Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2019-13573
A SQL injection vulnerability exists in the FolioVision FV Flowplayer Video Player plugin prior to 7.3.19.727 for WordPress. Successful exploitation of this vulnerability would allow a remote malicious user to execute arbitrary SQL commands on the affected system.
Foliovision Fv Flowplayer Video Player
890
VMScore
CVE-2014-7297
Unspecified vulnerability in the folder framework in the Enfold theme prior to 3.0.1 for WordPress has unknown impact and attack vectors.
Kriesi Enfold
890
VMScore
CVE-2011-5254
Unspecified vulnerability in the Connections plugin prior to 0.7.1.6 for WordPress has unknown impact and attack vectors.
Connections Project Connections 0.7.1.4
Connections Project Connections 0.7.0.1
Connections Project Connections 0.6.2.1
Connections Project Connections 0.5.1
Connections Project Connections 0.4.0
Connections Project Connections 0.2.10
Connections Project Connections 0.2.8
Connections Project Connections 0.7.1.3
Connections Project Connections 0.7.1.2
Connections Project Connections 0.7.1.1
Connections Project Connections 0.7.0.4
Connections Project Connections 0.7.0.3
Connections Project Connections 0.3.2
Connections Project Connections 0.2.24
Connections Project Connections 0.2.23
Connections Project Connections 0.2.22
Connections Project Connections 0.6.2
Connections Project Connections 0.6.1
Connections Project Connections 0.5.48
Connections Project Connections 0.5.47
Connections Project Connections 0.2.4
Connections Project Connections 0.2.3
890
VMScore
CVE-2012-4874
Unspecified vulnerability in the Another WordPress Classifieds Plugin prior to 2.0 for WordPress has unknown impact and attack vectors related to "image uploads."
Awpcp Another Wordpress Classifieds Plugin
890
VMScore
CVE-2012-4033
Multiple unspecified vulnerabilities in the Zingiri Web Shop plugin prior to 2.4.0 for WordPress have unknown impact and attack vectors.
Zingiri Zingiri Web Shop 2.3.4
Zingiri Zingiri Web Shop 2.3.3
Zingiri Zingiri Web Shop 2.2.1
Zingiri Zingiri Web Shop 2.2.0
Zingiri Zingiri Web Shop 2.0.2
Zingiri Zingiri Web Shop 2.0.1
Zingiri Zingiri Web Shop 1.6.1
Zingiri Zingiri Web Shop 1.6.0
Zingiri Zingiri Web Shop 1.5.3
Zingiri Zingiri Web Shop 1.5.2
Zingiri Zingiri Web Shop 1.4.3
Zingiri Zingiri Web Shop 1.4.2
Zingiri Zingiri Web Shop 1.3.3
Zingiri Zingiri Web Shop 1.3.2
Zingiri Zingiri Web Shop 1.2.6
Zingiri Zingiri Web Shop 1.2.5
Zingiri Zingiri Web Shop 1.0.4
Zingiri Zingiri Web Shop 1.0.3
Zingiri Zingiri Web Shop 2.3.2
Zingiri Zingiri Web Shop 2.3.1
Zingiri Zingiri Web Shop 2.1.3
Zingiri Zingiri Web Shop 2.1.2
890
VMScore
CVE-2012-2400
Unspecified vulnerability in wp-includes/js/swfobject.js in WordPress prior to 3.3.2 has unknown impact and attack vectors.
Wordpress Wordpress
Wordpress Wordpress 2.0.11
Wordpress Wordpress 2.1.3
Wordpress Wordpress 2.2.1
Wordpress Wordpress 1.5.1.1
Wordpress Wordpress 2.0.1
Wordpress Wordpress 3.3
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.1.2
Wordpress Wordpress 2.5.1
Wordpress Wordpress 2.3
Wordpress Wordpress 3.0.6
Wordpress Wordpress 2.6.1
Wordpress Wordpress 1.5.1
Wordpress Wordpress 1.2.1
Wordpress Wordpress 1.0.1
Wordpress Wordpress 2.6.5
Wordpress Wordpress 3.1.3
Wordpress Wordpress 1.1.1
Wordpress Wordpress 1.3.3
Wordpress Wordpress 2.8.4
Wordpress Wordpress 2.2.3
890
VMScore
CVE-2011-3125
Unspecified vulnerability in WordPress 3.1 prior to 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Various security hardening."
Wordpress Wordpress 3.1
Wordpress Wordpress 3.1.1
Wordpress Wordpress 3.1.2
Wordpress Wordpress 3.2
890
VMScore
CVE-2011-3122
Unspecified vulnerability in WordPress 3.1 prior to 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Media security."
Wordpress Wordpress 3.2
Wordpress Wordpress 3.1
Wordpress Wordpress 3.1.1
Wordpress Wordpress 3.1.2
890
VMScore
CVE-2009-2853
Wordpress prior to 2.8.3 allows remote malicious users to gain privileges via a direct request to (1) admin-footer.php, (2) edit-category-form.php, (3) edit-form-advanced.php, (4) edit-form-comment.php, (5) edit-link-category-form.php, (6) edit-link-form.php, (7) edit-page-form.p...
Wordpress Wordpress 1.2
Wordpress Wordpress 0.72
Wordpress Wordpress 1.5
Wordpress Wordpress 1.5.1
Wordpress Wordpress 1.5.1.3
Wordpress Wordpress 1.5.2
Wordpress Wordpress 2.0
Wordpress Wordpress 2.2.3
Wordpress Wordpress 2.3
Wordpress Wordpress 2.3.1
Wordpress Wordpress 2.5.1
Wordpress Wordpress 2.1.1
Wordpress Wordpress 1.0
Wordpress Wordpress 1.0.1
Wordpress Wordpress 2.0.7
Wordpress Wordpress 2.1
Wordpress Wordpress 2.1.2
Wordpress Wordpress 2.6.1
Wordpress Wordpress 2.6.2
Wordpress Wordpress 2.6.3
Wordpress Wordpress 2.7
Wordpress Wordpress 2.7.1
890
VMScore
CVE-2008-6767
wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote malicious users to upgrade the application, and possibly cause a denial of service (application outage), via a direct request.
Wordpress Wordpress 2.6
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »