Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

wordpress wordpress 2.3 vulnerabilities and exploits

(subscribe to this query)

5
CVSSv2
CVE-2012-4915
Directory traversal vulnerability in the Google Doc Embedder plugin before 2.5.4 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to libs/pdf.php....
Davistribe Google Doc Embedder 2.5.2Davistribe Google Doc Embedder 2.5.1Davistribe Google Doc Embedder 2.4.1Davistribe Google Doc Embedder 2.4Davistribe Google Doc Embedder 2.5Davistribe Google Doc Embedder 2.4.6Davistribe Google Doc Embedder 2.3Davistribe Google Doc Embedder 2.2.3Davistribe Google Doc Embedder 2.4.5Davistribe Google Doc Embedder 2.4.4Davistribe Google Doc Embedder 2.2.2Davistribe Google Doc Embedder 2.2.1Davistribe Google Doc Embedder 2.2Davistribe Google Doc EmbedderDavistribe Google Doc Embedder 2.4.3Davistribe Google Doc Embedder 2.4.2Davistribe Google Doc Embedder 2.1Davistribe Google Doc Embedder 2.0
5
CVSSv2
CVE-2010-4403
The Register Plus plugin 3.5.1 and earlier for WordPress allows remote attackers to obtain sensitive information via a direct request to (1) dash_widget.php and (2) register-plus.php, which reveals the installation path in an error message....
Devbits Register-plus 3.4Devbits Register-plus 3.3Devbits Register-plus 2.7Devbits Register-plus 2.6Devbits Register-plus 1.2Devbits Register-plus 1.1Devbits Register-plus 3.5Devbits Register-plus 3.4.1Devbits Register-plus 3.0Devbits Register-plus 2.9Devbits Register-plus 2.8Devbits Register-plus 2.1Devbits Register-plus 2.0Devbits Register-plus 3.2Devbits Register-plus 3.1Devbits Register-plus 2.5Devbits Register-plus 2.4Devbits Register-plusDevbits Register-plus 3.0.2Devbits Register-plus 3.0.1Devbits Register-plus 2.3Devbits Register-plus 2.2
4.3
CVSSv2
CVE-2010-4402
Multiple cross-site scripting (XSS) vulnerabilities in wp-login.php in the Register Plus plugin 3.5.1 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) firstname, (2) lastname, (3) website, (4) aim, (5) yahoo, (6) jabber, (7)...
Devbits Register-plus 3.4.1Devbits Register-plus 3.4Devbits Register-plus 2.8Devbits Register-plus 2.7Devbits Register-plus 2.0Devbits Register-plus 1.2Devbits Register-plusDevbits Register-plus 3.5Devbits Register-plus 3.0.1Devbits Register-plus 3.0Devbits Register-plus 2.9Devbits Register-plus 2.2Devbits Register-plus 2.1Devbits Register-plus 3.3Devbits Register-plus 3.2Devbits Register-plus 2.6Devbits Register-plus 2.5Devbits Register-plus 1.1Devbits Register-plus 3.1Devbits Register-plus 3.0.2Devbits Register-plus 2.4Devbits Register-plus 2.3
3.5
CVSSv2
CVE-2018-5214
The "Add Link to Facebook" plugin through 2.3 for WordPress has XSS via the al2fb_facebook_id parameter to wp-admin/profile.php....
4.3
CVSSv2
CVE-2018-5286
The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-about page....
4.3
CVSSv2
CVE-2018-5292
The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-information page....
4.3
CVSSv2
CVE-2018-5288
The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-transfer page....
7.5
CVSSv2
CVE-2011-4671
SQL injection vulnerability in adrotate/adrotate-out.php in the AdRotate plugin 3.6.6, and other versions before 3.6.8, for WordPress allows remote attackers to execute arbitrary SQL commands via the track parameter (aka redirect URL)....
Adrotateplugin Adrotate 3.6.3Adrotateplugin Adrotate 3.6.2Adrotateplugin Adrotate 3.3Adrotateplugin Adrotate 3.2.2Adrotateplugin Adrotate 3.0.1Adrotateplugin Adrotate 3.0Adrotateplugin Adrotate 2.4.1Adrotateplugin Adrotate 2.4Adrotateplugin Adrotate 1.0Adrotateplugin Adrotate 0.8Adrotateplugin Adrotate 0.2Adrotateplugin Adrotate 0.1Adrotateplugin AdrotateAdrotateplugin Adrotate 3.6.6Adrotateplugin Adrotate 3.5.1Adrotateplugin Adrotate 3.5Adrotateplugin Adrotate 3.1.1Adrotateplugin Adrotate 3.1Adrotateplugin Adrotate 2.5Adrotateplugin Adrotate 2.4.4Adrotateplugin Adrotate 2.2Adrotateplugin Adrotate 2.1Adrotateplugin Adrotate 0.6Adrotateplugin Adrotate 0.5Adrotateplugin Adrotate 3.6.1Adrotateplugin Adrotate 3.6Adrotateplugin Adrotate 3.2.1Adrotateplugin Adrotate 3.2Adrotateplugin Adrotate 2.6.1Adrotateplugin Adrotate 2.6Adrotateplugin Adrotate 2.5.1Adrotateplugin Adrotate 2.3.1Adrotateplugin Adrotate 2.3Adrotateplugin Adrotate 0.7.1Adrotateplugin Adrotate 0.7Adrotateplugin Adrotate 3.6.5Adrotateplugin Adrotate 3.6.4Adrotateplugin Adrotate 3.4Adrotateplugin Adrotate 3.3.1Adrotateplugin Adrotate 3.0.3Adrotateplugin Adrotate 3.0.2Adrotateplugin Adrotate 2.4.3Adrotateplugin Adrotate 2.4.2Adrotateplugin Adrotate 2.0.1Adrotateplugin Adrotate 2.0Adrotateplugin Adrotate 0.4Adrotateplugin Adrotate 0.3
4.3
CVSSv2
CVE-2018-5293
The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-tools page....
5
CVSSv2
CVE-2018-5290
The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-transfer page....
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-32471CVE-2021-31167CVE-2021-22204command injectionCVE-2021-31204cross-site scriptingCVE-2021-31912encryptionCVE-2021-28465
Vulnerability Notification
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook