Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.5.1 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-36727
The Newsletter Manager plugin for WordPress is vulnerable to insecure deserialization in versions up to, and including, 1.5.1. This is due to unsanitized input from the 'customFieldsDetails' parameter being passed through a deserialization function. This potentially mak...
Xyzscripts Newsletter Manager
9.8
CVSSv3
CVE-2021-24762
The Perfect Survey WordPress plugin prior to 1.5.2 does not validate and escape the question_id GET parameter before using it in a SQL statement in the get_question AJAX action, allowing unauthenticated users to perform SQL injection.
Getperfectsurvey Perfect Survey
1 Github repository
8.8
CVSSv3
CVE-2022-47161
Cross-Site Request Forgery (CSRF) vulnerability in The WordPress.Org community Health Check & Troubleshooting plugin <= 1.5.1 versions.
Wordpress Health Check \\& Troubleshooting
8.8
CVSSv3
CVE-2022-42699
Auth. Remote Code Execution vulnerability in Easy WP SMTP plugin <= 1.5.1 on WordPress.
Wp-ecommerce Easy Wp Smtp
8.8
CVSSv3
CVE-2020-9043
The wpCentral plugin prior to 1.5.1 for WordPress allows disclosure of the connection key.
Wpcentral Wpcentral
8.8
CVSSv3
CVE-2015-9228
In post-new.php in the Photocrati NextGEN Gallery plugin 2.1.10 for WordPress, unrestricted file upload is available via the name parameter, if a file extension is changed from .jpg to .php.
Imagely Nextgen Gallery 2.1.10
Imagely Nextgen Gallery 2.0.66.29
Imagely Nextgen Gallery 2.0.66.27
Imagely Nextgen Gallery 2.0.66.26
Imagely Nextgen Gallery 2.0.66.17
Imagely Nextgen Gallery 2.0.25
Imagely Nextgen Gallery 2.0.23
Imagely Nextgen Gallery 2.0.21
Imagely Nextgen Gallery 2.0.17
Imagely Nextgen Gallery 1.9.3
Imagely Nextgen Gallery 1.9.2
Imagely Nextgen Gallery 1.9.1
Imagely Nextgen Gallery 1.9.0
Imagely Nextgen Gallery 1.8.4
Imagely Nextgen Gallery 1.5.5
Imagely Nextgen Gallery 1.5.4
Imagely Nextgen Gallery 1.5.3
Imagely Nextgen Gallery 1.5.2
Imagely Nextgen Gallery 2.1.9
Imagely Nextgen Gallery 2.1.2
Imagely Nextgen Gallery 2.0.79
Imagely Nextgen Gallery 2.0.74
8.6
CVSSv3
CVE-2015-4694
Directory traversal vulnerability in download.php in the Zip Attachments plugin prior to 1.5.1 for WordPress allows remote malicious users to read arbitrary files via a .. (dot dot) in the za_file parameter.
Zip Attachments Project Zip Attachments
8.1
CVSSv3
CVE-2022-45829
Auth. Path Traversal vulnerability in Easy WP SMTP plugin <= 1.5.1 at WordPress.
Wp-ecommerce Easy Wp Smtp
7.2
CVSSv3
CVE-2019-12239
The WP Booking System plugin 1.5.1 for WordPress has no CSRF protection, which allows malicious users to reach certain SQL injection issues that require administrative access.
Wpbookingsystem Wp Booking System
6.5
CVSSv3
CVE-2022-45833
Auth. Path Traversal vulnerability in Easy WP SMTP plugin <= 1.5.1 on WordPress.
Wp-ecommerce Easy Wp Smtp
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »