Known Vulnerabilities for products from Vanguard Project
Listed below are 5 of the newest known vulnerabilities associated with the vendor "Vanguard Project".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2020-15537 json | An issue was discovered in the Vanguard plugin 2.1 for WordPress. XSS can occur via the mails/new title field, a product fiel... | 6.1 - MEDIUM | 2020-07-05 | 2020-07-10 |
| CVE-2017-17937 json | Vanguard Marketplace Digital Products PHP has XSS via the phps_query parameter to /search. | Not Provided | 2017-12-28 | 2025-04-20 |
| CVE-2017-17936 json | Vanguard Marketplace Digital Products PHP has CSRF via /search. | Not Provided | 2017-12-28 | 2025-04-20 |
| CVE-2017-17874 json | Vanguard Marketplace Digital Products PHP 1.4 allows arbitrary file upload via an "Add a new product" or "Add a product previ... | Not Provided | 2017-12-27 | 2025-04-20 |
| CVE-2017-17873 json | Vanguard Marketplace Digital Products PHP 1.4 has SQL Injection via the PATH_INFO to the /p URI. | Not Provided | 2017-12-27 | 2025-04-20 |
Known software with vulnerabilities from Vanguard Project
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Vanguard Project | Vanguard | 2.1 |