection. The impact is: Exposing the entire database. The component is: Function "AllBarCodes" (defined at database_code.php line 1018) is vulnerable to a boolean-based blind sql injection. This function…
- risk 0.40cvss 6.1epss 0.01
The weblibrarian plugin before 3.4.8.7 for WordPress has XSS via front-end short codes.
- risk 0.40cvss 6.1epss 0.01
The weblibrarian plugin before 3.4.8.6 for WordPress has XSS via front-end short codes.
- risk 0.40cvss 6.1epss 0.01
The weblibrarian plugin before 3.4.8.5 for WordPress has XSS via front-end short codes.