Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

wordpress wordpress 1.5 vulnerabilities and exploits

(subscribe to this query)

5
CVSSv2
CVE-2012-3588
Directory traversal vulnerability in preview.php in the Plugin Newsletter plugin 1.5 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the data parameter....
Wordpress Plugin Newsletter Plugin 1.5
3.5
CVSSv2
CVE-2012-5388
Cross-site scripting (XSS) vulnerability in wlcms-plugin.php in the White Label CMS plugin 1.5 for WordPress allows remote authenticated administrators to inject arbitrary web script or HTML via the wlcms_o_developer_name parameter in a save action to wp-admin/admin.php, a...
Videousermanuals White-label-cms 1.5
4.3
CVSSv2
CVE-2012-1835
Multiple cross-site scripting (XSS) vulnerabilities in the All-in-One Event Calendar plugin 1.4 and 1.5 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) title parameter to app/view/agenda-widget-form.php; (2) args, (3) title, (4)...
Timely All-in-one Event Calendar 1.5Timely All-in-one Event Calendar 1.4
7.5
CVSSv2
CVE-2012-2109
SQL injection vulnerability in wp-load.php in the BuddyPress plugin 1.5.x before 1.5.5 of WordPress allows remote attackers to execute arbitrary SQL commands via the page parameter in an activity_widget_filter action....
Buddypress Buddypress 1.5Buddypress Buddypress 1.5.2Buddypress Buddypress 1.5.3Buddypress Buddypress 1.5.3.1Buddypress Buddypress 1.5.4Buddypress Buddypress 1.5.1
4.3
CVSSv2
CVE-2011-3857
Cross-site scripting (XSS) vulnerability in the Antisnews theme before 1.10 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter....
Antisocialmediallc Antisnews 1.0Antisocialmediallc Antisnews 1.1Antisocialmediallc Antisnews 1.2Antisocialmediallc Antisnews 1.3Antisocialmediallc Antisnews 1.4Antisocialmediallc AntisnewsAntisocialmediallc Antisnews 1.5Antisocialmediallc Antisnews 1.7Antisocialmediallc Antisnews 1.8Antisocialmediallc Antisnews 1.6
4.3
CVSSv2
CVE-2011-3860
Cross-site scripting (XSS) vulnerability in the Cover WP theme before 1.6.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter....
Onedesigns Cover WpOnedesigns Cover Wp 1.6Onedesigns Cover Wp 1.6.1Onedesigns Cover Wp 1.5.4Onedesigns Cover Wp 1.5.5Onedesigns Cover Wp 1.3Onedesigns Cover Wp 1.4Onedesigns Cover Wp 1.5Onedesigns Cover Wp 1.5.1Onedesigns Cover Wp 1.5.8Onedesigns Cover Wp 1.6.2Onedesigns Cover Wp 1.1Onedesigns Cover Wp 1.2Onedesigns Cover Wp 1.6.3Onedesigns Cover Wp 1.6.4Onedesigns Cover Wp 1.5.6Onedesigns Cover Wp 1.5.7Onedesigns Cover Wp 1.4.1Onedesigns Cover Wp 1.5.9Onedesigns Cover Wp 1.5.2Onedesigns Cover Wp 1.5.3
7.5
CVSSv2
CVE-2009-3703
Multiple SQL injection vulnerabilities in the WP-Forum plugin before 2.4 for WordPress allow remote attackers to execute arbitrary SQL commands via (1) the search_max parameter in a search action to the default URI, related to wpf.class.php; (2) the forum parameter to an...
Fahlstad Wp-forum 1.7.4Fahlstad Wp-forum 2.1Fahlstad Wp-forum 1.6Fahlstad Wp-forum 1.5Fahlstad Wp-forum 1.8Fahlstad Wp-forumFahlstad Wp-forum 1.7.3Fahlstad Wp-forum 1.7Fahlstad Wp-forum 1.7.8Fahlstad Wp-forum 2.0
4.3
CVSSv2
CVE-2014-1888
Cross-site scripting (XSS) vulnerability in the BuddyPress plugin before 1.9.2 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the name field to groups/create/step/group-details. NOTE: this can be exploited without authentication by...
Buddypress BuddypressBuddypress Buddypress 1.8.1Buddypress Buddypress 1.6.3Buddypress Buddypress 1.6.2Buddypress Buddypress 1.5.5Buddypress Buddypress 1.5.6Buddypress Buddypress 1.7Buddypress Buddypress 1.6.5Buddypress Buddypress 1.6.4Buddypress Buddypress 1.5.3.1Buddypress Buddypress 1.5.4Buddypress Buddypress 1.7.2Buddypress Buddypress 1.7.1Buddypress Buddypress 1.5.2Buddypress Buddypress 1.5.3Buddypress Buddypress 1.6.1Buddypress Buddypress 1.8Buddypress Buddypress 1.7.3Buddypress Buddypress 1.5Buddypress Buddypress 1.5.1Buddypress Buddypress 1.5.7Buddypress Buddypress 1.6
4.3
CVSSv2
CVE-2011-3863
Cross-site scripting (XSS) vulnerability in the RedLine theme before 1.66 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter....
Post-scriptum RedlinePost-scriptum Redline 0.2.7.1Post-scriptum Redline 0.3Post-scriptum Redline 0.85Post-scriptum Redline 1.0Post-scriptum Redline 1.5Post-scriptum Redline 0.5.5Post-scriptum Redline 0.7Post-scriptum Redline 0.7.1Post-scriptum Redline 0.7.5Post-scriptum Redline 0.2.2Post-scriptum Redline 0.2.3Post-scriptum Redline 0.2.5Post-scriptum Redline 0.2.6Post-scriptum Redline 1.0.1Post-scriptum Redline 1.0.3Post-scriptum Redline 1.1Post-scriptum Redline 1.2Post-scriptum Redline 0.2.1Post-scriptum Redline 0.2.7Post-scriptum Redline 0.2.9Post-scriptum Redline 0.5Post-scriptum Redline 0.8Post-scriptum Redline 0.90Post-scriptum Redline 1.6
6.8
CVSSv2
CVE-2014-10381
The user-domain-whitelist plugin before 1.5 for WordPress has CSRF....
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-32471CVE-2021-31167CVE-2021-22204command injectionCVE-2021-31204cross-site scriptingCVE-2021-31912encryptionCVE-2021-28465
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook