Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.5.1.2 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-2108
SQL injection vulnerability in XMLRPC server in WordPress 1.5.1.2 and previous versions allows remote malicious users to execute arbitrary SQL commands via input that is not filtered in the HTTP_RAW_POST_DATA variable, which stores the data in an XML file.
Wordpress Wordpress 1.0.1
Wordpress Wordpress 1.0.2
Wordpress Wordpress 1.5.1.2
Wordpress Wordpress 1.2
Wordpress Wordpress 1.0
Wordpress Wordpress 1.5
Wordpress Wordpress 1.5.1
1 EDB exploit
NA
CVE-2005-2110
WordPress 1.5.1.2 and previous versions allows remote malicious users to obtain sensitive information via (1) a direct request to menu-header.php or a "1" value in the feed parameter to (2) wp-atom.php, (3) wp-rss.php, or (4) wp-rss2.php, which reveal the path in an err...
Wordpress Wordpress 1.0.1
Wordpress Wordpress 1.0.2
Wordpress Wordpress 1.5.1.2
Wordpress Wordpress 1.2
Wordpress Wordpress 1.0
Wordpress Wordpress 1.5
Wordpress Wordpress 1.5.1
NA
CVE-2005-2107
Multiple cross-site scripting (XSS) vulnerabilities in post.php in WordPress 1.5.1.2 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) p or (2) comment parameter.
Wordpress Wordpress 1.0.1
Wordpress Wordpress 1.0.2
Wordpress Wordpress 1.5.1.2
Wordpress Wordpress 1.2
Wordpress Wordpress 1.0
Wordpress Wordpress 1.5
Wordpress Wordpress 1.5.1
NA
CVE-2005-2109
wp-login.php in WordPress 1.5.1.2 and previous versions allows remote malicious users to change the content of the forgotten password e-mail message via the message variable, which is not initialized before use.
Wordpress Wordpress 1.0.1
Wordpress Wordpress 1.0.2
Wordpress Wordpress 1.5.1.2
Wordpress Wordpress 1.2
Wordpress Wordpress 1.0
Wordpress Wordpress 1.5
Wordpress Wordpress 1.5.1
NA
CVE-2005-2612
Direct code injection vulnerability in WordPress 1.5.1.3 and previous versions allows remote malicious users to execute arbitrary PHP code via the cache_lastpostdate[server] cookie.
Wordpress Wordpress 1.0.1
Wordpress Wordpress 1.0.2
Wordpress Wordpress 1.5.1.2
Wordpress Wordpress 1.2
Wordpress Wordpress 1.0
Wordpress Wordpress 1.5
Wordpress Wordpress 1.5.1
Wordpress Wordpress 1.5.1.3
1 EDB exploit
NA
CVE-2005-4463
WordPress prior to 1.5.2 allows remote malicious users to obtain sensitive information via a direct request to (1) wp-includes/vars.php, (2) wp-content/plugins/hello.php, (3) wp-admin/upgrade-functions.php, (4) wp-admin/edit-form.php, (5) wp-settings.php, and (6) wp-admin/edit-fo...
Wordpress Wordpress 2.0.1
Wordpress Wordpress 1.0.1
Wordpress Wordpress 1.0.2
Wordpress Wordpress 1.5.1.2
Wordpress Wordpress 1.2
Wordpress Wordpress 1.0
Wordpress Wordpress 1.5
Wordpress Wordpress 1.5.1
Wordpress Wordpress 1.5.1.3
NA
CVE-2006-0985
Multiple cross-site scripting (XSS) vulnerabilities in the "post comment" functionality of WordPress 2.0.1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) name, (2) website, and (3) comment parameters.
Wordpress Wordpress 2.0
Wordpress Wordpress 2.0.1
Wordpress Wordpress 1.0.1
Wordpress Wordpress 1.0.2
Wordpress Wordpress 1.5.1.2
Wordpress Wordpress 1.2
Wordpress Wordpress 1.0
Wordpress Wordpress 1.5
Wordpress Wordpress 1.5.1
Wordpress Wordpress 1.5.1.3
NA
CVE-2006-0986
WordPress 2.0.1 and previous versions allows remote malicious users to obtain sensitive information via a direct request to (1) default-filters.php, (2) template-loader.php, (3) rss-functions.php, (4) locale.php, (5) wp-db.php, and (6) kses.php in the wp-includes/ directory; and ...
Wordpress Wordpress 2.0
Wordpress Wordpress 2.0.1
Wordpress Wordpress 1.0.1
Wordpress Wordpress 1.0.2
Wordpress Wordpress 1.5.1.2
Wordpress Wordpress 1.2
Wordpress Wordpress 1.0
Wordpress Wordpress 1.5
Wordpress Wordpress 1.5.1
Wordpress Wordpress 1.5.1.3
NA
CVE-2006-1263
Multiple "unannounced" cross-site scripting (XSS) vulnerabilities in WordPress prior to 2.0.2 allow remote malicious users to inject arbitrary web script or HTML via unknown attack vectors.
Wordpress Wordpress 2.0
Wordpress Wordpress 2.0.1
Wordpress Wordpress 0.6.2.1
Wordpress Wordpress 1.2.1
Wordpress Wordpress 0.7
Wordpress Wordpress 0.71
Wordpress Wordpress 1.5.2
Wordpress Wordpress 1.5.1.2
Wordpress Wordpress 1.2
Wordpress Wordpress 1.2.2
Wordpress Wordpress 1.5
Wordpress Wordpress 1.5.1
Wordpress Wordpress 0.6.2
Wordpress Wordpress 1.5.1.3
NA
CVE-2006-1796
Cross-site scripting (XSS) vulnerability in the paging links functionality in template-functions-links.php in Wordpress 1.5.2, and possibly other versions prior to 2.0.1, allows remote malicious users to inject arbitrary web script or HTML to Internet Explorer users via the reque...
Wordpress Wordpress 2.0
Wordpress Wordpress 0.6.2.1
Wordpress Wordpress 1.2.1
Wordpress Wordpress 0.7
Wordpress Wordpress 0.71
Wordpress Wordpress 1.5.2
Wordpress Wordpress 1.0.1
Wordpress Wordpress 1.0.2
Wordpress Wordpress 1.5.1.2
Wordpress Wordpress 1.2
Wordpress Wordpress 1.2.2
Wordpress Wordpress 1.0
Wordpress Wordpress
Wordpress Wordpress 1.5
Wordpress Wordpress 1.5.1
Wordpress Wordpress 0.6.2
Wordpress Wordpress 1.5.1.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-44685
CVE-2024-44053
CVE-2024-8522
CVE-2024-44059
CVE-2024-8059
CVE-2024-8503
local
open redirect
TCP
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »