Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.0.1 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-51700
Unofficial Mobile BankID Integration for WordPress lets users employ Mobile BankID to authenticate themselves on your WordPress site. before 1.0.1, WP-Mobile-BankID-Integration is affected by a vulnerability classified as a Deserialization of Untrusted Data vulnerability, specifi...
Jamieblomerus Unofficial Mobile Bankid Integration
9.8
CVSSv3
CVE-2015-10126
A vulnerability classified as critical was found in Easy2Map Photos Plugin 1.0.1 on WordPress. This vulnerability affects unknown code. The manipulation leads to sql injection. The attack can be initiated remotely. Upgrading to version 1.1.0 is able to address this issue. The pat...
Steven Ellis Easy2map Photos
9.8
CVSSv3
CVE-2014-125091
A vulnerability has been found in codepeople cp-polls Plugin 1.0.1 on WordPress and classified as critical. This vulnerability affects unknown code of the file cp-admin-int-message-list.inc.php. The manipulation of the argument lu leads to sql injection. The attack can be initiat...
Codepeople Polls Cp 1.0.1
9.8
CVSSv3
CVE-2022-37344
Missing Access Control vulnerability in PHP Crafts Accommodation System plugin <= 1.0.1 at WordPress.
Accommodation-system Project Accommodation-system
9.8
CVSSv3
CVE-2022-34839
Authentication Bypass vulnerability in CodexShaper's WP OAuth2 Server plugin <= 1.0.1 at WordPress.
Codexshaper Wp Oauth2 Server
9.8
CVSSv3
CVE-2016-10921
The gallery-photo-gallery plugin prior to 1.0.1 for WordPress has SQL injection.
Ays-pro Photo Gallery
9.8
CVSSv3
CVE-2015-9315
The newstatpress plugin prior to 1.0.1 for WordPress has SQL injection.
Newstatpress Project Newstatpress
8.8
CVSSv3
CVE-2023-3320
The WP Sticky Social plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.1. This is due to missing nonce validation in the ~/admin/views/admin.php file. This makes it possible for unauthenticated malicious users to modify the plu...
Wp Sticky Social Project Wp Sticky Social
1 EDB exploit
8.8
CVSSv3
CVE-2023-28661
The WP Popup Banners WordPress Plugin, version <= 1.2.5, is affected by an authenticated SQL injection vulnerability in the 'value' parameter in the get_popup_data action.
Accesspressthemes Wp Popup Banners 1.2.3
Accesspressthemes Wp Popup Banners 1.2.4
Accesspressthemes Wp Popup Banners 1.2.2
Accesspressthemes Wp Popup Banners 1.2.1
Accesspressthemes Wp Popup Banners 1.2.0
Accesspressthemes Wp Popup Banners 1.1.9
Accesspressthemes Wp Popup Banners 1.1.8
Accesspressthemes Wp Popup Banners 1.1.7
Accesspressthemes Wp Popup Banners 1.1.6
Accesspressthemes Wp Popup Banners 1.1.5
Accesspressthemes Wp Popup Banners 1.1.4
Accesspressthemes Wp Popup Banners 1.1.3
Accesspressthemes Wp Popup Banners 1.1.2
Accesspressthemes Wp Popup Banners 1.1.1
Accesspressthemes Wp Popup Banners 1.1.0
Accesspressthemes Wp Popup Banners 1.0.9
Accesspressthemes Wp Popup Banners 1.0.8
Accesspressthemes Wp Popup Banners 1.0.7
Accesspressthemes Wp Popup Banners 1.0.6
Accesspressthemes Wp Popup Banners 1.0.5
Accesspressthemes Wp Popup Banners 1.0.4
Accesspressthemes Wp Popup Banners 1.0.3
8.8
CVSSv3
CVE-2022-34154
Authenticated (author or higher user role) Arbitrary File Upload vulnerability in ideasToCode Enable SVG, WebP & ICO Upload plugin <= 1.0.1 at WordPress.
Ideastocode Enable Svg, Webp & Ico Upload
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »