Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 0.7 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2022-1846
The Tiny Contact Form WordPress plugin up to and including 0.7 does not have CSRF check in place when updating its settings, which could allow malicious users to make a logged in admin change them via a CSRF attack
Tiny Contact Form Project Tiny Contact Form
4.3
CVSSv2
CVE-2016-10969
The supportflow plugin prior to 0.7 for WordPress has XSS via a discussion ticket title.
Supportflow Project Supportflow
4.3
CVSSv2
CVE-2016-10970
The supportflow plugin prior to 0.7 for WordPress has XSS via a ticket excerpt.
Supportflow Project Supportflow
4.3
CVSSv2
CVE-2014-4529
Cross-site scripting (XSS) vulnerability in fpg_preview.php in the Flash Photo Gallery plugin 0.7 and previous versions for WordPress allows remote malicious users to inject arbitrary web script or HTML via the path parameter.
Flash Photo Gallery Project Flash Photo Gallery
4.3
CVSSv2
CVE-2012-1834
Cross-site scripting (XSS) vulnerability in the cms_tpv_admin_head function in functions.php in the CMS Tree Page View plugin prior to 0.8.9 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the cms_tpv_view parameter to wp-admin/options-gener...
Cms Tree Page View Project Cms Tree Page View 0.8.3
Cms Tree Page View Project Cms Tree Page View 0.8.2
Cms Tree Page View Project Cms Tree Page View 0.7.16
Cms Tree Page View Project Cms Tree Page View 0.7.15
Cms Tree Page View Project Cms Tree Page View 0.7.8
Cms Tree Page View Project Cms Tree Page View 0.7.7
Cms Tree Page View Project Cms Tree Page View 0.6.3
Cms Tree Page View Project Cms Tree Page View 0.6.2
Cms Tree Page View Project Cms Tree Page View 0.5.3
Cms Tree Page View Project Cms Tree Page View 0.5.2
Cms Tree Page View Project Cms Tree Page View 0.4.5
Cms Tree Page View Project Cms Tree Page View 0.4.4
Cms Tree Page View Project Cms Tree Page View 0.1a
Cms Tree Page View Project Cms Tree Page View 0.8.1
Cms Tree Page View Project Cms Tree Page View 0.8
Cms Tree Page View Project Cms Tree Page View 0.7.14
Cms Tree Page View Project Cms Tree Page View 0.7.13
Cms Tree Page View Project Cms Tree Page View 0.7.6
Cms Tree Page View Project Cms Tree Page View 0.7.5
Cms Tree Page View Project Cms Tree Page View 0.6.1
Cms Tree Page View Project Cms Tree Page View 0.6
Cms Tree Page View Project Cms Tree Page View 0.5.1
4.3
CVSSv2
CVE-2011-5128
Multiple cross-site scripting (XSS) vulnerabilities in the Adminimize plugin prior to 1.7.22 for WordPress allow remote malicious users to inject arbitrary web script or HTML via the page parameter to (1) inc-options/deinstall_options.php, (2) inc-options/theme_options.php, or (3...
Bueltge Adminimize
Bueltge Adminimize 0.6.9
Bueltge Adminimize 0.7
Bueltge Adminimize 0.7.1
Bueltge Adminimize 0.7.2
Bueltge Adminimize 0.7.3
Bueltge Adminimize 0.7.5
Bueltge Adminimize 0.7.6
Bueltge Adminimize 0.7.7
Bueltge Adminimize 0.7.8
Bueltge Adminimize 0.7.9
Bueltge Adminimize 0.8
Bueltge Adminimize 0.8.1
Bueltge Adminimize 1.0
Bueltge Adminimize 1.1
Bueltge Adminimize 1.2
Bueltge Adminimize 1.3
Bueltge Adminimize 1.4
Bueltge Adminimize 1.4.1
Bueltge Adminimize 1.4.2
Bueltge Adminimize 1.4.3-6
Bueltge Adminimize 1.4.7
4.3
CVSSv2
CVE-2011-4926
Cross-site scripting (XSS) vulnerability in adminimize/adminimize_page.php in the Adminimize plugin prior to 1.7.22 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the page parameter.
Bueltge Adminimize
Bueltge Adminimize 0.6.9
Bueltge Adminimize 0.7
Bueltge Adminimize 0.7.1
Bueltge Adminimize 0.7.2
Bueltge Adminimize 0.7.3
Bueltge Adminimize 0.7.5
Bueltge Adminimize 0.7.6
Bueltge Adminimize 0.7.7
Bueltge Adminimize 0.7.8
Bueltge Adminimize 0.7.9
Bueltge Adminimize 0.8
Bueltge Adminimize 0.8.1
Bueltge Adminimize 1.0
Bueltge Adminimize 1.1
Bueltge Adminimize 1.2
Bueltge Adminimize 1.3
Bueltge Adminimize 1.4
Bueltge Adminimize 1.4.1
Bueltge Adminimize 1.4.2
Bueltge Adminimize 1.4.3-6
Bueltge Adminimize 1.4.7
1 EDB exploit
4.3
CVSSv2
CVE-2012-4263
Cross-site scripting (XSS) vulnerability in inc/admin/content.php in the Better WP Security (better_wp_security) plugin prior to 3.2.5 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the HTTP_USER_AGENT header.
Bit51 Better-wp-security 3.2.1
Bit51 Better-wp-security 3.2
Bit51 Better-wp-security 3.0.7
Bit51 Better-wp-security 3.0.6
Bit51 Better-wp-security 2.18
Bit51 Better-wp-security 2.17
Bit51 Better-wp-security 2.9
Bit51 Better-wp-security 2.8
Bit51 Better-wp-security 2.1
Bit51 Better-wp-security 2.0
Bit51 Better-wp-security 1.4
Bit51 Better-wp-security 1.3
Bit51 Better-wp-security 0.11
Bit51 Better-wp-security 0.10
Bit51 Better-wp-security 0.3
Bit51 Better-wp-security 0.2
Bit51 Better-wp-security -
Bit51 Better-wp-security
Bit51 Better-wp-security 3.2.3
Bit51 Better-wp-security 3.2.2
Bit51 Better-wp-security 3.0.9
Bit51 Better-wp-security 3.0.8
4.3
CVSSv2
CVE-2012-4264
Multiple cross-site scripting (XSS) vulnerabilities in the Better WP Security (better_wp_security) plugin prior to 3.2.5 for WordPress allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors related to "server variables," a different ...
Bit51 Better-wp-security 3.2.3
Bit51 Better-wp-security 3.2.1
Bit51 Better-wp-security 3.1
Bit51 Better-wp-security 3.0.8
Bit51 Better-wp-security 3.0.6
Bit51 Better-wp-security 2.18
Bit51 Better-wp-security 2.16
Bit51 Better-wp-security 2.11
Bit51 Better-wp-security 2.9
Bit51 Better-wp-security 2.7
Bit51 Better-wp-security 2.2
Bit51 Better-wp-security 2.0
Bit51 Better-wp-security 1.4
Bit51 Better-wp-security 1.2
Bit51 Better-wp-security 0.14
Bit51 Better-wp-security 0.11
Bit51 Better-wp-security 0.9
Bit51 Better-wp-security 0.4
Bit51 Better-wp-security 0.2
Bit51 Better-wp-security -
Bit51 Better-wp-security 3.0.12
Bit51 Better-wp-security 3.0.11
4.3
CVSSv2
CVE-2012-0782
Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) dbhost, (2) dbname, or (3) uname parameter. NOTE...
Wordpress Wordpress 3.0.5
Wordpress Wordpress 2.0.11
Wordpress Wordpress 2.8.6
Wordpress Wordpress 2.0
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.2.3
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.1
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.8.4
Wordpress Wordpress 2.0.4
Wordpress Wordpress 3.0.2
Wordpress Wordpress 3.2.1
Wordpress Wordpress 0.711
Wordpress Wordpress 3.1.4
Wordpress Wordpress 2.2
Wordpress Wordpress 1.2.1
Wordpress Wordpress 0.7
Wordpress Wordpress 2.1.3
Wordpress Wordpress 3.0
Wordpress Wordpress 2.8
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »