cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2018-6194,https://securityvulnerability.io/vulnerability/CVE-2018-6194,,A cross-site scripting (XSS) vulnerability in admin/partials/wp-splashing-admin-sidebar.php in the Splashing Images plugin (wp-splashing-images) before 2.1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the search parameter to wp-admin/upload.php.,Wordpress,Splashing Images,4.8,MEDIUM,0.0017500000540167093,false,,false,false,false,,false,false,2018-01-30T20:00:00.000Z,0
CVE-2018-6195,https://securityvulnerability.io/vulnerability/CVE-2018-6195,,"admin/partials/wp-splashing-admin-main.php in the Splashing Images plugin (wp-splashing-images) before 2.1.1 for WordPress allows authenticated (administrator, editor, or author) remote attackers to conduct PHP Object Injection attacks via crafted serialized data in the 'session' HTTP GET parameter to wp-admin/upload.php.",Wordpress,Splashing Images,7.2,HIGH,0.0065299998968839645,false,,false,false,false,,false,false,2018-01-30T20:00:00.000Z,0