Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2011-3122
Unspecified vulnerability in WordPress 3.1 prior to 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Media security."
Wordpress Wordpress 3.2
Wordpress Wordpress 3.1
Wordpress Wordpress 3.1.1
Wordpress Wordpress 3.1.2
10
CVSSv2
CVE-2009-2853
Wordpress prior to 2.8.3 allows remote malicious users to gain privileges via a direct request to (1) admin-footer.php, (2) edit-category-form.php, (3) edit-form-advanced.php, (4) edit-form-comment.php, (5) edit-link-category-form.php, (6) edit-link-form.php, (7) edit-page-form.p...
Wordpress Wordpress 1.2
Wordpress Wordpress 0.72
Wordpress Wordpress 1.5
Wordpress Wordpress 1.5.1
Wordpress Wordpress 1.5.1.3
Wordpress Wordpress 1.5.2
Wordpress Wordpress 2.0
Wordpress Wordpress 2.2.3
Wordpress Wordpress 2.3
Wordpress Wordpress 2.3.1
Wordpress Wordpress 2.5.1
Wordpress Wordpress 2.1.1
Wordpress Wordpress 1.0
Wordpress Wordpress 1.0.1
Wordpress Wordpress 2.0.7
Wordpress Wordpress 2.1
Wordpress Wordpress 2.1.2
Wordpress Wordpress 2.6.1
Wordpress Wordpress 2.6.2
Wordpress Wordpress 2.6.3
Wordpress Wordpress 2.7
Wordpress Wordpress 2.7.1
10
CVSSv2
CVE-2008-6767
wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote malicious users to upgrade the application, and possibly cause a denial of service (application outage), via a direct request.
Wordpress Wordpress 2.6
10
CVSSv2
CVE-2008-4796
The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3 and previous versions, as used in (1) ampache, (2) libphp-snoopy, (3) mahara, (4) mediamate, (5) opendb, (6) pixelpost, and possibly other products, allows remote malicious users to execute arbitrary commands vi...
Snoopy Project Snoopy
Debian Debian Linux 4.0
Debian Debian Linux 5.0
Nagios Nagios
Wordpress Wordpress
10
CVSSv2
CVE-2008-3362
Unrestricted file upload vulnerability in upload.php in the Giulio Ganci Wp Downloads Manager module 0.2 for WordPress allows remote malicious users to execute arbitrary code by uploading a file with an executable extension via the upfile parameter, then accessing it via a direct...
Giulio Ganci Wp Downloads Manager 0.2
Wordpress Wp Downloads Manager 0.2
1 EDB exploit
10
CVSSv2
CVE-2007-2714
Unspecified vulnerability in akismet.php in Matt Mullenweg Akismet prior to 2.0.2, a WordPress plugin, has unknown impact and attack vectors.
Matt Mullenweg Akismet
1 EDB exploit
10
CVSSv2
CVE-2006-6863
PHP remote file inclusion vulnerability in the Enigma2 plugin (Enigma2.php) in Enigma WordPress Bridge allows remote malicious users to execute arbitrary PHP code via a URL in the boarddir parameter. NOTE: CVE disputes this issue, since $boarddir is set to a fixed value
Enigma Wordpress Bridge
1 EDB exploit
10
CVSSv2
CVE-2006-4028
Multiple unspecified vulnerabilities in WordPress prior to 2.0.4 have unknown impact and remote attack vectors. NOTE: due to lack of details, it is not clear how these issues are different from CVE-2006-3389 and CVE-2006-3390, although it is likely that 2.0.4 addresses an unspeci...
Wordpress Wordpress 2.0
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.0.3
9.4
CVSSv2
CVE-2016-1000112
Unauthenticated remote .jpg file upload in contus-video-comments v1.0 wordpress plugin
Contussupport Contus-video-comments 1.0
9.3
CVSSv2
CVE-2017-18614
The kama-clic-counter plugin 3.4.9 for WordPress has SQL injection via the admin.php order parameter.
Wp-kama Kama Click Counter
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »