Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 2.1.1 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2024-3895
The WP Datepicker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpdp_add_new_datepicker_ajax() function in all versions up to, and including, 2.1.0. This makes it possible for authenticated attackers, with subscri...
NA
CVE-2024-2172
The Malware Scanner plugin and the Web Application Firewall plugin for WordPress (both by MiniOrange) are vulnerable to privilege escalation due to a missing capability check on the mo_wpns_init() function in all versions up to, and including, 4.7.2 (for Malware Scanner) and 2.1....
9.8
CVSSv3
CVE-2022-40700
Server-Side Request Forgery (SSRF) vulnerability in Montonio Montonio for WooCommerce, Wpopal Wpopal Core Features, AMO for WP – Membership Management ArcStone wp-amo, Long Watch Studio WooVirtualWallet – A virtual wallet for WooCommerce, Long Watch Studio WooVIP &nda...
Millionclues Admin Css Mu
Deano Amp Toolbox
Unihost Confirm Data
Agence-press Css Adder
Millionclues Custom Login Admin Front-end Css
Montonio Montonio For Woocommerce
Frumph Phpfreechat
Designmodo Qards
Paulclark Styles
Squidesma Theme Minifier
Longwatchstudio Woosupply
Longwatchstudio Woovip
Longwatchstudio Woovirtualwallet
Arcstone Amo For Wp - Membership Management
Wpopal Wpopal Core Features
4.8
CVSSv3
CVE-2023-4271
The Photospace Responsive plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘psres_button_size’ parameter in versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticat...
Deanoakley Photospace Responsive Gallery
5.4
CVSSv3
CVE-2023-4783
The Magee Shortcodes WordPress plugin up to and including 2.1.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cro...
Hoosoft Magee Shortcodes
4.3
CVSSv3
CVE-2023-5134
The Easy Registration Forms for WordPress is vulnerable to Information Disclosure via the 'erforms_user_meta' shortcode in versions up to, and including, 2.1.1 due to insufficient controls on the information retrievable via the shortcode. This makes it possible for auth...
Easyregistrationforms Easy Registration Forms
4.3
CVSSv3
CVE-2021-4391
The Ultimate Gift Cards for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1.1. This is due to missing or incorrect nonce validation on the mwb_wgm_save_post() function. This makes it possible for unauthenticated m...
Wpswings Ultimate Gift Cards For Woocommerce
6.5
CVSSv3
CVE-2020-36697
The WP GDPR plugin for WordPress is vulnerable to authorization bypass due to a missing capability check in versions up to, and including, 2.1.1. This makes it possible for unauthenticated malicious users to delete any comment and modify the plugin’s settings.
Appsaloon Wp Gdpr
5.3
CVSSv3
CVE-2020-36712
The Kali Forms plugin for WordPress is vulnerable to Unauthenticated Arbitrary Post Deletion in versions up to, and including, 2.1.1. This is due to the kaliforms_form_delete_uploaded_file function lacking any privilege or user protections. This makes it possible for unauthentica...
Kaliforms Kali Forms
7.1
CVSSv3
CVE-2020-36720
The Kali Forms plugin for WordPress is vulnerable to Authenticated Options Change in versions up to, and including, 2.1.1. This is due to the update_option lacking proper authentication checks. This makes it possible for any authenticated malicious user to change (or delete) the ...
Kaliforms Kali Forms
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »