cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2019-15321,https://securityvulnerability.io/vulnerability/CVE-2019-15321,,The option-tree plugin before 2.7.3 for WordPress has Object Injection because serialized classes are mishandled.,Wordpress,Optiontree,9.8,CRITICAL,0.002240000059828162,false,,false,false,false,,false,false,2019-08-22T13:27:59.000Z,0
CVE-2019-15320,https://securityvulnerability.io/vulnerability/CVE-2019-15320,,The option-tree plugin before 2.7.3 for WordPress has Object Injection because the + character is mishandled.,Wordpress,Optiontree,9.8,CRITICAL,0.002240000059828162,false,,false,false,false,,false,false,2019-08-22T13:27:10.000Z,0
CVE-2019-15319,https://securityvulnerability.io/vulnerability/CVE-2019-15319,,The option-tree plugin before 2.7.0 for WordPress has Object Injection by leveraging a valid nonce.,Wordpress,Optiontree,9.8,CRITICAL,0.002240000059828162,false,,false,false,false,,false,false,2019-08-22T13:26:22.000Z,0
CVE-2015-9320,https://securityvulnerability.io/vulnerability/CVE-2015-9320,,The option-tree plugin before 2.5.4 for WordPress has XSS related to add_query_arg.,Wordpress,Optiontree,6.1,MEDIUM,0.0006200000061653554,false,,false,false,false,,false,false,2019-08-20T15:42:08.000Z,0
CVE-2016-10895,https://securityvulnerability.io/vulnerability/CVE-2016-10895,,The option-tree plugin before 2.6.0 for WordPress has XSS via an add_list_item or add_social_links AJAX request.,Wordpress,Optiontree,6.1,MEDIUM,0.0006900000153109431,false,,false,false,false,,false,false,2019-08-20T15:28:15.000Z,0