Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 3.2 vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2011-3125
Unspecified vulnerability in WordPress 3.1 prior to 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Various security hardening."
Wordpress Wordpress 3.1
Wordpress Wordpress 3.1.1
Wordpress Wordpress 3.1.2
Wordpress Wordpress 3.2
890
VMScore
CVE-2011-3122
Unspecified vulnerability in WordPress 3.1 prior to 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Media security."
Wordpress Wordpress 3.2
Wordpress Wordpress 3.1
Wordpress Wordpress 3.1.1
Wordpress Wordpress 3.1.2
828
VMScore
CVE-2011-3129
The file upload functionality in WordPress 3.1 prior to 3.1.3 and 3.2 before Beta 2, when running "on hosts with dangerous security settings," has unknown impact and attack vectors, possibly related to dangerous filenames.
Wordpress Wordpress 3.1
Wordpress Wordpress 3.1.1
Wordpress Wordpress 3.1.2
Wordpress Wordpress 3.2
760
VMScore
CVE-2011-4671
SQL injection vulnerability in adrotate/adrotate-out.php in the AdRotate plugin 3.6.6, and other versions prior to 3.6.8, for WordPress allows remote malicious users to execute arbitrary SQL commands via the track parameter (aka redirect URL).
Adrotateplugin Adrotate 3.6.3
Adrotateplugin Adrotate 3.6.2
Adrotateplugin Adrotate 3.3
Adrotateplugin Adrotate 3.2.2
Adrotateplugin Adrotate 3.0.1
Adrotateplugin Adrotate 3.0
Adrotateplugin Adrotate 2.4.1
Adrotateplugin Adrotate 2.4
Adrotateplugin Adrotate 1.0
Adrotateplugin Adrotate 0.8
Adrotateplugin Adrotate 0.2
Adrotateplugin Adrotate 0.1
Adrotateplugin Adrotate
Adrotateplugin Adrotate 3.6.6
Adrotateplugin Adrotate 3.5.1
Adrotateplugin Adrotate 3.5
Adrotateplugin Adrotate 3.1.1
Adrotateplugin Adrotate 3.1
Adrotateplugin Adrotate 2.5
Adrotateplugin Adrotate 2.4.4
Adrotateplugin Adrotate 2.2
Adrotateplugin Adrotate 2.1
2 EDB exploits
755
VMScore
CVE-2013-1852
SQL injection vulnerability in leaguemanager.php in the LeagueManager plugin prior to 3.8.1 for WordPress allows remote malicious users to execute arbitrary SQL commands via the league_id parameter in the leaguemanager-export page to wp-admin/admin.php.
Kolja Schleich Leaguemanager
Kolja Schleich Leaguemanager 3.7
Kolja Schleich Leaguemanager 3.6.9
Kolja Schleich Leaguemanager 3.5.2
Kolja Schleich Leaguemanager 3.5.1
Kolja Schleich Leaguemanager 3.5
Kolja Schleich Leaguemanager 3.4.2
Kolja Schleich Leaguemanager 3.1.7
Kolja Schleich Leaguemanager 3.1.6
Kolja Schleich Leaguemanager 3.1.5
Kolja Schleich Leaguemanager 3.1.4
Kolja Schleich Leaguemanager 2.9
Kolja Schleich Leaguemanager 2.8
Kolja Schleich Leaguemanager 2.7.1
Kolja Schleich Leaguemanager 2.1
Kolja Schleich Leaguemanager 2.0
Kolja Schleich Leaguemanager 1.5
Kolja Schleich Leaguemanager 1.4.2
Kolja Schleich Leaguemanager 3.6.7
Kolja Schleich Leaguemanager 3.6.5
Kolja Schleich Leaguemanager 3.6
Kolja Schleich Leaguemanager 3.5.5
1 EDB exploit
1 Github repository
755
VMScore
CVE-2008-0682
SQL injection vulnerability in wordspew-rss.php in the Wordspew plugin prior to 3.72 for Wordpress allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Wordpress Wordspew
Wordpress Wordspew 3.7
Wordpress Wordspew 3.31
Wordpress Wordspew 3.3
Wordpress Wordspew 3.01
Wordpress Wordspew 3.0
Wordpress Wordspew 2.85
Wordpress Wordspew 2.8
Wordpress Wordspew 2.2
Wordpress Wordspew 2.1
Wordpress Wordspew 3.6
Wordpress Wordspew 3.52
Wordpress Wordspew 3.2
Wordpress Wordspew 3.16
Wordpress Wordspew 2.95
Wordpress Wordspew 2.94
Wordpress Wordspew 2.7
Wordpress Wordspew 2.6
Wordpress Wordspew 2.0
Wordpress Wordspew 1.8
Wordpress Wordspew 1.7
Wordpress Wordspew 3.33
1 EDB exploit
685
VMScore
CVE-2014-4717
Multiple cross-site request forgery (CSRF) vulnerabilities in the Simple Share Buttons Adder plugin prior to 4.5 for WordPress allow remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) ssba...
Sharethis Simple Share Buttons Adder 2.2
Sharethis Simple Share Buttons Adder 2.0
Sharethis Simple Share Buttons Adder 1.0
Sharethis Simple Share Buttons Adder 3.2
Sharethis Simple Share Buttons Adder 3.9
Sharethis Simple Share Buttons Adder 3.8
Sharethis Simple Share Buttons Adder 1.5
Sharethis Simple Share Buttons Adder 2.3
Sharethis Simple Share Buttons Adder 1.1
Sharethis Simple Share Buttons Adder 3.1
Sharethis Simple Share Buttons Adder 3.0
Sharethis Simple Share Buttons Adder 2.9
Sharethis Simple Share Buttons Adder 1.3
Sharethis Simple Share Buttons Adder 4.1
Sharethis Simple Share Buttons Adder 4.0
Sharethis Simple Share Buttons Adder 2.4
Sharethis Simple Share Buttons Adder
Sharethis Simple Share Buttons Adder 4.2
Sharethis Simple Share Buttons Adder 3.5
Sharethis Simple Share Buttons Adder 2.8
Sharethis Simple Share Buttons Adder 2.6
Sharethis Simple Share Buttons Adder 1.9
1 EDB exploit
685
VMScore
CVE-2012-1936
The wp_create_nonce function in wp-includes/pluggable.php in WordPress 3.3.1 and previous versions associates a nonce with a user account instead of a user session, which might make it easier for remote malicious users to conduct cross-site request forgery (CSRF) attacks on speci...
Wordpress Wordpress 3.0.5
Wordpress Wordpress 2.8.5.2
Wordpress Wordpress 1.2.3
Wordpress Wordpress 2.0.11
Wordpress Wordpress 1.3.3
Wordpress Wordpress 2.8.6
Wordpress Wordpress 2.0
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.2.3
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.1
Wordpress Wordpress 1.1.1
Wordpress Wordpress 1.2.4
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.8.4
Wordpress Wordpress 2.0.4
Wordpress Wordpress 3.0.2
Wordpress Wordpress 3.2.1
Wordpress Wordpress 3.1.4
Wordpress Wordpress 2.2
Wordpress Wordpress 1.2.1
1 EDB exploit
668
VMScore
CVE-2011-3130
wp-includes/taxonomy.php in WordPress 3.1 prior to 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Taxonomy query hardening," possibly involving SQL injection.
Wordpress Wordpress 3.2
Wordpress Wordpress 3.1.1
Wordpress Wordpress 3.1.2
Wordpress Wordpress 3.1
605
VMScore
CVE-2012-3384
Cross-site request forgery (CSRF) vulnerability in the customizer in WordPress prior to 3.4.1 allows remote malicious users to hijack the authentication of unspecified victims via unknown vectors.
Wordpress Wordpress
Wordpress Wordpress 3.3.3
Wordpress Wordpress 3.3.2
Wordpress Wordpress 3.3
Wordpress Wordpress 3.0.1
Wordpress Wordpress 3.0
Wordpress Wordpress 2.9.2
Wordpress Wordpress 3.1.3
Wordpress Wordpress 3.1.1
Wordpress Wordpress 3.1.2
Wordpress Wordpress 3.0.6
Wordpress Wordpress 2.1.3
Wordpress Wordpress 2.2.3
Wordpress Wordpress 2.3
Wordpress Wordpress 2.0.8
Wordpress Wordpress 2.2.2
Wordpress Wordpress 2.3.2
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.0.10
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.8.5
Wordpress Wordpress 2.8.5.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »