Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 2.0.4 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2022-23981
The vulnerability allows Subscriber+ level users to create brands in WordPress Perfect Brands for WooCommerce plugin (versions <= 2.0.4).
Quadlayers Perfect Brands For Woocommerce
7.5
CVSSv3
CVE-2022-23982
The vulnerability discovered in WordPress Perfect Brands for WooCommerce plugin (versions <= 2.0.4) allows server information exposure.
Quadlayers Perfect Brands For Woocommerce
5.4
CVSSv3
CVE-2022-0148
The All-in-one Floating Contact Form, Call, Chat, and 50+ Social Icon Tabs WordPress plugin prior to 2.0.4 was vulnerable to reflected XSS on the my-sticky-elements-leads admin page.
Premio Mystickyelements
5.4
CVSSv3
CVE-2021-24883
The Popup Anything WordPress plugin prior to 2.0.4 does not escape the Link Text and Button Text fields of Popup, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks
Essentialplugin Popup Anything
5.4
CVSSv3
CVE-2021-24478
The Bookshelf WordPress plugin up to and including 2.0.4 does not sanitise or escape its "Paypal email address" setting before outputting it in the page, leading to an authenticated Stored Cross-Site Scripting issue
Bookshelf Project Bookshelf
4.8
CVSSv3
CVE-2021-24482
The Related Posts for WordPress plugin up to and including 2.0.4 does not sanitise its heading_text and CSS settings, allowing high privilege users (admin) to set XSS payloads in them, leading to Stored Cross-Site Scripting issues.
Never5 Related Posts
4.3
CVSSv3
CVE-2021-24355
In the Simple 301 Redirects by BetterLinks WordPress plugin prior to 2.0.4, the lack of capability checks and insufficient nonce check on the AJAX actions, simple301redirects/admin/get_wildcard and simple301redirects/admin/wildcard, made it possible for authenticated users to ret...
Wpdeveloper Simple 301 Redirects
8.8
CVSSv3
CVE-2021-24354
A lack of capability checks and insufficient nonce check on the AJAX action in the Simple 301 Redirects by BetterLinks WordPress plugin prior to 2.0.4, made it possible for authenticated users to install arbitrary plugins on vulnerable sites.
Wpdeveloper Simple 301 Redirects
8.8
CVSSv3
CVE-2021-24352
The export_data function of the Simple 301 Redirects by BetterLinks WordPress plugin prior to 2.0.4 had no capability or nonce checks making it possible for unauthenticated users to export a site's redirects.
Wpdeveloper Simple 301 Redirects
8.8
CVSSv3
CVE-2021-24353
The import_data function of the Simple 301 Redirects by BetterLinks WordPress plugin prior to 2.0.4 had no capability or nonce checks making it possible for unauthenticated users to import a set of site redirects.
Wpdeveloper Simple 301 Redirects
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »