Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 2.0.7 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2007-1409
WordPress allows remote malicious users to obtain sensitive information via a direct request for wp-admin/admin-functions.php, which reveals the path in an error message.
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.7
Wordpress Wordpress 2.0
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.1
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.0.3
Wordpress Wordpress 2.0.4
Wordpress Wordpress 2.0.5
685
VMScore
CVE-2013-7233
Cross-site request forgery (CSRF) vulnerability in the retrospam component in wp-admin/options-discussion.php in WordPress 2.0.11 and previous versions allows remote malicious users to hijack the authentication of administrators for requests that move comments to the moderation l...
Wordpress Wordpress 2.0
Wordpress Wordpress 2.0.1
Wordpress Wordpress
Wordpress Wordpress 2.0.4
Wordpress Wordpress 2.0.9
Wordpress Wordpress 2.0.10
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.0.5
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.7
Wordpress Wordpress 2.0.8
1 EDB exploit
383
VMScore
CVE-2007-1894
Cross-site scripting (XSS) vulnerability in wp-includes/general-template.php in WordPress prior to 20070309 allows remote malicious users to inject arbitrary web script or HTML via the year parameter in the wp_title function.
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.0.3
Wordpress Wordpress 2.1.2
Wordpress Wordpress 2.2 Revision5002
Wordpress Wordpress 2.0.4
Wordpress Wordpress 2.0.5
Wordpress Wordpress 2.0
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.1
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.7
435
VMScore
CVE-2007-1622
Cross-site scripting (XSS) vulnerability in wp-admin/vars.php in WordPress prior to 2.0.10 RC2, and prior to 2.1.3 RC2 in the 2.1 series, allows remote authenticated users with theme privileges to inject arbitrary web script or HTML via the PATH_INFO in the administration interfa...
Wordpress Wordpress 2.0
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.1
Wordpress Wordpress 2.0.10 Rc1
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.0.4
Wordpress Wordpress 2.0.7
Wordpress Wordpress 2.1.2
Wordpress Wordpress 2.0.5
Wordpress Wordpress 2.0.3
Wordpress Wordpress 2.1.3 Rc1
Wordpress Wordpress 2.0.10
1 EDB exploit
435
VMScore
CVE-2007-1049
Cross-site scripting (XSS) vulnerability in the wp_explain_nonce function in the nonce AYS functionality (wp-includes/functions.php) for WordPress 2.0 prior to 2.0.9 and 2.1 prior to 2.1.1 allows remote malicious users to inject arbitrary web script or HTML via the file parameter...
Wordpress Wordpress 1.5
Wordpress Wordpress 1.5.1
Wordpress Wordpress 2.0.3
Wordpress Wordpress 2.0.4
Wordpress Wordpress 2.0.5
Wordpress Wordpress 0.6.2
Wordpress Wordpress 0.7
Wordpress Wordpress 1.5.2
Wordpress Wordpress 2.0
Wordpress Wordpress 0.6.2.1
Wordpress Wordpress 1.5.1.2
Wordpress Wordpress 1.5.1.3
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.7
Wordpress Wordpress 0.71
Wordpress Wordpress 1.2.2
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.0.2
Wordpress Wordpress 1.2
Wordpress Wordpress 1.2.1
1 EDB exploit
685
VMScore
CVE-2007-6318
SQL injection vulnerability in wp-includes/query.php in WordPress 2.3.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the s parameter, when DB_CHARSET is set to (1) Big5, (2) GBK, or possibly other character set encodings that support a...
Wordpress Wordpress 2.0.10
Wordpress Wordpress 2.0.10 Rc1
Wordpress Wordpress 2.0.7
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.2.3
Wordpress Wordpress 2.2 Revision5002
Wordpress Wordpress 2.0
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.0.5
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.2.1
Wordpress Wordpress 2.2.2
Wordpress Wordpress 2.0.3
Wordpress Wordpress 2.0.4
Wordpress Wordpress 2.1.3 Rc1
Wordpress Wordpress 2.1.3 Rc2
Wordpress Wordpress 2.2
Wordpress Wordpress 2.3.1
Wordpress Wordpress 2.0.10 Rc2
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.1.2
Wordpress Wordpress 2.1.3
1 EDB exploit
383
VMScore
CVE-2007-4893
wp-admin/admin-functions.php in Wordpress prior to 2.2.3 and Wordpress multi-user (MU) prior to 1.2.5a does not properly verify the unfiltered_html privilege, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via modified data to (1) post.php or (2...
Wordpress Wordpress 1.2.1
Wordpress Wordpress 1.2.2
Wordpress Wordpress 2.0.10 Rc2
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.1.2
Wordpress Wordpress 2.1.3
Wordpress Wordpress 2.2 Revision5003
Wordpress Wordpress 0.6.2.1
Wordpress Wordpress 0.7
Wordpress Wordpress 1.5.1.3
Wordpress Wordpress 2.0
Wordpress Wordpress 2.0.5
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.2
Wordpress Wordpress 2.2.1
Wordpress Wordpress 0.6.2
Wordpress Wordpress 0.71
Wordpress Wordpress 1.2
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.0.10 Rc1
Wordpress Wordpress 2.0.7
Wordpress Wordpress 2.1.1
668
VMScore
CVE-2007-4894
Multiple SQL injection vulnerabilities in Wordpress prior to 2.2.3 and Wordpress multi-user (MU) prior to 1.2.5a allow remote malicious users to execute arbitrary SQL commands via the post_type parameter to the pingback.extensions.getPingbacks method in the XMLRPC interface, and ...
Wordpress Wordpress 0.6.2
Wordpress Wordpress 1.5
Wordpress Wordpress 1.5.1
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.0.3
Wordpress Wordpress 2.1.3 Rc1
Wordpress Wordpress 2.1.3 Rc2
Wordpress Wordpress 1.2.1
Wordpress Wordpress 1.2.2
Wordpress Wordpress 2.0.10 Rc1
Wordpress Wordpress 2.0.10 Rc2
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.1.2
Wordpress Wordpress 2.1.3
Wordpress Wordpress 2.2 Revision5003
Wordpress Wordpress 0.71
Wordpress Wordpress 1.2
Wordpress Wordpress 2.0
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.7
Wordpress Wordpress 2.2.2
454
VMScore
CVE-2008-4106
WordPress prior to 2.6.2 does not properly handle MySQL warnings about insertion of username strings that exceed the maximum column width of the user_login column, and does not properly handle space characters when comparing usernames, which allows remote malicious users to chang...
Wordpress Wordpress 1.2.2
Wordpress Wordpress 1.5-strayhorn
Wordpress Wordpress 2.0.4
Wordpress Wordpress 2.0.10
Wordpress Wordpress 2.1.2
Wordpress Wordpress 2.1.3
Wordpress Wordpress 2.6
Wordpress Wordpress 0.71-gold
Wordpress Wordpress 1.5.1.1
Wordpress Wordpress 1.5.1.2
Wordpress Wordpress 2.0.11
Wordpress Wordpress 2.0.5
Wordpress Wordpress 2.2
Wordpress Wordpress 2.2.1
Wordpress Wordpress 1.0.1-miles
Wordpress Wordpress 1.0.2-blakey
Wordpress Wordpress 1.2.1
Wordpress Wordpress 2.0
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.0.9
Wordpress Wordpress 2.1
Wordpress Wordpress 2.1.1
668
VMScore
CVE-2008-3747
The (1) get_edit_post_link and (2) get_edit_comment_link functions in wp-includes/link-template.php in WordPress prior to 2.6.1 do not force SSL communication in the intended situations, which might allow remote malicious users to gain administrative access by sniffing the networ...
Wordpress Wordpress 0.6.2
Wordpress Wordpress 0.6.2.1
Wordpress Wordpress 0.72
Wordpress Wordpress 1.0
Wordpress Wordpress 1.5.1.3
Wordpress Wordpress 1.5.2
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.7
Wordpress Wordpress 2.2.1
Wordpress Wordpress 2.2.2
Wordpress Wordpress 2.3
Wordpress Wordpress 2.5
Wordpress Wordpress 1.2
Wordpress Wordpress 1.5
Wordpress Wordpress 2.0.4
Wordpress Wordpress 2.0.5
Wordpress Wordpress 2.1.3
Wordpress Wordpress 2.2
Wordpress Wordpress 2.3.2
Wordpress Wordpress 0.711
Wordpress Wordpress 1.2.1
Wordpress Wordpress 1.2.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »