Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
am!r vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-5106
Cross-site scripting (XSS) vulnerability in edit-post.php in the Flexible Custom Post Type plugin prior to 0.1.7 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the id parameter.
Fractalia Flexible Custom Post Type 0.1.3
Fractalia Flexible Custom Post Type 0.1
Fractalia Flexible Custom Post Type 0.1.5
Fractalia Flexible Custom Post Type 0.1.4
1 EDB exploit
NA
CVE-2011-5107
Cross-site scripting (XSS) vulnerability in post_alert.php in Alert Before Your Post plugin, possibly 0.1.1 and previous versions, for WordPress allows remote malicious users to inject arbitrary web script or HTML via the name parameter.
Wordpress Alert Before You Post
1 EDB exploit
NA
CVE-2011-5180
Cross-site scripting (XSS) vulnerability in wp-1pluginjquery.php in the ZooEffect plugin 1.01 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the page parameter. NOTE: some of these details are obtained from third party information. NOTE: th...
Zooeffect Zooeffect
1 EDB exploit
NA
CVE-2008-6164
Cross-site scripting (XSS) vulnerability in index.php in DreamCost HostAdmin 3.1.1 allows remote malicious users to inject arbitrary web script or HTML via the page parameter.
Dreamcost Hostadmin 3.1.1
1 EDB exploit
NA
CVE-2012-4686
SQL injection vulnerability in announcement.php in vBulletin 4.1.10 allows remote malicious users to execute arbitrary SQL commands via the announcementid parameter.
Vbulletin Vbulletin 4.1.10
1 EDB exploit
NA
CVE-2009-1620
Multiple cross-site scripting (XSS) vulnerabilities in input.php in MataChat allow remote malicious users to inject arbitrary web script or HTML via the (1) nickname and (2) color parameters.
Mata Matachat
1 EDB exploit
6.1
CVSSv3
CVE-2011-4595
Pretty-Link WordPress plugin 1.5.2 has XSS
Caseproof Pretty Link 1.5.2
1 EDB exploit
NA
CVE-2012-5903
Cross-site scripting (XSS) vulnerability in Simple Machines Forum (SMF) 2.0.2 allows remote malicious users to inject arbitrary web script or HTML via the scheduled parameter to index.php.
Simple Machines Smf 2.0.2
1 EDB exploit
NA
CVE-2012-6043
Cross-site scripting (XSS) vulnerability in downloads.php in PHP-Fusion 7.02.04 allows remote malicious users to inject arbitrary web script or HTML via the cat_id parameter.
Php-fusion Php-fusion 7.02.04
1 EDB exploit
NA
CVE-2011-4926
Cross-site scripting (XSS) vulnerability in adminimize/adminimize_page.php in the Adminimize plugin prior to 1.7.22 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the page parameter.
Bueltge Adminimize
Bueltge Adminimize 0.6.9
Bueltge Adminimize 0.7
Bueltge Adminimize 0.7.1
Bueltge Adminimize 0.7.2
Bueltge Adminimize 0.7.3
Bueltge Adminimize 0.7.5
Bueltge Adminimize 0.7.6
Bueltge Adminimize 0.7.7
Bueltge Adminimize 0.7.8
Bueltge Adminimize 0.7.9
Bueltge Adminimize 0.8
Bueltge Adminimize 0.8.1
Bueltge Adminimize 1.0
Bueltge Adminimize 1.1
Bueltge Adminimize 1.2
Bueltge Adminimize 1.3
Bueltge Adminimize 1.4
Bueltge Adminimize 1.4.1
Bueltge Adminimize 1.4.2
Bueltge Adminimize 1.4.3-6
Bueltge Adminimize 1.4.7
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2024-5274
CVE-2020-17519
CVE-2024-35340
CVE-2021-47558
local
XML injection
CVE-2021-47519
CVE-2021-47543
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »