Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 2.0.3 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-5705
Multiple directory traversal vulnerabilities in plugins/wp-db-backup.php in WordPress prior to 2.0.5 allow remote authenticated users to read or overwrite arbitrary files via directory traversal sequences in the (1) backup and (2) fragment parameters in a GET request.
Wordpress Wordpress 2.0.2
Wordpress Wordpress
Wordpress Wordpress 2.0.3
NA
CVE-2006-4743
WordPress 2.0.2 up to and including 2.0.5 allows remote malicious users to obtain sensitive information via a direct request for (1) 404.php, (2) akismet.php, (3) archive.php, (4) archives.php, (5) attachment.php, (6) blogger.php, (7) comments.php, (8) comments-popup.php, (9) dot...
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.0.4
Wordpress Wordpress 2.0.5
Wordpress Wordpress 2.0.3
NA
CVE-2006-4028
Multiple unspecified vulnerabilities in WordPress prior to 2.0.4 have unknown impact and remote attack vectors. NOTE: due to lack of details, it is not clear how these issues are different from CVE-2006-3389 and CVE-2006-3390, although it is likely that 2.0.4 addresses an unspeci...
Wordpress Wordpress 2.0
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.0.3
NA
CVE-2007-0106
Cross-site scripting (XSS) vulnerability in the CSRF protection scheme in WordPress prior to 2.0.6 allows remote malicious users to inject arbitrary web script or HTML via a CSRF attack with an invalid token and quote characters or HTML tags in URL variable names, which are not p...
Wordpress Wordpress 2.0
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.0.4
Wordpress Wordpress 2.0.5
Wordpress Wordpress 2.0.3
NA
CVE-2007-0109
wp-login.php in WordPress 2.0.5 and previous versions displays different error messages if a user exists or not, which allows remote malicious users to obtain sensitive information and facilitates brute force attacks.
Wordpress Wordpress 2.0
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.0.4
Wordpress Wordpress 2.0.5
Wordpress Wordpress 2.0.3
NA
CVE-2006-3389
index.php in WordPress 2.0.3 allows remote malicious users to obtain sensitive information, such as SQL table prefixes, via an invalid paged parameter, which displays the information in an SQL error message. NOTE: this issue has been disputed by a third party who states that the ...
Wordpress Wordpress 2.0.3
NA
CVE-2006-3390
WordPress 2.0.3 allows remote malicious users to obtain the installation path via a direct request to various files, such as those in the (1) wp-admin, (2) wp-content, and (3) wp-includes directories, possibly due to uninitialized variables.
Wordpress Wordpress 2.0.3
NA
CVE-2007-1409
WordPress allows remote malicious users to obtain sensitive information via a direct request for wp-admin/admin-functions.php, which reveals the path in an error message.
Wordpress Wordpress 2.0
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.1
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.0.4
Wordpress Wordpress 2.0.7
Wordpress Wordpress 2.0.5
Wordpress Wordpress 2.0.3
NA
CVE-2007-1894
Cross-site scripting (XSS) vulnerability in wp-includes/general-template.php in WordPress prior to 20070309 allows remote malicious users to inject arbitrary web script or HTML via the year parameter in the wp_title function.
Wordpress Wordpress 2.0
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.1
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.0.4
Wordpress Wordpress 2.0.7
Wordpress Wordpress 2.1.2
Wordpress Wordpress 2.0.5
Wordpress Wordpress 2.0.3
Wordpress Wordpress 2.2 Revision5002
NA
CVE-2007-1622
Cross-site scripting (XSS) vulnerability in wp-admin/vars.php in WordPress prior to 2.0.10 RC2, and prior to 2.1.3 RC2 in the 2.1 series, allows remote authenticated users with theme privileges to inject arbitrary web script or HTML via the PATH_INFO in the administration interfa...
Wordpress Wordpress 2.0
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.1
Wordpress Wordpress 2.0.10 Rc1
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.0.4
Wordpress Wordpress 2.0.7
Wordpress Wordpress 2.1.2
Wordpress Wordpress 2.0.5
Wordpress Wordpress 2.0.3
Wordpress Wordpress 2.1.3 Rc1
Wordpress Wordpress 2.0.10
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »