Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

wordpress wordpress 2.0 vulnerabilities and exploits

(subscribe to this query)

4.3
CVSSv2
CVE-2007-1049
Cross-site scripting (XSS) vulnerability in the wp_explain_nonce function in the nonce AYS functionality (wp-includes/functions.php) for WordPress 2.0 before 2.0.9 and 2.1 before 2.1.1 allows remote attackers to inject arbitrary web script or HTML via the file parameter to...
Wordpress Wordpress 1.2Wordpress Wordpress 1.2.1
4.3
CVSSv2
CVE-2011-5181
Cross-site scripting (XSS) vulnerability in clickdesk.php in ClickDesk Live Support - Live Chat plugin 2.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cdwidgetid parameter. NOTE: some of these details are obtained from third party...
Clickdesk Clickdesk Live Support-live Chat Plugin 2.0
4.3
CVSSv2
CVE-2013-5714
Multiple cross-site scripting (XSS) vulnerabilities in ls/htmlchat.php in the VideoWhisper Live Streaming Integration plugin 4.25.3 and possibly earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) message parameter. NOTE:...
Videowhisper Live Streaming Integration Plugin 4.07Videowhisper Live Streaming Integration Plugin 4.05Videowhisper Live Streaming Integration Plugin 2.2Videowhisper Live Streaming Integration Plugin 2.1Videowhisper Live Streaming Integration PluginVideowhisper Live Streaming Integration Plugin 1.0.2Videowhisper Live Streaming Integration Plugin 4.25Videowhisper Live Streaming Integration Plugin 2.0
6.4
CVSSv2
CVE-2014-1907
Multiple directory traversal vulnerabilities in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allow remote attackers to (1) read arbitrary files via a .. (dot dot) in the s parameter to ls/rtmp_login.php or (2) delete arbitrary files via a .....
Videowhisper Live Streaming Integration Plugin 4.27Videowhisper Live Streaming Integration Plugin 4.27.3Videowhisper Live Streaming Integration Plugin 2.1Videowhisper Live Streaming Integration Plugin 2.0Videowhisper Live Streaming Integration PluginVideowhisper Live Streaming Integration Plugin 4.25.3Videowhisper Live Streaming Integration Plugin 1.0.2Videowhisper Live Streaming Integration Plugin 4.05Videowhisper Live Streaming Integration Plugin 2.2Videowhisper Live Streaming Integration Plugin 4.25Videowhisper Live Streaming Integration Plugin 4.07
4.3
CVSSv2
CVE-2012-1068
Cross-site scripting (XSS) vulnerability in the rc_ajax function in core.php in the WP-RecentComments plugin before 2.0.7 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter, related to AJAX paging....
Mg12 Wp-recentcomments 2.0.4Mg12 Wp-recentcomments 2.0.3Mg12 Wp-recentcomments 2.0.6Mg12 Wp-recentcomments 2.0.5Mg12 Wp-recentcomments 1.8.1Mg12 Wp-recentcomments 1.8Mg12 Wp-recentcomments 2.0.2Mg12 Wp-recentcomments 2.0.1Mg12 Wp-recentcommentsMg12 Wp-recentcomments 2.0Mg12 Wp-recentcomments 1.8.2
4.3
CVSSv2
CVE-2011-3864
Cross-site scripting (XSS) vulnerability in the The Erudite theme before 2.7.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cpage parameter....
Somadesign The Erudite 1.4Somadesign The Erudite 2.0Somadesign The Erudite 2.7.1Somadesign The Erudite 2.7.4Somadesign The Erudite 1.0Somadesign The Erudite 1.1Somadesign The Erudite 1.2Somadesign The Erudite 2.7.7Somadesign The EruditeSomadesign The Erudite 2.5Somadesign The Erudite 2.6Somadesign The Erudite 2.6.1Somadesign The Erudite 2.6.2Somadesign The Erudite 1.3Somadesign The Erudite 1.4.1Somadesign The Erudite 2.0.2Somadesign The Erudite 2.7Somadesign The Erudite 2.7.2
5
CVSSv2
CVE-2012-4915
Directory traversal vulnerability in the Google Doc Embedder plugin before 2.5.4 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to libs/pdf.php....
Davistribe Google Doc Embedder 2.5.2Davistribe Google Doc Embedder 2.5.1Davistribe Google Doc Embedder 2.4.1Davistribe Google Doc Embedder 2.4Davistribe Google Doc Embedder 2.5Davistribe Google Doc Embedder 2.4.6Davistribe Google Doc Embedder 2.3Davistribe Google Doc Embedder 2.2.3Davistribe Google Doc Embedder 2.4.5Davistribe Google Doc Embedder 2.4.4Davistribe Google Doc Embedder 2.2.2Davistribe Google Doc Embedder 2.2.1Davistribe Google Doc Embedder 2.2Davistribe Google Doc EmbedderDavistribe Google Doc Embedder 2.4.3Davistribe Google Doc Embedder 2.4.2Davistribe Google Doc Embedder 2.1Davistribe Google Doc Embedder 2.0
4.3
CVSSv2
CVE-2011-3854
Cross-site scripting (XSS) vulnerability in the ZenLite theme before 4.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter....
Quirm Zenlite 1.1Quirm Zenlite 1.2Quirm Zenlite 2.7Quirm Zenlite 3.0Quirm Zenlite 3.52Quirm Zenlite 3.60Quirm Zenlite 2.2Quirm Zenlite 2.4Quirm Zenlite 3.3Quirm Zenlite 3.4Quirm Zenlite 4.1Quirm Zenlite 4.2Quirm Zenlite 1.3Quirm Zenlite 2.0Quirm Zenlite 2.1Quirm Zenlite 3.1Quirm Zenlite 3.2Quirm Zenlite 3.61Quirm Zenlite 4.0Quirm ZenliteQuirm Zenlite 1.0Quirm Zenlite 2.5Quirm Zenlite 2.6Quirm Zenlite 3.5Quirm Zenlite 3.51
7.5
CVSSv2
CVE-2009-3703
Multiple SQL injection vulnerabilities in the WP-Forum plugin before 2.4 for WordPress allow remote attackers to execute arbitrary SQL commands via (1) the search_max parameter in a search action to the default URI, related to wpf.class.php; (2) the forum parameter to an...
Fahlstad Wp-forum 1.7.4Fahlstad Wp-forum 2.1Fahlstad Wp-forum 1.6Fahlstad Wp-forum 1.5Fahlstad Wp-forum 1.8Fahlstad Wp-forumFahlstad Wp-forum 1.7.3Fahlstad Wp-forum 1.7Fahlstad Wp-forum 1.7.8Fahlstad Wp-forum 2.0
4.3
CVSSv2
CVE-2015-9403
The neuvoo-jobroll plugin 2.0 for WordPress has neuvoo_location XSS....
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-32471CVE-2021-31167CVE-2021-22204command injectionCVE-2021-31204cross-site scriptingCVE-2021-31912encryptionCVE-2021-28465
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook