Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.0.1 vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2014-3882
Cross-site request forgery (CSRF) vulnerability in the Login rebuilder plugin prior to 1.2.0 for WordPress allows remote malicious users to hijack the authentication of arbitrary users.
12net Login Rebuilder
12net Login Rebuilder 1.1.2
12net Login Rebuilder 1.1.0
12net Login Rebuilder 1.0.2
12net Login Rebuilder 1.0.1
12net Login Rebuilder 1.0.0
12net Login Rebuilder 1.1.1
12net Login Rebuilder 1.0.3
605
VMScore
CVE-2012-4921
Multiple cross-site request forgery (CSRF) vulnerabilities in the DVS Custom Notification plugin 1.0.1 and previous versions for WordPress allow remote malicious users to hijack the authentication of administrators for requests that (1) change application settings or (2) conduct ...
Dvs Custom Notification Project Dvs Custom Notification 1.0.1
605
VMScore
CVE-2012-6629
Multiple cross-site request forgery (CSRF) vulnerabilities in the Newsletter Manager plugin 1.0.2 and previous versions for WordPress allow remote malicious users to hijack the authentication of administrators for requests that (1) change an email address or (2) conduct script in...
Xyzscripts Newsletter Manager
Xyzscripts Newsletter Manager 1.0.1
Xyzscripts Newsletter Manager 1.0
605
VMScore
CVE-2012-3384
Cross-site request forgery (CSRF) vulnerability in the customizer in WordPress prior to 3.4.1 allows remote malicious users to hijack the authentication of unspecified victims via unknown vectors.
Wordpress Wordpress
Wordpress Wordpress 3.3.3
Wordpress Wordpress 3.3.2
Wordpress Wordpress 3.3
Wordpress Wordpress 3.0.1
Wordpress Wordpress 3.0
Wordpress Wordpress 2.9.2
Wordpress Wordpress 3.1.3
Wordpress Wordpress 3.1.1
Wordpress Wordpress 3.1.2
Wordpress Wordpress 3.0.6
Wordpress Wordpress 2.1.3
Wordpress Wordpress 2.2.3
Wordpress Wordpress 2.3
Wordpress Wordpress 2.0.8
Wordpress Wordpress 2.2.2
Wordpress Wordpress 2.3.2
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.0.10
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.8.5
Wordpress Wordpress 2.8.5.1
605
VMScore
CVE-2006-1796
Cross-site scripting (XSS) vulnerability in the paging links functionality in template-functions-links.php in Wordpress 1.5.2, and possibly other versions prior to 2.0.1, allows remote malicious users to inject arbitrary web script or HTML to Internet Explorer users via the reque...
Wordpress Wordpress 1.0.1
Wordpress Wordpress 1.2
Wordpress Wordpress 1.5.1.2
Wordpress Wordpress 1.5.2
Wordpress Wordpress
Wordpress Wordpress 0.6.2.1
Wordpress Wordpress 0.6.2
Wordpress Wordpress 0.7
Wordpress Wordpress 0.71
Wordpress Wordpress 1.2.1
Wordpress Wordpress 1.2.2
Wordpress Wordpress 1.5
Wordpress Wordpress 1.5.1
Wordpress Wordpress 1.0
Wordpress Wordpress 1.0.2
Wordpress Wordpress 1.5.1.3
Wordpress Wordpress 2.0
578
VMScore
CVE-2021-24627
The G Auto-Hyperlink WordPress plugin up to and including 1.0.1 does not sanitise or escape an 'id' GET parameter before using it in a SQL statement, to select data to be displayed in the admin dashboard, leading to an authenticated SQL injection
G Auto-hyperlink Project G Auto-hyperlink
578
VMScore
CVE-2010-5106
The XML-RPC remote publishing interface in xmlrpc.php in WordPress prior to 3.0.3 does not properly check capabilities, which allows remote authenticated users to bypass intended access restrictions, and publish, edit, or delete posts, by leveraging the Author or Contributor role...
Wordpress Wordpress 2.5.1
Wordpress Wordpress 2.1.3
Wordpress Wordpress 2.2.3
Wordpress Wordpress 2.3
Wordpress Wordpress 2.0.8
Wordpress Wordpress 2.8
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.0.10
Wordpress Wordpress 2.0.11
Wordpress Wordpress 2.6.2
Wordpress Wordpress 2.2
Wordpress Wordpress 2.3.3
Wordpress Wordpress 2.6
Wordpress Wordpress 2.0
Wordpress Wordpress 2.3.2
Wordpress Wordpress 2.0.5
Wordpress Wordpress 2.0.7
Wordpress Wordpress 2.9.1
Wordpress Wordpress 2.5
Wordpress Wordpress 2.8.5.2
Wordpress Wordpress 2.8.2
Wordpress Wordpress 1.5
570
VMScore
CVE-2014-0166
The wp_validate_auth_cookie function in wp-includes/pluggable.php in WordPress prior to 3.7.2 and 3.8.x prior to 3.8.2 does not properly determine the validity of authentication cookies, which makes it easier for remote malicious users to obtain access via a forged cookie.
Wordpress Wordpress 3.6
Wordpress Wordpress 3.5.1
Wordpress Wordpress 3.3.1
Wordpress Wordpress 3.3
Wordpress Wordpress 3.1
Wordpress Wordpress 3.0.6
Wordpress Wordpress 2.9.2
Wordpress Wordpress 2.9.1.1
Wordpress Wordpress 2.8.4
Wordpress Wordpress
Wordpress Wordpress 3.8
Wordpress Wordpress 3.4.1
Wordpress Wordpress 3.4.0
Wordpress Wordpress 3.1.4
Wordpress Wordpress 3.1.3
Wordpress Wordpress 3.0.3
Wordpress Wordpress 3.0.2
Wordpress Wordpress 2.8.6
Wordpress Wordpress 2.8.5.2
Wordpress Wordpress 2.8
Wordpress Wordpress 2.7.1
Wordpress Wordpress 2.5.1
1 Github repository
570
VMScore
CVE-2013-3264
The WP Ultimate Email Marketer plugin 1.1.0 and possibly earlier for Wordpress does not properly restrict access to (1) list/edit.php and (2) campaign/editCampaign.php, which allows remote malicious users to modify list or campaign data.
Smackcoders Wp Ultimate Email Marketer Plugin 1.0.3
Smackcoders Wp Ultimate Email Marketer Plugin 1.0.2
Smackcoders Wp Ultimate Email Marketer Plugin 1.0.1
Smackcoders Wp Ultimate Email Marketer Plugin 1.0.0
Smackcoders Wp Ultimate Email Marketer Plugin
515
VMScore
CVE-2013-5962
Unrestricted file upload vulnerability in frames/upload-images.php in the Complete Gallery Manager plugin prior to 3.3.4 rev40279 for WordPress allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct...
Envato Complete Gallery Manager Plugin 3.3.2
Envato Complete Gallery Manager Plugin 3.3.1
Envato Complete Gallery Manager Plugin 3.2.2
Envato Complete Gallery Manager Plugin 3.2.1
Envato Complete Gallery Manager Plugin 2.0.2
Envato Complete Gallery Manager Plugin 2.0.1
Envato Complete Gallery Manager Plugin 3.2.6
Envato Complete Gallery Manager Plugin 3.2.5
Envato Complete Gallery Manager Plugin 3.1.0
Envato Complete Gallery Manager Plugin 3.0.1
Envato Complete Gallery Manager Plugin 1.0.1
Envato Complete Gallery Manager Plugin 1.0.0
Envato Complete Gallery Manager Plugin 3.3.0
Envato Complete Gallery Manager Plugin 3.2.8
Envato Complete Gallery Manager Plugin 3.2.7
Envato Complete Gallery Manager Plugin 3.2.0
Envato Complete Gallery Manager Plugin 3.1.1
Envato Complete Gallery Manager Plugin 2.0.0
Envato Complete Gallery Manager Plugin 1.0.2
Envato Complete Gallery Manager Plugin
Envato Complete Gallery Manager Plugin 3.2.4
Envato Complete Gallery Manager Plugin 3.2.3
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »