Vendor CVEs
Bestwebsoft
All CVEs
72 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-18590 | 0.00 | — | 0.01 | Aug 27, 2019 | The timesheet plugin before 0.1.5 for WordPress has multiple XSS issues. | |||
| CVE-2018-20970 | 0.00 | — | 0.01 | Aug 21, 2019 | The pdf-print plugin before 2.0.3 for WordPress has multiple XSS issues. | |||
| CVE-2017-18564 | 0.00 | — | 0.01 | Aug 21, 2019 | The sender plugin before 1.2.1 for WordPress has multiple XSS issues. | |||
| CVE-2017-18558 | 0.00 | — | 0.01 | Aug 21, 2019 | The bws-testimonials plugin before 0.1.9 for WordPress has multiple XSS issues. | |||
| CVE-2017-18557 | 0.00 | — | 0.01 | Aug 21, 2019 | The bws-google-maps plugin before 1.3.6 for WordPress has multiple XSS issues. | |||
| CVE-2017-18556 | 0.00 | — | 0.01 | Aug 21, 2019 | The bws-google-analytics plugin before 1.7.1 for WordPress has multiple XSS issues. | |||
| CVE-2017-18565 | 0.00 | — | 0.01 | Aug 21, 2019 | The updater plugin before 1.35 for WordPress has multiple XSS issues. | |||
| CVE-2017-18537 | 0.00 | — | 0.02 | Aug 21, 2019 | The visitors-online plugin before 1.0.0 for WordPress has multiple XSS issues. | |||
| CVE-2017-18529 | 0.00 | — | 0.02 | Aug 20, 2019 | The promobar plugin before 1.1.1 for WordPress has multiple XSS issues. | |||
| CVE-2017-18528 | 0.00 | — | 0.02 | Aug 20, 2019 | The pdf-print plugin before 1.9.4 for WordPress has multiple XSS issues. | |||
| CVE-2017-18527 | 0.00 | — | 0.02 | Aug 20, 2019 | The pagination plugin before 1.0.7 for WordPress has multiple XSS issues. | |||
| CVE-2017-18542 | 0.00 | — | 0.01 | Aug 16, 2019 | The zendesk-help-center plugin before 1.0.5 for WordPress has multiple XSS issues. | |||
| CVE-2015-9325 | 0.00 | — | 0.02 | Aug 16, 2019 | The visitors-online plugin before 0.4 for WordPress has SQL injection. | |||
| CVE-2017-18490 | 0.00 | — | 0.01 | Aug 13, 2019 | The contact-form-multi plugin before 1.2.1 for WordPress has multiple XSS issues. | |||
| CVE-2017-18492 | 0.00 | — | 0.01 | Aug 13, 2019 | The contact-form-to-db plugin before 1.5.7 for WordPress has multiple XSS issues. | |||
| CVE-2017-18500 | 0.00 | — | 0.01 | Aug 12, 2019 | The social-buttons-pack plugin before 1.1.1 for WordPress has multiple XSS issues. | |||
| CVE-2017-18502 | 0.00 | — | 0.02 | Aug 12, 2019 | The subscriber plugin before 1.3.5 for WordPress has multiple XSS issues. | |||
| CVE-2015-0890 | 0.00 | — | 0.02 | Mar 3, 2015 | The BestWebSoft Google Captcha (aka reCAPTCHA) plugin before 1.13 for WordPress allows remote attackers to bypass the CAPTCHA protection mechanism and obtain administrative access via unspecified vectors. | |||
| CVE-2014-9283 | 0.00 | — | 0.02 | Mar 3, 2015 | The BestWebSoft Captcha plugin before 4.0.7 for WordPress allows remote attackers to bypass the CAPTCHA protection mechanism and obtain administrative access via unspecified vectors. | |||
| CVE-2014-8320 | 0.00 | — | 0.01 | Oct 17, 2014 | Cross-site scripting (XSS) vulnerability in the Custom Search module 6.x-1.x before 6.x-1.12 and 7.x-1.x before 7.x-1.14 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via the "Label text" field to the results… | |||
| CVE-2006-6994 | 0.00 | — | 0.02 | Feb 12, 2007 | Unrestricted file upload vulnerability in add.asp in OzzyWork Gallery, possibly 2.0 and earlier, allows remote attackers to upload and execute arbitrary ASP files by removing the client-side security checks. | |||
| CVE-2006-5598 | 0.00 | — | 0.01 | Oct 28, 2006 | Cross-site scripting (XSS) vulnerability in index.php for GOOP Gallery 2.0, and possibly other versions before 2.0.3, allows remote attackers to inject arbitrary HTML or web script via the image parameter. |
- CVE-2017-18590Aug 27, 2019risk 0.00cvss —epss 0.01
The timesheet plugin before 0.1.5 for WordPress has multiple XSS issues.
- CVE-2018-20970Aug 21, 2019risk 0.00cvss —epss 0.01
The pdf-print plugin before 2.0.3 for WordPress has multiple XSS issues.
- CVE-2017-18564Aug 21, 2019risk 0.00cvss —epss 0.01
The sender plugin before 1.2.1 for WordPress has multiple XSS issues.
- CVE-2017-18558Aug 21, 2019risk 0.00cvss —epss 0.01
The bws-testimonials plugin before 0.1.9 for WordPress has multiple XSS issues.
- CVE-2017-18557Aug 21, 2019risk 0.00cvss —epss 0.01
The bws-google-maps plugin before 1.3.6 for WordPress has multiple XSS issues.
- CVE-2017-18556Aug 21, 2019risk 0.00cvss —epss 0.01
The bws-google-analytics plugin before 1.7.1 for WordPress has multiple XSS issues.
- CVE-2017-18565Aug 21, 2019risk 0.00cvss —epss 0.01
The updater plugin before 1.35 for WordPress has multiple XSS issues.
- CVE-2017-18537Aug 21, 2019risk 0.00cvss —epss 0.02
The visitors-online plugin before 1.0.0 for WordPress has multiple XSS issues.
- CVE-2017-18529Aug 20, 2019risk 0.00cvss —epss 0.02
The promobar plugin before 1.1.1 for WordPress has multiple XSS issues.
- CVE-2017-18528Aug 20, 2019risk 0.00cvss —epss 0.02
The pdf-print plugin before 1.9.4 for WordPress has multiple XSS issues.
- CVE-2017-18527Aug 20, 2019risk 0.00cvss —epss 0.02
The pagination plugin before 1.0.7 for WordPress has multiple XSS issues.
- CVE-2017-18542Aug 16, 2019risk 0.00cvss —epss 0.01
The zendesk-help-center plugin before 1.0.5 for WordPress has multiple XSS issues.
- CVE-2015-9325Aug 16, 2019risk 0.00cvss —epss 0.02
The visitors-online plugin before 0.4 for WordPress has SQL injection.
- CVE-2017-18490Aug 13, 2019risk 0.00cvss —epss 0.01
The contact-form-multi plugin before 1.2.1 for WordPress has multiple XSS issues.
- CVE-2017-18492Aug 13, 2019risk 0.00cvss —epss 0.01
The contact-form-to-db plugin before 1.5.7 for WordPress has multiple XSS issues.
- CVE-2017-18500Aug 12, 2019risk 0.00cvss —epss 0.01
The social-buttons-pack plugin before 1.1.1 for WordPress has multiple XSS issues.
- CVE-2017-18502Aug 12, 2019risk 0.00cvss —epss 0.02
The subscriber plugin before 1.3.5 for WordPress has multiple XSS issues.
- CVE-2015-0890Mar 3, 2015risk 0.00cvss —epss 0.02
The BestWebSoft Google Captcha (aka reCAPTCHA) plugin before 1.13 for WordPress allows remote attackers to bypass the CAPTCHA protection mechanism and obtain administrative access via unspecified vectors.
- CVE-2014-9283Mar 3, 2015risk 0.00cvss —epss 0.02
The BestWebSoft Captcha plugin before 4.0.7 for WordPress allows remote attackers to bypass the CAPTCHA protection mechanism and obtain administrative access via unspecified vectors.
- CVE-2014-8320Oct 17, 2014risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in the Custom Search module 6.x-1.x before 6.x-1.12 and 7.x-1.x before 7.x-1.14 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via the "Label text" field to the results…
- CVE-2006-6994Feb 12, 2007risk 0.00cvss —epss 0.02
Unrestricted file upload vulnerability in add.asp in OzzyWork Gallery, possibly 2.0 and earlier, allows remote attackers to upload and execute arbitrary ASP files by removing the client-side security checks.
- CVE-2006-5598Oct 28, 2006risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in index.php for GOOP Gallery 2.0, and possibly other versions before 2.0.3, allows remote attackers to inject arbitrary HTML or web script via the image parameter.
Page 2 of 2