Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wassup plugin vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2012-2633
Cross-site scripting (XSS) vulnerability in wassup.php in the WassUp plugin prior to 1.8.3.1 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the User-Agent HTTP header.
Wordpress Wassup Plugin 1.8.2
Wordpress Wassup Plugin 1.8.1
Wordpress Wassup Plugin 1.4.3
Wordpress Wassup Plugin 1.4
Wordpress Wassup Plugin 1.8
Wordpress Wassup Plugin 1.7.2
Wordpress Wassup Plugin 1.7.2.1
Wordpress Wassup Plugin
7.5
CVSSv2
CVE-2008-0520
Multiple SQL injection vulnerabilities in main.php in the WassUp plugin 1.4 up to and including 1.4.3 for WordPress allow remote malicious users to execute arbitrary SQL commands via the (1) from_date or (2) to_date parameter to spy.php.
Wordpress Wassup Plugin 1.4
Wordpress Wassup Plugin
1 EDB exploit
4.3
CVSSv2
CVE-2016-10919
The wassup plugin prior to 1.9.1 for WordPress has XSS via the Top stats widget or the wassupURI::add_siteurl method, a different vulnerability than CVE-2012-2633.
Wassup Real Time Analytics Project Wassup Real Time Analytics
NA
CVE-2023-5653
The WassUp Real Time Analytics WordPress plugin up to and including 1.9.4.5 does not escape IP address provided via some headers before outputting them back in an admin page, allowing unauthenticated users to perform Stored XSS attacks against logged in admins
Wassup Real Time Analytics Project Wassup Real Time Analytics
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started