Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

wordpress wordpress 2.1 vulnerabilities and exploits

(subscribe to this query)

4.3
CVSSv2
CVE-2007-1049
Cross-site scripting (XSS) vulnerability in the wp_explain_nonce function in the nonce AYS functionality (wp-includes/functions.php) for WordPress 2.0 before 2.0.9 and 2.1 before 2.1.1 allows remote attackers to inject arbitrary web script or HTML via the file parameter to...
Wordpress Wordpress 1.2Wordpress Wordpress 1.2.1
7.5
CVSSv2
CVE-2013-5917
SQL injection vulnerability in wp-comments-post.php in the NOSpam PTI plugin 2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the comment_post_ID parameter....
Rodrigo Coimbra Nospam Pti 2.1
7.5
CVSSv2
CVE-2013-3532
SQL injection vulnerability in settings.php in the Web Dorado Spider Video Player plugin 2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the theme parameter....
Webdorado Spider Video Player 2.1
7.5
CVSSv2
CVE-2009-2383
SQL injection vulnerability in BTE_RW_webajax.php in the Related Sites plugin 2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the guid parameter....
Blogtrafficexchange Related-sites 2.1
7.5
CVSSv2
CVE-2009-0968
SQL injection vulnerability in fmoblog.php in the fMoblog plugin 2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: some of these details are obtained from third party information....
Fahlstad Fmoblog Plugin 2.1
10
CVSSv2
CVE-2012-3575
Unrestricted file upload vulnerability in uploader.php in the RBX Gallery plugin 2.1 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in uploads/rbxslider....
Rbx Gallery Rbx Gallery 2.1
4.3
CVSSv2
CVE-2013-5714
Multiple cross-site scripting (XSS) vulnerabilities in ls/htmlchat.php in the VideoWhisper Live Streaming Integration plugin 4.25.3 and possibly earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) message parameter. NOTE:...
Videowhisper Live Streaming Integration Plugin 4.07Videowhisper Live Streaming Integration Plugin 4.05Videowhisper Live Streaming Integration Plugin 2.2Videowhisper Live Streaming Integration Plugin 2.1Videowhisper Live Streaming Integration PluginVideowhisper Live Streaming Integration Plugin 1.0.2Videowhisper Live Streaming Integration Plugin 4.25Videowhisper Live Streaming Integration Plugin 2.0
4.3
CVSSv2
CVE-2012-4283
Cross-site scripting (XSS) vulnerability in the Login With Ajax plugin before 3.0.4.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the callback parameter....
Netweblogic Login With Ajax 3.0.1Netweblogic Login With Ajax 2.21Netweblogic Login With Ajax 2.1.1Netweblogic Login With AjaxNetweblogic Login With Ajax 3.0.3Netweblogic Login With Ajax 3.0.2Netweblogic Login With Ajax 2.2Netweblogic Login With Ajax 2.1.5Netweblogic Login With Ajax 2.1.4Netweblogic Login With Ajax 2.1.3Netweblogic Login With Ajax 2.1.2Netweblogic Login With Ajax 3.0Netweblogic Login With Ajax 3.0bNetweblogic Login With Ajax 2.1
6.4
CVSSv2
CVE-2014-1907
Multiple directory traversal vulnerabilities in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allow remote attackers to (1) read arbitrary files via a .. (dot dot) in the s parameter to ls/rtmp_login.php or (2) delete arbitrary files via a .....
Videowhisper Live Streaming Integration Plugin 4.27Videowhisper Live Streaming Integration Plugin 4.27.3Videowhisper Live Streaming Integration Plugin 2.1Videowhisper Live Streaming Integration Plugin 2.0Videowhisper Live Streaming Integration PluginVideowhisper Live Streaming Integration Plugin 4.25.3Videowhisper Live Streaming Integration Plugin 1.0.2Videowhisper Live Streaming Integration Plugin 4.05Videowhisper Live Streaming Integration Plugin 2.2Videowhisper Live Streaming Integration Plugin 4.25Videowhisper Live Streaming Integration Plugin 4.07
4.3
CVSSv2
CVE-2012-2759
Cross-site scripting (XSS) vulnerability in login-with-ajax.php in the Login With Ajax (aka login-with-ajax) plugin before 3.0.4.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the callback parameter in a lostpassword action to wp-login.php....
Netweblogic Login With Ajax 2.1.5Netweblogic Login With Ajax 2.2Netweblogic Login With Ajax 2.1.3Netweblogic Login With Ajax 2.1.4Netweblogic Login With Ajax 3.0.2Netweblogic Login With Ajax 3.0.3Netweblogic Login With AjaxNetweblogic Login With Ajax 2.1.1Netweblogic Login With Ajax 2.1.2Netweblogic Login With Ajax 3.0Netweblogic Login With Ajax 3.0.1Netweblogic Login With Ajax 2.1Netweblogic Login With Ajax 2.21Netweblogic Login With Ajax 3.0b
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-32471CVE-2021-31167CVE-2021-22204command injectionCVE-2021-31204cross-site scriptingCVE-2021-31912encryptionCVE-2021-28465
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook