Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 3.0 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-11530
A blind SQL injection vulnerability is present in Chop Slider 3, a WordPress plugin. The vulnerability is introduced in the id GET parameter supplied to get_script/index.php, and allows an malicious user to execute arbitrary SQL queries in the context of the WP database user.
Idangero Chop Slider 3.0
9.8
CVSSv3
CVE-2014-10384
The memphis-documents-library plugin prior to 3.0 for WordPress has Local File Inclusion.
Memphis Documents Library Project Memphis Documents Library
9.8
CVSSv3
CVE-2014-10383
The memphis-documents-library plugin prior to 3.0 for WordPress has Remote File Inclusion.
Memphis Documents Library Project Memphis Documents Library
9.8
CVSSv3
CVE-2017-1002002
Vulnerability in wordpress plugin webapp-builder v2.0, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com/
Webapp-builder Project Webapp-builder 2.0
1 EDB exploit
9.8
CVSSv3
CVE-2017-1002003
Vulnerability in wordpress plugin wp2android-turn-wp-site-into-android-app v1.1.4, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com.
Wp2android-turn-wp-site-into-android-app Project Wp2android-turn-wp-site-into-android-app 1.1.4
1 EDB exploit
9.8
CVSSv3
CVE-2017-1002000
Vulnerability in wordpress plugin mobile-friendly-app-builder-by-easytouch v3.0, The code in file ./mobile-friendly-app-builder-by-easytouch/server/images.php doesn't require authentication or check that the user is allowed to upload content.
Mobile-friendly-app-builder-by-easytouch Project Mobile-friendly-app-builder-by-easytouch 3.0
1 EDB exploit
9 Github repositories
9.8
CVSSv3
CVE-2017-1002001
Vulnerability in wordpress plugin mobile-app-builder-by-wappress v1.05, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com.
Mobile-app-builder-by-wappress Project Mobile-app-builder-by-wappress 1.05
1 EDB exploit
9.8
CVSSv3
CVE-2015-4455
Unrestricted file upload vulnerability in includes/upload.php in the Aviary Image Editor Add-on For Gravity Forms plugin 3.0 beta for WordPress allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct...
Aviary Image Editor Add-on For Gravity Forms Project Aviary Image Editor Add-on For Gravity Forms
1 EDB exploit
8.8
CVSSv3
CVE-2021-24890
The Scripts Organizer WordPress plugin prior to 3.0 does not have capability and CSRF checks in the saveScript AJAX action, available to both unauthenticated and authenticated users, and does not validate user input in any way, which could allow unauthenticated users to put arbit...
Dplugins Scripts Organizer
8.8
CVSSv3
CVE-2018-16966
There is a CSRF vulnerability in the mndpsingh287 File Manager plugin 3.0 for WordPress via the page=wp_file_manager_root public_path parameter.
Webdesi9 File Manager 3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »