Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.2 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2015-9443
The accurate-form-data-real-time-form-validation plugin 1.2 for WordPress has CSRF with resultant XSS via wp-admin/options-general.php?page=Accu_Data_WP.
Wp Accurate Form Data Project Wp Accurate Form Data 1.2
6.5
CVSSv3
CVE-2014-2675
Cross-site request forgery (CSRF) vulnerability in inc/AdminPage.php in the WP HTML Sitemap plugin 1.2 for WordPress allows remote malicious users to hijack the authentication of administrators for requests that delete the sitemap via a request to the wp-html-sitemap page in wp-a...
Wp-html-sitemap Project Wp-html-sitemap 1.2
NA
CVE-2014-5186
SQL injection vulnerability in the All Video Gallery (all-video-gallery) plugin 1.2 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter in an edit action in the allvideogallery_videos page to wp-admin/admin.php.
All Video Gallery Plugin Project All-video-gallery 1.2
NA
CVE-2013-4240
Multiple cross-site request forgery (CSRF) vulnerabilities in the HMS Testimonials plugin prior to 2.0.11 for WordPress allow remote malicious users to hijack the authentication of administrators for requests that (1) add new testimonials via the hms-testimonials-addnew page, (2)...
Hitmyserver Hms Testimonials 2.0.7
Hitmyserver Hms Testimonials 2.0.6
Hitmyserver Hms Testimonials 2.0.5
Hitmyserver Hms Testimonials 2.0.4
Hitmyserver Hms Testimonials 1.3
Hitmyserver Hms Testimonials 1.2
Hitmyserver Hms Testimonials 1.1
Hitmyserver Hms Testimonials 2.0.9
Hitmyserver Hms Testimonials 2.0.2
Hitmyserver Hms Testimonials 2.0
Hitmyserver Hms Testimonials 1.6
Hitmyserver Hms Testimonials 1.4.1
Hitmyserver Hms Testimonials 1.7.1
Hitmyserver Hms Testimonials 1.7
Hitmyserver Hms Testimonials 1.6.2
Hitmyserver Hms Testimonials 1.6.1
Hitmyserver Hms Testimonials
Hitmyserver Hms Testimonials 2.0.8
Hitmyserver Hms Testimonials 2.0.3
Hitmyserver Hms Testimonials 2.0.1
Hitmyserver Hms Testimonials 1.5
Hitmyserver Hms Testimonials 1.4
1 EDB exploit
NA
CVE-2012-2572
Cross-site scripting (XSS) vulnerability in the ThreeWP Email Reflector plugin prior to 1.16 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the Subject of an email.
Mindreantre Threewp Email Reflector 1.12
Mindreantre Threewp Email Reflector 1.11
Mindreantre Threewp Email Reflector 1.4
Mindreantre Threewp Email Reflector 1.3
Mindreantre Threewp Email Reflector 1.10
Mindreantre Threewp Email Reflector 1.9
Mindreantre Threewp Email Reflector 1.2
Mindreantre Threewp Email Reflector 1.1
Mindreantre Threewp Email Reflector
Mindreantre Threewp Email Reflector 1.8
Mindreantre Threewp Email Reflector 1.7
Mindreantre Threewp Email Reflector 1.0
Mindreantre Threewp Email Reflector 1.14
Mindreantre Threewp Email Reflector 1.13
Mindreantre Threewp Email Reflector 1.6
Mindreantre Threewp Email Reflector 1.5
1 EDB exploit
NA
CVE-2011-3863
Cross-site scripting (XSS) vulnerability in the RedLine theme prior to 1.66 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the s parameter.
Post-scriptum Redline
Post-scriptum Redline 0.2.1
Post-scriptum Redline 0.2.2
Post-scriptum Redline 0.2.3
Post-scriptum Redline 0.2.5
Post-scriptum Redline 0.2.6
Post-scriptum Redline 0.2.7
Post-scriptum Redline 0.2.7.1
Post-scriptum Redline 0.2.9
Post-scriptum Redline 0.3
Post-scriptum Redline 0.5
Post-scriptum Redline 0.5.5
Post-scriptum Redline 0.7
Post-scriptum Redline 0.7.1
Post-scriptum Redline 0.7.5
Post-scriptum Redline 0.8
Post-scriptum Redline 0.85
Post-scriptum Redline 0.90
Post-scriptum Redline 1.0
Post-scriptum Redline 1.0.1
Post-scriptum Redline 1.0.3
Post-scriptum Redline 1.1
1 EDB exploit
NA
CVE-2013-2501
Cross-site scripting (XSS) vulnerability in the Terillion Reviews plugin prior to 1.2 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the ProfileId field.
Terillion Terillion Reviews Plugin
1 EDB exploit
NA
CVE-2011-4803
SQL injection vulnerability in wptouch/ajax.php in the WPTouch plugin for WordPress allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Bravenewcode Wptouch 1.5
Bravenewcode Wptouch 1.7.5
Bravenewcode Wptouch 1.9.25
Bravenewcode Wptouch 1.9.22
Bravenewcode Wptouch 1.9.16
Bravenewcode Wptouch 1.9.8.1
Bravenewcode Wptouch 1.9.7.7
Bravenewcode Wptouch 1.9
Bravenewcode Wptouch 1.1
Bravenewcode Wptouch 1.9.13
Bravenewcode Wptouch 1.9.11
Bravenewcode Wptouch 1.9.9.5
Bravenewcode Wptouch 1.9.19.4
Bravenewcode Wptouch 1.3.5
Bravenewcode Wptouch 1.4
Bravenewcode Wptouch 1.9.17
Bravenewcode Wptouch 1.9.21.1
Bravenewcode Wptouch 1.9.9.2
Bravenewcode Wptouch 1.9.9.1
Bravenewcode Wptouch 1.9.9
Bravenewcode Wptouch 1.9.8.3
Bravenewcode Wptouch 1.9.19.3
1 EDB exploit
NA
CVE-2012-6622
Multiple cross-site scripting (XSS) vulnerabilities in fs-admin/fs-admin.php in the ForumPress WP Forum Server plugin prior to 1.7.4 for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) groupid parameter in an editgroup action or (2) userg...
Vasthtml Forumpress 1.0
Vasthtml Forumpress 1.1
Vasthtml Forumpress 1.6
Vasthtml Forumpress 1.6.2
Vasthtml Forumpress 1.6.3
Vasthtml Forumpress 1.7
Vasthtml Forumpress 1.7.1
Vasthtml Forumpress 1.4
Vasthtml Forumpress 1.5
Vasthtml Forumpress 1.6.6
Vasthtml Forumpress 1.6.7
Vasthtml Forumpress
Vasthtml Forumpress 1.2
Vasthtml Forumpress 1.3
Vasthtml Forumpress 1.6.4
Vasthtml Forumpress 1.6.5
Vasthtml Forumpress 1.7.2
Vasthtml Forumpress 1.7.3
Vasthtml Forumpress 1.5.1
Vasthtml Forumpress 1.5.2
Vasthtml Forumpress 1.6.8
Vasthtml Forumpress 1.6.9
1 EDB exploit
NA
CVE-2013-1852
SQL injection vulnerability in leaguemanager.php in the LeagueManager plugin prior to 3.8.1 for WordPress allows remote malicious users to execute arbitrary SQL commands via the league_id parameter in the leaguemanager-export page to wp-admin/admin.php.
Kolja Schleich Leaguemanager
Kolja Schleich Leaguemanager 3.7
Kolja Schleich Leaguemanager 3.6.9
Kolja Schleich Leaguemanager 3.5.2
Kolja Schleich Leaguemanager 3.5.1
Kolja Schleich Leaguemanager 3.5
Kolja Schleich Leaguemanager 3.4.2
Kolja Schleich Leaguemanager 3.1.7
Kolja Schleich Leaguemanager 3.1.6
Kolja Schleich Leaguemanager 3.1.5
Kolja Schleich Leaguemanager 3.1.4
Kolja Schleich Leaguemanager 2.9
Kolja Schleich Leaguemanager 2.8
Kolja Schleich Leaguemanager 2.7.1
Kolja Schleich Leaguemanager 2.1
Kolja Schleich Leaguemanager 2.0
Kolja Schleich Leaguemanager 1.5
Kolja Schleich Leaguemanager 1.4.2
Kolja Schleich Leaguemanager 3.6.7
Kolja Schleich Leaguemanager 3.6.5
Kolja Schleich Leaguemanager 3.6
Kolja Schleich Leaguemanager 3.5.5
1 EDB exploit
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »