MidnightBSD

Advisories for simplerealtytheme

CVE-2011-4618 MEDIUM

Cross-site scripting (XSS) vulnerability in advancedtext.php in Advanced Text Widget plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
simplerealtytheme advanced_text_widget_plugin *
CVE-2017-18514 HIGH

The simple-login-log plugin before 1.1.2 for WordPress has SQL injection.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
simplerealtytheme simple_login_log *
CVE-2017-18573 HIGH

The simple-login-log plugin before 1.1.2 for WordPress has SQL injection.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
simplerealtytheme simple_login_log *