Aggregates CVE and security vulnerability intelligence across all neliosoftware-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk ssrf, vendor risk csrf, and vendor risk path handling, with potential vendor impact file overwrite across vendor surface production workloads use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2016-10977 | The nelio-ab-testing plugin before 4.5.0 for WordPress has filename=..%2f directory traversal. | [email protected] | 6.5 | 0.60% | 2019-09-17 | 2024-11-21 |
| CVE-2016-10927 | The nelio-ab-testing plugin before 4.5.11 for WordPress has SSRF in ajax/iesupport.php. | [email protected] | 10.0 | 0.45% | 2019-08-22 | 2024-11-21 |
| CVE-2016-10926 | The nelio-ab-testing plugin before 4.5.9 for WordPress has SSRF in ajax/iesupport.php. | [email protected] | 10.0 | 0.45% | 2019-08-22 | 2024-11-21 |
| CVE-2017-18547 | The nelio-ab-testing plugin before 4.6.4 for WordPress has CSRF in experiment forms. | [email protected] | 8.8 | 0.09% | 2019-08-16 | 2024-11-21 |