Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.2 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-9443
The accurate-form-data-real-time-form-validation plugin 1.2 for WordPress has CSRF with resultant XSS via wp-admin/options-general.php?page=Accu_Data_WP.
Wp Accurate Form Data Project Wp Accurate Form Data 1.2
5.8
CVSSv2
CVE-2014-2675
Cross-site request forgery (CSRF) vulnerability in inc/AdminPage.php in the WP HTML Sitemap plugin 1.2 for WordPress allows remote malicious users to hijack the authentication of administrators for requests that delete the sitemap via a request to the wp-html-sitemap page in wp-a...
Wp-html-sitemap Project Wp-html-sitemap 1.2
6.5
CVSSv2
CVE-2014-5186
SQL injection vulnerability in the All Video Gallery (all-video-gallery) plugin 1.2 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter in an edit action in the allvideogallery_videos page to wp-admin/admin.php.
All Video Gallery Plugin Project All-video-gallery 1.2
6.8
CVSSv2
CVE-2013-4240
Multiple cross-site request forgery (CSRF) vulnerabilities in the HMS Testimonials plugin prior to 2.0.11 for WordPress allow remote malicious users to hijack the authentication of administrators for requests that (1) add new testimonials via the hms-testimonials-addnew page, (2)...
Hitmyserver Hms Testimonials 2.0.7
Hitmyserver Hms Testimonials 2.0.6
Hitmyserver Hms Testimonials 2.0.5
Hitmyserver Hms Testimonials 2.0.4
Hitmyserver Hms Testimonials 1.3
Hitmyserver Hms Testimonials 1.2
Hitmyserver Hms Testimonials 1.1
Hitmyserver Hms Testimonials 2.0.9
Hitmyserver Hms Testimonials 2.0.2
Hitmyserver Hms Testimonials 2.0
Hitmyserver Hms Testimonials 1.6
Hitmyserver Hms Testimonials 1.4.1
Hitmyserver Hms Testimonials 1.7.1
Hitmyserver Hms Testimonials 1.7
Hitmyserver Hms Testimonials 1.6.2
Hitmyserver Hms Testimonials 1.6.1
Hitmyserver Hms Testimonials
Hitmyserver Hms Testimonials 2.0.8
Hitmyserver Hms Testimonials 2.0.3
Hitmyserver Hms Testimonials 2.0.1
Hitmyserver Hms Testimonials 1.5
Hitmyserver Hms Testimonials 1.4
1 EDB exploit
4.3
CVSSv2
CVE-2012-2572
Cross-site scripting (XSS) vulnerability in the ThreeWP Email Reflector plugin prior to 1.16 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the Subject of an email.
Mindreantre Threewp Email Reflector 1.12
Mindreantre Threewp Email Reflector 1.11
Mindreantre Threewp Email Reflector 1.4
Mindreantre Threewp Email Reflector 1.3
Mindreantre Threewp Email Reflector 1.10
Mindreantre Threewp Email Reflector 1.9
Mindreantre Threewp Email Reflector 1.2
Mindreantre Threewp Email Reflector 1.1
Mindreantre Threewp Email Reflector
Mindreantre Threewp Email Reflector 1.8
Mindreantre Threewp Email Reflector 1.7
Mindreantre Threewp Email Reflector 1.0
Mindreantre Threewp Email Reflector 1.14
Mindreantre Threewp Email Reflector 1.13
Mindreantre Threewp Email Reflector 1.6
Mindreantre Threewp Email Reflector 1.5
1 EDB exploit
4.3
CVSSv2
CVE-2011-3863
Cross-site scripting (XSS) vulnerability in the RedLine theme prior to 1.66 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the s parameter.
Post-scriptum Redline
Post-scriptum Redline 0.2.1
Post-scriptum Redline 0.2.2
Post-scriptum Redline 0.2.3
Post-scriptum Redline 0.2.5
Post-scriptum Redline 0.2.6
Post-scriptum Redline 0.2.7
Post-scriptum Redline 0.2.7.1
Post-scriptum Redline 0.2.9
Post-scriptum Redline 0.3
Post-scriptum Redline 0.5
Post-scriptum Redline 0.5.5
Post-scriptum Redline 0.7
Post-scriptum Redline 0.7.1
Post-scriptum Redline 0.7.5
Post-scriptum Redline 0.8
Post-scriptum Redline 0.85
Post-scriptum Redline 0.90
Post-scriptum Redline 1.0
Post-scriptum Redline 1.0.1
Post-scriptum Redline 1.0.3
Post-scriptum Redline 1.1
1 EDB exploit
4.3
CVSSv2
CVE-2013-2501
Cross-site scripting (XSS) vulnerability in the Terillion Reviews plugin prior to 1.2 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the ProfileId field.
Terillion Terillion Reviews Plugin
1 EDB exploit
7.5
CVSSv2
CVE-2011-4803
SQL injection vulnerability in wptouch/ajax.php in the WPTouch plugin for WordPress allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Bravenewcode Wptouch 1.5
Bravenewcode Wptouch 1.7.5
Bravenewcode Wptouch 1.9.25
Bravenewcode Wptouch 1.9.22
Bravenewcode Wptouch 1.9.16
Bravenewcode Wptouch 1.9.8.1
Bravenewcode Wptouch 1.9.7.7
Bravenewcode Wptouch 1.9
Bravenewcode Wptouch 1.1
Bravenewcode Wptouch 1.9.13
Bravenewcode Wptouch 1.9.11
Bravenewcode Wptouch 1.9.9.5
Bravenewcode Wptouch 1.9.19.4
Bravenewcode Wptouch 1.3.5
Bravenewcode Wptouch 1.4
Bravenewcode Wptouch 1.9.17
Bravenewcode Wptouch 1.9.21.1
Bravenewcode Wptouch 1.9.9.2
Bravenewcode Wptouch 1.9.9.1
Bravenewcode Wptouch 1.9.9
Bravenewcode Wptouch 1.9.8.3
Bravenewcode Wptouch 1.9.19.3
1 EDB exploit
4.3
CVSSv2
CVE-2012-6622
Multiple cross-site scripting (XSS) vulnerabilities in fs-admin/fs-admin.php in the ForumPress WP Forum Server plugin prior to 1.7.4 for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) groupid parameter in an editgroup action or (2) userg...
Vasthtml Forumpress 1.0
Vasthtml Forumpress 1.1
Vasthtml Forumpress 1.6
Vasthtml Forumpress 1.6.2
Vasthtml Forumpress 1.6.3
Vasthtml Forumpress 1.7
Vasthtml Forumpress 1.7.1
Vasthtml Forumpress 1.4
Vasthtml Forumpress 1.5
Vasthtml Forumpress 1.6.6
Vasthtml Forumpress 1.6.7
Vasthtml Forumpress
Vasthtml Forumpress 1.2
Vasthtml Forumpress 1.3
Vasthtml Forumpress 1.6.4
Vasthtml Forumpress 1.6.5
Vasthtml Forumpress 1.7.2
Vasthtml Forumpress 1.7.3
Vasthtml Forumpress 1.5.1
Vasthtml Forumpress 1.5.2
Vasthtml Forumpress 1.6.8
Vasthtml Forumpress 1.6.9
1 EDB exploit
7.5
CVSSv2
CVE-2013-1852
SQL injection vulnerability in leaguemanager.php in the LeagueManager plugin prior to 3.8.1 for WordPress allows remote malicious users to execute arbitrary SQL commands via the league_id parameter in the leaguemanager-export page to wp-admin/admin.php.
Kolja Schleich Leaguemanager
Kolja Schleich Leaguemanager 3.7
Kolja Schleich Leaguemanager 3.6.9
Kolja Schleich Leaguemanager 3.5.2
Kolja Schleich Leaguemanager 3.5.1
Kolja Schleich Leaguemanager 3.5
Kolja Schleich Leaguemanager 3.4.2
Kolja Schleich Leaguemanager 3.1.7
Kolja Schleich Leaguemanager 3.1.6
Kolja Schleich Leaguemanager 3.1.5
Kolja Schleich Leaguemanager 3.1.4
Kolja Schleich Leaguemanager 2.9
Kolja Schleich Leaguemanager 2.8
Kolja Schleich Leaguemanager 2.7.1
Kolja Schleich Leaguemanager 2.1
Kolja Schleich Leaguemanager 2.0
Kolja Schleich Leaguemanager 1.5
Kolja Schleich Leaguemanager 1.4.2
Kolja Schleich Leaguemanager 3.6.7
Kolja Schleich Leaguemanager 3.6.5
Kolja Schleich Leaguemanager 3.6
Kolja Schleich Leaguemanager 3.5.5
1 EDB exploit
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »