Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 4.7.2 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-31108
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in iFlyChat Team iFlyChat – WordPress Chat iflychat allows Stored XSS.This issue affects iFlyChat – WordPress Chat: from n/a up to and including 4.7.2.
NA
CVE-2024-2172
The Malware Scanner plugin and the Web Application Firewall plugin for WordPress (both by MiniOrange) are vulnerable to privilege escalation due to a missing capability check on the mo_wpns_init() function in all versions up to, and including, 4.7.2 (for Malware Scanner) and 2.1....
NA
CVE-2023-0479
The Print Invoice & Delivery Notes for WooCommerce WordPress plugin prior to 4.7.2 is vulnerable to reflected XSS by echoing a GET value in an admin note within the WooCommerce orders page. This means that this vulnerability can be exploited for users with the edit_others_sho...
Tychesoftwares Print Invoice \\& Delivery Notes For Woocommerce
NA
CVE-2022-3096
The WP Total Hacks WordPress plugin up to and including 4.7.2 does not prevent low privilege users from modifying the plugin's settings. This could allow users such as subscribers to perform Stored Cross-Site Scripting attacks against other users, like administrators, due to...
Wp Total Hacks Project Wp Total Hacks
5
CVSSv2
CVE-2017-6514
WordPress 4.7.2 mishandles listings of post authors, which allows remote malicious users to obtain sensitive information (Path Disclosure) via a /wp-json/oembed/1.0/embed?url= request, related to the "author_name":" substring.
Wordpress Wordpress 4.7.2
5
CVSSv2
CVE-2017-14719
Before version 4.8.2, WordPress was vulnerable to a directory traversal attack during unzip operations in the ZipArchive and PclZip components.
Wordpress Wordpress 4.7.1
Wordpress Wordpress 4.7.2
Wordpress Wordpress 4.6.6
Wordpress Wordpress 4.6.5
Wordpress Wordpress 4.6.4
Wordpress Wordpress 4.5.7
Wordpress Wordpress 4.5.6
Wordpress Wordpress 4.5
Wordpress Wordpress 4.4.9
Wordpress Wordpress 4.4.11
Wordpress Wordpress 4.4.10
Wordpress Wordpress 4.3.5
Wordpress Wordpress 4.3.4
Wordpress Wordpress 4.3
Wordpress Wordpress 4.2.9
Wordpress Wordpress 4.2.16
Wordpress Wordpress 4.2.15
Wordpress Wordpress 4.2
Wordpress Wordpress 4.1.9
Wordpress Wordpress 4.1.2
Wordpress Wordpress 4.1.19
Wordpress Wordpress 4.1.11
2 Github repositories
5
CVSSv2
CVE-2017-14722
Before version 4.8.2, WordPress allowed a Directory Traversal attack in the Customizer component via a crafted theme filename.
Wordpress Wordpress 4.7.5
Wordpress Wordpress 4.8
Wordpress Wordpress 4.7.3
Wordpress Wordpress 4.7.4
Wordpress Wordpress 4.7
Wordpress Wordpress 4.8.1
Wordpress Wordpress 4.7.1
Wordpress Wordpress 4.7.2
5
CVSSv2
CVE-2017-1001000
The register_routes function in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in the REST API in WordPress 4.7.x prior to 4.7.2 does not require an integer identifier, which allows remote malicious users to modify arbitrary pages via a request for wp-json/wp/v...
Wordpress Wordpress 4.7.1
Wordpress Wordpress 4.7
Wordpress Wordpress 4.7.2
1 Nmap script
3 Github repositories
4.3
CVSSv2
CVE-2016-10066
Buffer overflow in the ReadVIFFImage function in coders/viff.c in ImageMagick prior to 6.9.4-5 allows remote malicious users to cause a denial of service (application crash) via a crafted file.
Imagemagick Imagemagick
5
CVSSv2
CVE-2017-5610
wp-admin/includes/class-wp-press-this.php in Press This in WordPress prior to 4.7.2 does not properly restrict visibility of a taxonomy-assignment user interface, which allows remote malicious users to bypass intended access restrictions by reading terms.
Wordpress Wordpress
Debian Debian Linux 8.0
Debian Debian Linux 9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »