AntsKnows

5 exploits Active since Feb 2018
CVE-2018-6158 GITHUB HIGH NO CODE
Google Chrome <68.0.3440.75 - Heap Corruption
A race condition in Oilpan in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS 7.5
CVE-2018-6466 GITHUB MEDIUM NO CODE
flickrRSS 5.3.1 - Cross-Site Scripting via flickrRSS_set Parameter
A cross-site scripting (XSS) vulnerability in flickrRSS.php in the flickrRSS plugin 5.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the flickrRSS_set parameter to wp-admin/options-general.php.
CVSS 6.1
CVE-2018-6467 GITHUB HIGH NO CODE
flickrRSS 5.3.1 - Cross-Site Request Forgery via wp-admin/options-general.php
The flickrRSS plugin 5.3.1 for WordPress has CSRF via wp-admin/options-general.php.
CVSS 8.8
CVE-2018-6468 GITHUB MEDIUM NO CODE
flickrRSS 5.3.1 - Cross-Site Scripting via flickrRSS_id Parameter
A cross-site scripting (XSS) vulnerability in flickrRSS.php in the flickrRSS plugin 5.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the flickrRSS_id parameter to wp-admin/options-general.php.
CVSS 6.1
CVE-2018-6469 GITHUB MEDIUM NO CODE
flickrRSS 5.3.1 - Stored Cross-Site Scripting via flickrRSS_tags Parameter
A cross-site scripting (XSS) vulnerability in flickrRSS.php in the flickrRSS plugin 5.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the flickrRSS_tags parameter to wp-admin/options-general.php.
CVSS 6.1