Shravan Kumar

#7653of 53,634
35.9Total CVSS
Vulnerabilities · 5
Medium
3
High
2
PT-2019-7773
6.1
2019-09-17
Kento · Kento-Post-View-Counter · CVE-2016-10980
**Name of the Vulnerable Software and Affected Versions** kento-post-view-counter plugin versions prior to 2.9 **Description** The issue allows for XSS via `kento pvc geo`. **Recommendations** For versions prior to 2.9, update to version 2.9 or later to resolve the issue.
PT-2019-7774
6.1
2019-09-17
Kento · Kento-Post-View-Counter · CVE-2016-10981
**Name of the Vulnerable Software and Affected Versions** kento-post-view-counter plugin versions prior to 2.8 **Description** The issue concerns stored XSS, which can be triggered via the `kento pvc numbers lang`, `kento pvc today text`, or `kento pvc total text` variables. This allows for malicious script execution. **Recommendations** For versions prior to 2.8, update to version 2.8 or later to resolve the issue.
PT-2019-7775
8.8
2019-09-17
WordPress · Kento-Post-View-Counter · CVE-2016-10982
**Name of the Vulnerable Software and Affected Versions** kento-post-view-counter plugin versions prior to 2.8 **Description** The issue concerns a CSRF problem in the kento-post-view-counter plugin for WordPress, specifically affecting the wp-admin/admin.php?page=kentopvc settings page. **Recommendations** For versions prior to 2.8, update to version 2.8 or later to resolve the issue.
PT-2019-7781
6.1
2019-09-17
WordPress · Leenkme Plugin · CVE-2016-10988
**Name of the Vulnerable Software and Affected Versions** leenkme plugin versions prior to 2.6.0 **Description** The issue concerns stored XSS in the leenkme plugin for WordPress. It can be exploited via variables such as `facebook message`, `facebook linkname`, `facebook caption`, `facebook description`, `default image`, or ` wp http referer`. **Recommendations** For versions prior to 2.6.0, update to version 2.6.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the variables `facebook message`, `facebook linkname`, `facebook caption`, `facebook description`, `default image`, and ` wp http referer` until the update is applied.
PT-2019-7782
8.8
2019-09-17
WordPress · Leenkme Plugin · CVE-2016-10989
**Name of the Vulnerable Software and Affected Versions** leenkme plugin versions prior to 2.6.0 **Description** The issue concerns a CSRF problem in the leenkme plugin for WordPress. The affected endpoint is "wp-admin/admin.php?page=leenkme facebook". **Recommendations** For versions prior to 2.6.0, update to version 2.6.0 or later to resolve the issue.