Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 3.8.2 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2014-6242
Multiple SQL injection vulnerabilities in the All In One WP Security & Firewall plugin prior to 3.8.3 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) orderby or (2) order parameter in the aiowpsec page to wp-admin/admin.php. NOTE: ...
Tips And Tricks Hq All In One Wordpress Security And Firewall
1 EDB exploit
5
CVSSv2
CVE-2020-20625
Sliced Invoices plugin for WordPress 3.8.2 and previous versions allows unauthenticated information disclosure and authenticated SQL injection via core/class-sliced.php.
Slicedinvoices Sliced Invoices 3.8.2
NA
CVE-2015-0166
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none
NA
CVE-2014-62421
WordPress All In One WP Security plugin version 3.8.2 suffers from multiple remote SQL injection vulnerabilities.
4.3
CVSSv2
CVE-2011-5104
Cross-site scripting (XSS) vulnerability in wpsc-admin/display-sales-logs.php in WP e-Commerce plugin 3.8.7.1 and possibly earlier for WordPress allows remote malicious users to inject arbitrary web script or HTML via the custom_text parameter. NOTE: some of these details are obt...
Getshopped Wp E-commerce 3.8.6
Getshopped Wp E-commerce 3.8.5
Getshopped Wp E-commerce 3.8
Getshopped Wp E-commerce 3.7.8.1
Getshopped Wp E-commerce 3.7.8
Getshopped Wp E-commerce 3.7.7
Getshopped Wp E-commerce 3.7.6.2
Getshopped Wp E-commerce 3.7.6.1
Getshopped Wp E-commerce 3.7
Getshopped Wp E-commerce 3.7.5.3
Getshopped Wp E-commerce 3.7.5
Getshopped Wp E-commerce 3.6.13
Getshopped Wp E-commerce 3.6.12
Getshopped Wp E-commerce 3.8.4
Getshopped Wp E-commerce 3.8.3
Getshopped Wp E-commerce 3.7.6.9
Getshopped Wp E-commerce 3.7.6.7
Getshopped Wp E-commerce 3.7.6
Getshopped Wp E-commerce 3.7.5.2
Getshopped Wp E-commerce 3.7.5.1
Getshopped Wp E-commerce 3.7.4
Getshopped Wp E-commerce 3.6.11
6.5
CVSSv2
CVE-2021-24772
The Stream WordPress plugin prior to 3.8.2 does not sanitise and validate the order GET parameter from the Stream Records admin dashboard before using it in a SQL statement, leading to an SQL injection issue.
Xwp Stream
7.5
CVSSv2
CVE-2012-5310
SQL injection vulnerability in the WP e-Commerce plugin prior to 3.8.7.6 for WordPress allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Getshopped Wp E-commerce 3.8.7.3
Getshopped Wp E-commerce 3.8.7.2
Getshopped Wp E-commerce 3.8.4
Getshopped Wp E-commerce 3.8.7.1
Getshopped Wp E-commerce 3.8.1
Getshopped Wp E-commerce 3.8.2
Getshopped Wp E-commerce 3.7.6.4
Getshopped Wp E-commerce 3.7.6.3
Getshopped Wp E-commerce 3.7
Getshopped Wp E-commerce 3.7.2
Getshopped Wp E-commerce 3.7.6
Getshopped Wp E-commerce 3.7.5
Getshopped Wp E-commerce 3.6.5
Getshopped Wp E-commerce 3.6.8
Getshopped Wp E-commerce
Getshopped Wp E-commerce 3.8
Getshopped Wp E-commerce 3.8.6.1
Getshopped Wp E-commerce 3.8.7
Getshopped Wp E-commerce 3.7.8.2
Getshopped Wp E-commerce 3.7.6.2
Getshopped Wp E-commerce 3.7.6.1
Getshopped Wp E-commerce 3.7.1
NA
CVE-2023-4282
The EmbedPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'admin_post_remove' and 'remove_private_data' functions in versions up to, and including, 3.8.2. This makes it possible for authenticated at...
Wpdeveloper Embedpress
NA
CVE-2023-4283
The EmbedPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'embedpress_calendar' shortcode in versions up to, and including, 3.8.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possibl...
Wpdeveloper Embedpress
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2