Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.4 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2012-3577
Unrestricted file upload vulnerability in doupload.php in the Nmedia Member Conversation plugin prior to 1.4 for WordPress allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file ...
Nmedia Member Conversation
Nmedia Member Conversation 1.2
Nmedia Member Conversation 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2011-4803
SQL injection vulnerability in wptouch/ajax.php in the WPTouch plugin for WordPress allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Bravenewcode Wptouch 1.5
Bravenewcode Wptouch 1.7.5
Bravenewcode Wptouch 1.9.25
Bravenewcode Wptouch 1.9.22
Bravenewcode Wptouch 1.9.16
Bravenewcode Wptouch 1.9.8.1
Bravenewcode Wptouch 1.9.7.7
Bravenewcode Wptouch 1.9
Bravenewcode Wptouch 1.1
Bravenewcode Wptouch 1.9.13
Bravenewcode Wptouch 1.9.11
Bravenewcode Wptouch 1.9.9.5
Bravenewcode Wptouch 1.9.19.4
Bravenewcode Wptouch 1.3.5
Bravenewcode Wptouch 1.4
Bravenewcode Wptouch 1.9.17
Bravenewcode Wptouch 1.9.21.1
Bravenewcode Wptouch 1.9.9.2
Bravenewcode Wptouch 1.9.9.1
Bravenewcode Wptouch 1.9.9
Bravenewcode Wptouch 1.9.8.3
Bravenewcode Wptouch 1.9.19.3
1 EDB exploit
7.5
CVSSv2
CVE-2009-2144
SQL injection vulnerability in the FireStats plugin prior to 1.6.2-stable for WordPress allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Edgewall Firestats 0.9.0-beta
Edgewall Firestats 0.9.2-beta
Edgewall Firestats 0.9.4-beta
Edgewall Firestats 0.9.3-beta
Edgewall Firestats 1.1.3
Edgewall Firestats 1.1.4
Edgewall Firestats 1.1.5
Edgewall Firestats 1.1.6
Edgewall Firestats 1.3.0-beta
Edgewall Firestats 1.4.4
Edgewall Firestats 1.4.3
Edgewall Firestats 1.4
Edgewall Firestats 1.5.12
Edgewall Firestats 1.5
Edgewall Firestats 1.6.0-beta1
Edgewall Firestats 1.6.0-beta2
Edgewall Firestats 1.6
Firestats Firestats 1.6.0
Edgewall Firestats 0.9.1-beta
Edgewall Firestats 0.9.5-beta
Edgewall Firestats 0.9.7-beta
Edgewall Firestats 0.9.9
7.5
CVSSv2
CVE-2009-2143
PHP remote file inclusion vulnerability in firestats-wordpress.php in the FireStats plugin prior to 1.6.2-stable for WordPress allows remote malicious users to execute arbitrary PHP code via a URL in the fs_javascript parameter.
Firestats Firestats 1.6.0
Firestats Firestats 1.6.0-beta1
Firestats Firestats 0.9.0-beta
Firestats Firestats 0.9.1-beta
Firestats Firestats 0.9.8-beta
Firestats Firestats 0.9.9
Firestats Firestats 1.1.3
Firestats Firestats 1.2.1
Firestats Firestats 1.2.2
Firestats Firestats 1.6.0-beta2
Firestats Firestats 0.9.2-beta
Firestats Firestats 1.3.4
Firestats Firestats 1.3.5
Firestats Firestats 1.3.6
Firestats Firestats 1.5
Firestats Firestats 1.5.0-beta
Firestats Firestats 1.5.5
Firestats Firestats 1.5.7
Firestats Firestats 0.9.6-beta
Firestats Firestats 0.9.7-beta
Firestats Firestats 1.1.1
Firestats Firestats 1.1.2
7.5
CVSSv2
CVE-2008-4732
SQL injection vulnerability in ajax_comments.php in the WP Comment Remix plugin prior to 1.4.4 for WordPress allows remote malicious users to execute arbitrary SQL commands via the p parameter.
Pressography Wp Comment Remix Plugin
Pressography Wp Comment Remix Plugin 1.4
1 EDB exploit
7.5
CVSSv2
CVE-2008-4734
Cross-site request forgery (CSRF) vulnerability in the wpcr_do_options_page function in WP Comment Remix plugin prior to 1.4.4 for WordPress allows remote malicious users to perform unauthorized actions as administrators via a request that sets the wpcr_hidden_form_input paramete...
Pressography Wp Comment Remix Plugin
Pressography Wp Comment Remix Plugin 1.4
7.5
CVSSv2
CVE-2008-2146
wp-includes/vars.php in Wordpress prior to 2.2.3 does not properly extract the current path from the PATH_INFO ($PHP_SELF), which allows remote malicious users to bypass intended access restrictions for certain pages.
Wordpress Wordpress 0.6.2
Wordpress Wordpress 0.6.2.1
Wordpress Wordpress 1.2
Wordpress Wordpress 1.2.1
Wordpress Wordpress 1.5.1.1
Wordpress Wordpress 1.5.1.2
Wordpress Wordpress 2.0.10 Rc2
Wordpress Wordpress 2.0.11
Wordpress Wordpress 2.0.8
Wordpress Wordpress 2.0.9
Wordpress Wordpress 2.2
Wordpress Wordpress 2.2.0
Wordpress Wordpress 1.0.1
Wordpress Wordpress 1.0.2
Wordpress Wordpress 1.5-strayhorn
Wordpress Wordpress 1.5.1
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.0.10
Wordpress Wordpress 2.0.10 Rc1
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.7
Wordpress Wordpress 2.1.3 Rc1
7.5
CVSSv2
CVE-2008-0520
Multiple SQL injection vulnerabilities in main.php in the WassUp plugin 1.4 up to and including 1.4.3 for WordPress allow remote malicious users to execute arbitrary SQL commands via the (1) from_date or (2) to_date parameter to spy.php.
Wordpress Wassup Plugin 1.4
Wordpress Wassup Plugin
1 EDB exploit
6.8
CVSSv2
CVE-2013-2109
WordPress plugin wp-cleanfix has Remote Code Execution
Undolog Wp Cleanfix 1.4
6.8
CVSSv2
CVE-2014-9341
Multiple cross-site request forgery (CSRF) vulnerabilities in the yURL ReTwitt plugin 1.4 and previous versions for WordPress allow remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) yurl_...
Yurl Retwitt Project Yurl Retwitt 1.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2024-5274
CVE-2020-17519
CVE-2024-35340
CVE-2021-47558
local
XML injection
CVE-2021-47519
CVE-2021-47543
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »