Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 2.0.4 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2021-24354
A lack of capability checks and insufficient nonce check on the AJAX action in the Simple 301 Redirects by BetterLinks WordPress plugin prior to 2.0.4, made it possible for authenticated users to install arbitrary plugins on vulnerable sites.
Wpdeveloper Simple 301 Redirects
3.5
CVSSv2
CVE-2021-24180
Unvalidated input and lack of output encoding within the Related Posts for WordPress plugin prior to 2.0.4 lead to a Reflected Cross-Site Scripting (XSS) vulnerability within the 'lang' GET parameter while editing a post, triggered when users with the capability of edit...
Never5 Related Posts
3.5
CVSSv2
CVE-2020-20626
lara-google-analytics.php in Lara Google Analytics plugin up to and including 2.0.4 for WordPress allows authenticated stored XSS.
Lara's Google Analytics Project Lara's Google Analytics
4.3
CVSSv2
CVE-2018-20965
The ultimate-member plugin prior to 2.0.4 for WordPress has XSS.
Ultimatemember Ultimate Member
6.8
CVSSv2
CVE-2018-11526
The plugin "WordPress Comments Import & Export" for WordPress (v2.0.4 and before) is vulnerable to CSV Injection.
Webtoffee Wordpress Comments Import And Export
1 EDB exploit
3.5
CVSSv2
CVE-2018-0585
Cross-site scripting vulnerability in Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Ultimatemember Ultimate Member
4
CVSSv2
CVE-2018-0586
Directory traversal vulnerability in the shortcodes function of Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote authenticated malicious users to read arbitrary files via unspecified vectors.
Ultimatemember User Profile & Membership
4
CVSSv2
CVE-2018-0587
Unrestricted file upload vulnerability in Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote authenticated users to upload arbitrary image files via unspecified vectors.
Ultimatemember User Profile & Membership
6.4
CVSSv2
CVE-2018-0588
Directory traversal vulnerability in the AJAX function of Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote malicious users to read arbitrary files via unspecified vectors.
Ultimatemember User Profile & Membership
4
CVSSv2
CVE-2018-0589
Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote authenticated malicious users to bypass access restriction to add a new form in the 'Forms' page via unspecified vectors.
Ultimatemember User Profile & Membership
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-6280
CVE-2024-5346
CVE-2024-30078
CVE-2022-45803
CVE-2024-36886
SQL
CVE-2024-24553
IMAP
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »