Vulnerabilities (CVE)

Filtered by vendor Simplysymphony Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-9422 1 Simplysymphony 1 Plugnedit 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
The PlugNedit Adaptive Editor plugin before 6.2.0 for WordPress has CSRF with resultant XSS via wp-admin/admin-ajax.php?action=simple_fields_field_type_post_dialog_load plugnedit_width, pnemedcount, PlugneditBGColor, PlugneditEditorMargin, or plugneditcontent parameters.
CVE-2015-9423 1 Simplysymphony 1 Plugnedit 2024-02-28 3.5 LOW 5.4 MEDIUM
The PlugNedit Adaptive Editor plugin before 6.2.0 for WordPress has XSS via wp-admin/admin-ajax.php?action=simple_fields_field_type_post_dialog_load PlugneditBGColor, PlugneditEditorMargin, plugnedit_width, pnemedcount, or plugneditcontent parameters.