Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 2.0.8 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-5652
The WP Hotel Booking WordPress plugin prior to 2.0.8 does not have authorisation and CSRF checks, as well as does not escape user input before using it in a SQL statement of a function hooked to admin_init, allowing unauthenticated users to perform SQL injections
Thimpress Wp Hotel Booking
8.8
CVSSv3
CVE-2015-2673
The ec_ajax_update_option and ec_ajax_clear_all_taxrates functions in inc/admin/admin_ajax_functions.php in the WP EasyCart plugin 1.1.30 up to and including 3.0.20 for WordPress allow remote malicious users to gain administrator privileges and execute arbitrary code via the opti...
Wpeasycart Wp Easycart 1.2.9
Wpeasycart Wp Easycart 1.2.8
Wpeasycart Wp Easycart 1.2.7
Wpeasycart Wp Easycart 1.2.6
Wpeasycart Wp Easycart 2.0.2
Wpeasycart Wp Easycart 2.0.3
Wpeasycart Wp Easycart 2.0.4
Wpeasycart Wp Easycart 2.0.5
Wpeasycart Wp Easycart 2.0.20
Wpeasycart Wp Easycart 2.0.21
Wpeasycart Wp Easycart 2.0.22
Wpeasycart Wp Easycart 2.1.0
Wpeasycart Wp Easycart 2.1.13
Wpeasycart Wp Easycart 2.1.14
Wpeasycart Wp Easycart 2.1.15
Wpeasycart Wp Easycart 2.1.16
Wpeasycart Wp Easycart 2.1.17
Wpeasycart Wp Easycart 2.1.30
Wpeasycart Wp Easycart 2.1.31
Wpeasycart Wp Easycart 2.1.32
Wpeasycart Wp Easycart 2.1.33
Wpeasycart Wp Easycart 3.0.12
7.2
CVSSv3
CVE-2021-24754
The MainWP Child Reports WordPress plugin prior to 2.0.8 does not validate or sanitise the order parameter before using it in a SQL statement in the admin dashboard, leading to an SQL injection issue
Mainwp Mainwp Child Reports
6.5
CVSSv3
CVE-2022-4548
The Optimize images ALT Text & names for SEO using AI WordPress plugin prior to 2.0.8 does not have CSRF check in place when updating its settings, which could allow malicious users to make a logged-in admin change them via a CSRF attack.
Imageseo Optimize Images Alt Text \\(alt Tag\\) \\& Names For Seo Using Ai
6.5
CVSSv3
CVE-2022-34867
Unauthenticated Sensitive Information Disclosure vulnerability in WP Libre Form 2 plugin <= 2.0.8 at WordPress allows malicious users to list and delete submissions. Affects only versions from 2.0.0 to 2.0.8.
Wp Libre Form Project Wp Libre Form
6.1
CVSSv3
CVE-2022-0147
The Cookie Information | Free GDPR Consent Solution WordPress plugin prior to 2.0.8 does not escape user data before outputting it back in attributes in the admin dashboard, leading to a Reflected Cross-Site Scripting issue
Cookieinformation Wp-gdpr-compliance
5.4
CVSSv3
CVE-2023-5651
The WP Hotel Booking WordPress plugin prior to 2.0.8 does not have authorisation and CSRF checks, as well as does not ensure that the package to be deleted is a package, allowing any authenticated users, such as subscriber to delete arbitrary posts
Thimpress Wp Hotel Booking
5.4
CVSSv3
CVE-2023-5799
The WP Hotel Booking WordPress plugin prior to 2.0.8 does not have proper authorisation when deleting a package, allowing Contributor and above roles to delete posts that do no belong to them
Thimpress Wp Hotel Booking
5.4
CVSSv3
CVE-2006-10001
A vulnerability, which was classified as problematic, was found in Subscribe to Comments Plugin up to 2.0.7 on WordPress. This affects an unknown part of the file subscribe-to-comments.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remo...
Pluginmirror Subscribe To Comments
5.4
CVSSv3
CVE-2023-0151
The uTubeVideo Gallery WordPress plugin prior to 2.0.8 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site S...
Utubevideo Gallery Project Utubevideo Gallery
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2024-5274
CVE-2020-17519
CVE-2024-35340
CVE-2021-47558
local
XML injection
CVE-2021-47519
CVE-2021-47543
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »