CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10898 – Total Security <= 3.4 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2016-10898
25 Jul 2016 — The total-security plugin before 3.4.1 for WordPress has XSS. El plugin total-security versiones anteriores a 3.4.1 para WordPress, presenta una vulnerabilidad de tipo XSS. The total-security plugin before 3.4.1 for WordPress has XSS via several parameters. • https://wordpress.org/plugins/total-security/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10899 – Total Security <= 3.4.0 - Unauthenticated Settings Change
https://notcve.org/view.php?id=CVE-2016-10899
25 Jul 2016 — The total-security plugin before 3.4.1 for WordPress has a settings-change vulnerability. El plugin total-security versiones anteriores a 3.4.1 para WordPress, presenta una vulnerabilidad de cambio de configuración. • https://wordpress.org/plugins/total-security/#developers • CWE-20: Improper Input Validation CWE-862: Missing Authorization •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 5CVE-2014-9643 – K7 Computing (Multiple Products) - Arbitrary Write Privilege Escalation
https://notcve.org/view.php?id=CVE-2014-9643
05 Feb 2015 — K7Sentry.sys in K7 Computing Ultimate Security, Anti-Virus Plus, and Total Security before 14.2.0.253 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x95002570, 0x95002574, 0x95002580, 0x950025a8, 0x950025ac, or 0x950025c8 IOCTL call. K7Sentry.sys en K7 Computing Ultimate Security, Anti-Virus Plus, y Total Security anterior a 14.2.0.253 permite a usuarios locales escribir a localizaciones de memoria arbitrarias, y como consecuencia ganar privilegio... • https://packetstorm.news/files/id/130246 • CWE-264: Permissions, Privileges, and Access Controls •