Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 2.2.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-47174
Cross-Site Request Forgery (CSRF) vulnerability in WordPress Performance Team Performance Lab plugin <= 2.2.0 versions.
Wordpress Performance Lab
445
VMScore
CVE-2012-6112
classes/GoogleSpell.php in the PHP Spellchecker (aka Google Spellchecker) addon prior to 2.0.6.1 for TinyMCE, as used in Moodle 2.1.x prior to 2.1.10, 2.2.x prior to 2.2.7, 2.3.x prior to 2.3.4, and 2.4.x prior to 2.4.1 and other products, does not properly handle control charact...
Tinymce Spellchecker Php 2.0
Tinymce Spellchecker Php 2.0.2
Tinymce Spellchecker Php 2.0.1
Tinymce Spellchecker Php 2.0.6
Tinymce Spellchecker Php 2.0.3
Moodle Moodle 2.1.0
Moodle Moodle 2.1.4
Moodle Moodle 2.1.7
Moodle Moodle 2.1.8
Moodle Moodle 2.1.9
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.3
Moodle Moodle 2.1.5
Moodle Moodle 2.1.6
Moodle Moodle 2.2.3
Moodle Moodle 2.2.1
Moodle Moodle 2.2.4
Moodle Moodle 2.2.6
Moodle Moodle 2.2.5
Moodle Moodle 2.2.0
Moodle Moodle 2.2.2
435
VMScore
CVE-2013-3526
Cross-site scripting (XSS) vulnerability in js/ta_loaded.js.php in the Traffic Analyzer plugin, possibly 3.3.2 and previous versions, for WordPress allows remote malicious users to inject arbitrary web script or HTML via the aoid parameter.
Wptrafficanalyzer Trafficanalyzer 3.3.2
Wptrafficanalyzer Trafficanalyzer 3.0.1
Wptrafficanalyzer Trafficanalyzer 3.0.0
Wptrafficanalyzer Trafficanalyzer 2.7.0
Wptrafficanalyzer Trafficanalyzer 2.6.0
Wptrafficanalyzer Trafficanalyzer 2.2.1
Wptrafficanalyzer Trafficanalyzer 2.2.0
Wptrafficanalyzer Trafficanalyzer 1.5.0
Wptrafficanalyzer Trafficanalyzer 1.4.0
Wptrafficanalyzer Trafficanalyzer 1.0.0
Wptrafficanalyzer Trafficanalyzer 3.2.1
Wptrafficanalyzer Trafficanalyzer 3.2.0
Wptrafficanalyzer Trafficanalyzer 3.1.0
Wptrafficanalyzer Trafficanalyzer 2.8.2
Wptrafficanalyzer Trafficanalyzer 2.8.1
Wptrafficanalyzer Trafficanalyzer 2.5.0
Wptrafficanalyzer Trafficanalyzer 2.4.1
Wptrafficanalyzer Trafficanalyzer 1.8.0
Wptrafficanalyzer Trafficanalyzer 1.7.0
Wptrafficanalyzer Trafficanalyzer 1.1.3
Wptrafficanalyzer Trafficanalyzer 1.1.2
Wptrafficanalyzer Trafficanalyzer 3.0.3
1 EDB exploit
1000
VMScore
CVE-2012-3576
Unrestricted file upload vulnerability in php/upload.php in the wpStoreCart plugin prior to 2.5.30 for WordPress allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in uploads...
Jquindlen Wpstorecart 2.5.24
Jquindlen Wpstorecart 2.5.23
Jquindlen Wpstorecart 2.5.15
Jquindlen Wpstorecart 2.5.14
Jquindlen Wpstorecart 2.5.7
Jquindlen Wpstorecart 2.5.5
Jquindlen Wpstorecart 2.4.14
Jquindlen Wpstorecart 2.4.13
Jquindlen Wpstorecart 2.4.5
Jquindlen Wpstorecart 2.4.4
Jquindlen Wpstorecart 2.3.15
Jquindlen Wpstorecart 2.3.14
Jquindlen Wpstorecart 2.3.7
Jquindlen Wpstorecart 2.3.6
Jquindlen Wpstorecart 2.2.8
Jquindlen Wpstorecart 2.2.7
Jquindlen Wpstorecart 2.2.0
Jquindlen Wpstorecart 2.1.8
Jquindlen Wpstorecart 2.1.1
Jquindlen Wpstorecart 2.1.0
Jquindlen Wpstorecart 2.0.6
Jquindlen Wpstorecart 2.0.5
1 EDB exploit
383
VMScore
CVE-2013-6342
Cross-site scripting (XSS) vulnerability in the Tweet Blender plugin prior to 4.0.2 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the tb_tab_index parameter to wp-admin/options-general.php.
Tweet-blender Tweet-blender
Tweet-blender Tweet-blender 4.0.0
Tweet-blender Tweet-blender 3.3.15
Tweet-blender Tweet-blender 3.3.14
Tweet-blender Tweet-blender 3.3.0
Tweet-blender Tweet-blender 3.2.4
Tweet-blender Tweet-blender 3.2.3
Tweet-blender Tweet-blender 3.2.2
Tweet-blender Tweet-blender 3.1.8
Tweet-blender Tweet-blender 3.1.7
Tweet-blender Tweet-blender 3.1.6
Tweet-blender Tweet-blender 3.1.5
Tweet-blender Tweet-blender 3.1.4
Tweet-blender Tweet-blender 3.0.0
Tweet-blender Tweet-blender 2.4.7
Tweet-blender Tweet-blender 2.4.6
Tweet-blender Tweet-blender 2.4.5
Tweet-blender Tweet-blender 2.0.4
Tweet-blender Tweet-blender 2.0.3
Tweet-blender Tweet-blender 2.0.2
Tweet-blender Tweet-blender 2.0.1
Tweet-blender Tweet-blender 3.3.9
383
VMScore
CVE-2014-6313
Cross-site scripting (XSS) vulnerability in the WooCommerce plugin prior to 2.2.3 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the range parameter on the wc-reports page to wp-admin/admin.php.
Woothemes Woocommerce Plugin 2.1.1
Woothemes Woocommerce Plugin 2.1.11
Woothemes Woocommerce Plugin 2.1.2
Woothemes Woocommerce Plugin 2.1.7
Woothemes Woocommerce Plugin 2.1.9
Woothemes Woocommerce Plugin 2.1.3
Woothemes Woocommerce Plugin 2.1.4
Woothemes Woocommerce Plugin 2.1.5
Woothemes Woocommerce Plugin 2.1.6
Woothemes Woocommerce Plugin 2.1.0
Woothemes Woocommerce Plugin 2.2.1
Woothemes Woocommerce Plugin
Woothemes Woocommerce Plugin 2.1.10
Woothemes Woocommerce Plugin 2.1.12
Woothemes Woocommerce Plugin 2.1.8
Woothemes Woocommerce Plugin 2.2.0
NA
CVE-2024-29765
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alireza Sedghi Aparat for WordPress allows Stored XSS.This issue affects Aparat for WordPress: from n/a up to and including 2.2.0.
NA
CVE-2023-52124
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ShapedPlugin LLC WP Tabs – Responsive Tabs Plugin for WordPress allows Stored XSS.This issue affects WP Tabs – Responsive Tabs Plugin for WordPress: from n/...
Shapedplugin Wp Tabs
445
VMScore
CVE-2016-10928
The onelogin-saml-sso plugin prior to 2.2.0 for WordPress has a hardcoded @@@nopass@@@ password for just-in-time provisioned users.
Onelogin Onelogin Saml Sso
668
VMScore
CVE-2020-29045
The food-and-drink-menu plugin up to and including 2.2.0 for WordPress allows remote malicious users to execute arbitrary code because of an unserialize operation on the fdm_cart cookie in load_cart_from_cookie in includes/class-cart-manager.php.
Fivestarplugins Five Star Restaurant Menu
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »