Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2015-4614
Multiple SQL injection vulnerabilities in includes/Function.php in the Easy2Map plugin prior to 1.2.5 for WordPress allow remote malicious users to execute arbitrary SQL commands via the mapName parameter in an e2m_img_save_map_name action to wp-admin/admin-ajax.php and other uns...
Easy2map Project Easy2map
1 EDB exploit
755
VMScore
CVE-2014-9735
The ThemePunch Slider Revolution (revslider) plugin prior to 3.0.96 for WordPress and Showbiz Pro plugin 1.7.1 and previous versions for Wordpress does not properly restrict access to administrator AJAX functionality, which allows remote malicious users to (1) upload and execute ...
Themepunch Showbiz Pro
Themepunch Slider Revolution
1 EDB exploit
755
VMScore
CVE-2015-4133
Unrestricted file upload vulnerability in admin/scripts/FileUploader/php.php in the ReFlex Gallery plugin prior to 3.1.4 for WordPress allows remote malicious users to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to t...
Reflex Gallery Project Reflex Gallery
1 EDB exploit
755
VMScore
CVE-2015-3325
SQL injection vulnerability in forum.php in the WP Symposium plugin prior to 15.4 for WordPress allows remote malicious users to execute arbitrary SQL commands via the show parameter in the QUERY_STRING to the default URI.
Wpsymposium Wp Symposium
1 EDB exploit
755
VMScore
CVE-2015-2825
Unrestricted file upload vulnerability in sam-ajax-admin.php in the Simple Ads Manager plugin prior to 2.5.96 for WordPress allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file...
Simple Ads Manager Project Simple Ads Manager
1 EDB exploit
755
VMScore
CVE-2015-2824
Multiple SQL injection vulnerabilities in the Simple Ads Manager plugin prior to 2.7.97 for WordPress allow remote malicious users to execute arbitrary SQL commands via a (1) hits[][] parameter in a sam_hits action to sam-ajax.php; the (2) cstr parameter in a load_posts action to...
Simple Ads Manager Project Simple Ads Manager 2.5.94
Simple Ads Manager Project Simple Ads Manager 2.5.96
1 EDB exploit
755
VMScore
CVE-2015-2314
SQL injection vulnerability in the WPML plugin prior to 3.1.9 for WordPress allows remote malicious users to execute arbitrary SQL commands via the lang parameter in the HTTP Referer header in a wp-link-ajax action to comments/feed.
Wpml Wpml
1 EDB exploit
755
VMScore
CVE-2015-2216
SQL injection vulnerability in ecomm-sizes.php in the Photocrati theme 4.x for WordPress allows remote malicious users to execute arbitrary SQL commands via the prod_id parameter.
Photocati Media Photocrati
1 EDB exploit
755
VMScore
CVE-2015-2196
SQL injection vulnerability in Spider Event Calendar 1.4.9 for WordPress allows remote malicious users to execute arbitrary SQL commands via the cat_id parameter in a spiderbigcalendar_month action to wp-admin/admin-ajax.php.
Web-dorado Spider Calendar 1.4.9
1 EDB exploit
755
VMScore
CVE-2015-2090
SQL injection vulnerability in the ajax_survey function in settings.php in the WordPress Survey and Poll plugin 1.1.7 for Wordpress allows remote malicious users to execute arbitrary SQL commands via the survey_id parameter in an ajax_survey action to wp-admin/admin-ajax.php.
Sympies Wordpress Survey And Poll 1.1.7
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »