Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 3.0.6 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-17231
includes/theme-functions.php in the OneTone theme up to and including 3.0.6 for WordPress has multiple stored XSS issues.
Mageewp Onetone
4.3
CVSSv2
CVE-2017-9420
Cross site scripting (XSS) vulnerability in the Spiffy Calendar plugin prior to 3.3.0 for WordPress allows remote malicious users to inject arbitrary JavaScript via the yr parameter.
Sunnythemes Spiffy Calendar 3.0.8
Sunnythemes Spiffy Calendar 3.0.7
Sunnythemes Spiffy Calendar 3.0.0
Sunnythemes Spiffy Calendar 2.1.3
Sunnythemes Spiffy Calendar 1.2.0
Sunnythemes Spiffy Calendar 1.1.8
Sunnythemes Spiffy Calendar 1.1.2
Sunnythemes Spiffy Calendar 1.1.1
Sunnythemes Spiffy Calendar 3.1.3
Sunnythemes Spiffy Calendar 3.1.2
Sunnythemes Spiffy Calendar 3.0.4
Sunnythemes Spiffy Calendar 3.0.3
Sunnythemes Spiffy Calendar 2.1.0
Sunnythemes Spiffy Calendar 2.0.1
Sunnythemes Spiffy Calendar 1.1.5
Sunnythemes Spiffy Calendar 2.0.0
Sunnythemes Spiffy Calendar 1.0.3
Sunnythemes Spiffy Calendar 1.0.1
Sunnythemes Spiffy Calendar 3.1.1
Sunnythemes Spiffy Calendar 3.1.0
Sunnythemes Spiffy Calendar 3.0.2
Sunnythemes Spiffy Calendar 3.0.1
4.3
CVSSv2
CVE-2012-6633
Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php in WordPress prior to 3.3.3 allows remote malicious users to inject arbitrary web script or HTML via an editable slug field.
Wordpress Wordpress 3.2
Wordpress Wordpress 3.1.4
Wordpress Wordpress 3.1.3
Wordpress Wordpress 3.1.2
Wordpress Wordpress
Wordpress Wordpress 3.0.3
Wordpress Wordpress 3.0.2
Wordpress Wordpress 3.0.1
Wordpress Wordpress 3.0
Wordpress Wordpress 3.3
Wordpress Wordpress 3.1.1
Wordpress Wordpress 3.0.6
Wordpress Wordpress 3.0.4
Wordpress Wordpress 3.3.1
Wordpress Wordpress 3.2.1
Wordpress Wordpress 3.1
Wordpress Wordpress 3.0.5
4.3
CVSSv2
CVE-2013-6342
Cross-site scripting (XSS) vulnerability in the Tweet Blender plugin prior to 4.0.2 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the tb_tab_index parameter to wp-admin/options-general.php.
Tweet-blender Tweet-blender
Tweet-blender Tweet-blender 4.0.0
Tweet-blender Tweet-blender 3.3.15
Tweet-blender Tweet-blender 3.3.14
Tweet-blender Tweet-blender 3.3.0
Tweet-blender Tweet-blender 3.2.4
Tweet-blender Tweet-blender 3.2.3
Tweet-blender Tweet-blender 3.2.2
Tweet-blender Tweet-blender 3.1.8
Tweet-blender Tweet-blender 3.1.7
Tweet-blender Tweet-blender 3.1.6
Tweet-blender Tweet-blender 3.1.5
Tweet-blender Tweet-blender 3.1.4
Tweet-blender Tweet-blender 3.0.0
Tweet-blender Tweet-blender 2.4.7
Tweet-blender Tweet-blender 2.4.6
Tweet-blender Tweet-blender 2.4.5
Tweet-blender Tweet-blender 2.0.4
Tweet-blender Tweet-blender 2.0.3
Tweet-blender Tweet-blender 2.0.2
Tweet-blender Tweet-blender 2.0.1
Tweet-blender Tweet-blender 3.3.9
4.3
CVSSv2
CVE-2013-4626
Cross-site scripting (XSS) vulnerability in the BackWPup plugin prior to 3.0.13 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the tab parameter to wp-admin/admin.php.
Marketpress Backwpup Plugin 3.0.7
Marketpress Backwpup Plugin 3.0.6
Marketpress Backwpup Plugin 3.0.5
Marketpress Backwpup Plugin 3.0.4
Marketpress Backwpup Plugin 3.0
Marketpress Backwpup Plugin
Marketpress Backwpup Plugin 3.0.10
Marketpress Backwpup Plugin 3.0.8
Marketpress Backwpup Plugin 3.0.3
Marketpress Backwpup Plugin 3.0.1
Marketpress Backwpup Plugin 3.0.11
Marketpress Backwpup Plugin 3.0.9
Marketpress Backwpup Plugin 3.0.2
4.3
CVSSv2
CVE-2012-3414
Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFUpload 2.2.0.1 and previous versions, as used in WordPress prior to 3.3.2, TinyMCE Image Manager 1.1, and other products, allows remote malicious users to inject arbitrary web script or HTML via the movieName paramet...
Wordpress Wordpress 3.0.1
Wordpress Wordpress 3.0.2
Wordpress Wordpress 3.1.2
Wordpress Wordpress 3.1.3
Swfupload Project Swfupload 1.0.2
Swfupload Project Swfupload 2.0.2
Wordpress Wordpress 3.0.3
Wordpress Wordpress 3.0.4
Wordpress Wordpress 3.1.4
Wordpress Wordpress 3.2
Swfupload Project Swfupload 2.1.0
Wordpress Wordpress 3.0.5
Wordpress Wordpress 3.0.6
Wordpress Wordpress 3.2.1
Wordpress Wordpress 3.3
Swfupload Project Swfupload 2.2.0
Swfupload Project Swfupload
Wordpress Wordpress -
Wordpress Wordpress 3.0
Wordpress Wordpress 3.1
Wordpress Wordpress 3.1.1
Wordpress Wordpress
1 EDB exploit
2 Github repositories
1 Article
4.3
CVSSv2
CVE-2012-4263
Cross-site scripting (XSS) vulnerability in inc/admin/content.php in the Better WP Security (better_wp_security) plugin prior to 3.2.5 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the HTTP_USER_AGENT header.
Bit51 Better-wp-security 3.2.1
Bit51 Better-wp-security 3.2
Bit51 Better-wp-security 3.0.7
Bit51 Better-wp-security 3.0.6
Bit51 Better-wp-security 2.18
Bit51 Better-wp-security 2.17
Bit51 Better-wp-security 2.9
Bit51 Better-wp-security 2.8
Bit51 Better-wp-security 2.1
Bit51 Better-wp-security 2.0
Bit51 Better-wp-security 1.4
Bit51 Better-wp-security 1.3
Bit51 Better-wp-security 0.11
Bit51 Better-wp-security 0.10
Bit51 Better-wp-security 0.3
Bit51 Better-wp-security 0.2
Bit51 Better-wp-security -
Bit51 Better-wp-security
Bit51 Better-wp-security 3.2.3
Bit51 Better-wp-security 3.2.2
Bit51 Better-wp-security 3.0.9
Bit51 Better-wp-security 3.0.8
4.3
CVSSv2
CVE-2012-4264
Multiple cross-site scripting (XSS) vulnerabilities in the Better WP Security (better_wp_security) plugin prior to 3.2.5 for WordPress allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors related to "server variables," a different ...
Bit51 Better-wp-security 3.2.3
Bit51 Better-wp-security 3.2.1
Bit51 Better-wp-security 3.1
Bit51 Better-wp-security 3.0.8
Bit51 Better-wp-security 3.0.6
Bit51 Better-wp-security 2.18
Bit51 Better-wp-security 2.16
Bit51 Better-wp-security 2.11
Bit51 Better-wp-security 2.9
Bit51 Better-wp-security 2.7
Bit51 Better-wp-security 2.2
Bit51 Better-wp-security 2.0
Bit51 Better-wp-security 1.4
Bit51 Better-wp-security 1.2
Bit51 Better-wp-security 0.14
Bit51 Better-wp-security 0.11
Bit51 Better-wp-security 0.9
Bit51 Better-wp-security 0.4
Bit51 Better-wp-security 0.2
Bit51 Better-wp-security -
Bit51 Better-wp-security 3.0.12
Bit51 Better-wp-security 3.0.11
4.3
CVSSv2
CVE-2011-4956
Cross-site scripting (XSS) vulnerability in WordPress prior to 3.1.1 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Wordpress Wordpress 3.0.5
Wordpress Wordpress 3.0.6
Wordpress Wordpress 3.0.1
Wordpress Wordpress 3.0.2
Wordpress Wordpress 2.0
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.0.10
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.3
Wordpress Wordpress 2.3.3
Wordpress Wordpress 2.8.6
Wordpress Wordpress 2.6.3
Wordpress Wordpress 2.8.5.2
Wordpress Wordpress 2.8.4
Wordpress Wordpress 1.5.1.1
Wordpress Wordpress 1.5.1.2
Wordpress Wordpress 1.5.1.3
Wordpress Wordpress 1.2.4
Wordpress Wordpress 1.1.1
Wordpress Wordpress 1.3.3
Wordpress Wordpress 1.3
Wordpress Wordpress
4.3
CVSSv2
CVE-2012-2404
wp-comments-post.php in WordPress prior to 3.3.2 supports offsite redirects, which makes it easier for remote malicious users to conduct cross-site scripting (XSS) attacks via unspecified vectors.
Wordpress Wordpress 2.8
Wordpress Wordpress 2.0.9
Wordpress Wordpress 1.5.2
Wordpress Wordpress 2.0
Wordpress Wordpress 2.3.2
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.7
Wordpress Wordpress 2.8.5
Wordpress Wordpress 2.8.1
Wordpress Wordpress 3.1
Wordpress Wordpress 2.8.4
Wordpress Wordpress 3.0
Wordpress Wordpress 1.5
Wordpress Wordpress 1.2
Wordpress Wordpress 2.9.1
Wordpress Wordpress 1.2.3
Wordpress Wordpress 1.2.4
Wordpress Wordpress 2.1.3
Wordpress Wordpress 2.2.3
Wordpress Wordpress 1.5.1.1
Wordpress Wordpress 2.3.1
Wordpress Wordpress 2.0.10
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »