Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.0.2 vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2015-5484
Cross-site scripting (XSS) vulnerability in the Plotly plugin prior to 1.0.3 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via a post.
Plot Plotly
6.1
CVSSv3
CVE-2015-7666
Multiple cross-site scripting (XSS) vulnerabilities in the (1) cp_updateMessageItem and (2) cp_deleteMessageItem functions in cp_ppp_admin_int_message_list.inc.php in the Payment Form for PayPal Pro plugin prior to 1.0.2 for WordPress allow remote malicious users to inject arbitr...
Codepeople Payment Form For Paypal Pro
6.1
CVSSv3
CVE-2015-7667
Multiple cross-site scripting (XSS) vulnerabilities in (1) templates/admanagement/admanagement.php and (2) templates/adspot/adspot.php in the ResAds plugin prior to 1.0.2 for WordPress allow remote malicious users to inject arbitrary web script or HTML via the page parameter.
Web-mv Resads
6.1
CVSSv3
CVE-2017-17780
The Clockwork SMS clockwork-test-message.php component has XSS via a crafted "to" parameter in a clockwork-test-message request to wp-admin/admin.php. This component code is found in the following WordPress plugins: Clockwork Free and Paid SMS Notifications 2.0.3, Two-F...
Mediaburst Booking Calendar Sms 1.0.5
Mediaburst Clockwork Sms Notfications 2.0.3
Mediaburst Contact Form 7 Sms 2.3.0
Mediaburst Fast Secure Contact Form Sms 2.1.2
Mediaburst Formidable 1.0.2
Mediaburst Gravity Forms 2.2
Mediaburst Two-factor Authentication 1.0.2
Mediaburst Wp E-commerce 2.0.5
NA
CVE-2014-4599
Multiple cross-site scripting (XSS) vulnerabilities in forms/search.php in the WP-Business Directory (wp-ttisbdir) plugin 1.0.2 and previous versions for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) edit, (2) search_term, (3) page_id, ...
Wp-business Directory Project Wp-business Directory
NA
CVE-2014-4566
Cross-site scripting (XSS) vulnerability in res/fake_twitter/frame.php in the "verwei.se - WordPress - Twitter" (verweise-wordpress-twitter) plugin 1.0.2 and previous versions for WordPress allows remote malicious users to inject arbitrary web script or HTML via the bas...
Verweise-wordpress-twitter Project Verweise-wordpress-twitter
NA
CVE-2014-4564
Cross-site scripting (XSS) vulnerability in check.php in the Validated plugin 1.0.2 and previous versions for WordPress allows remote malicious users to inject arbitrary web script or HTML via the slug parameter.
Validated Plugin Project Validated Plugin
NA
CVE-2014-4569
Cross-site scripting (XSS) vulnerability in ls/vv_login.php in the VideoWhisper Live Streaming Integration plugin 4.27.2 and previous versions for WordPress allows remote malicious users to inject arbitrary web script or HTML via the room_name parameter.
Videowhisper Videowhisper Live Streaming Integration 4.27.2
Videowhisper Videowhisper Live Streaming Integration 2.0
Videowhisper Videowhisper Live Streaming Integration 1.0.2
Videowhisper Videowhisper Live Streaming Integration 4.07
Videowhisper Videowhisper Live Streaming Integration 4.05
Videowhisper Videowhisper Live Streaming Integration 2.1
Videowhisper Videowhisper Live Streaming Integration 4.25
Videowhisper Videowhisper Live Streaming Integration 2.2
Videowhisper Videowhisper Live Streaming Integration
NA
CVE-2014-3882
Cross-site request forgery (CSRF) vulnerability in the Login rebuilder plugin prior to 1.2.0 for WordPress allows remote malicious users to hijack the authentication of arbitrary users.
12net Login Rebuilder 1.0.2
12net Login Rebuilder 1.1.1
12net Login Rebuilder 1.1.0
12net Login Rebuilder 1.0.3
12net Login Rebuilder
12net Login Rebuilder 1.1.2
12net Login Rebuilder 1.0.1
12net Login Rebuilder 1.0.0
NA
CVE-2014-0165
WordPress prior to 3.7.2 and 3.8.x prior to 3.8.2 allows remote authenticated users to publish posts by leveraging the Contributor role, related to wp-admin/includes/post.php and wp-admin/includes/class-wp-posts-list-table.php.
Wordpress Wordpress 3.0.5
Wordpress Wordpress 2.8.5.2
Wordpress Wordpress 1.2.3
Wordpress Wordpress 3.4.0
Wordpress Wordpress 2.0.11
Wordpress Wordpress 1.3.3
Wordpress Wordpress 3.6.1
Wordpress Wordpress 2.8.6
Wordpress Wordpress 2.0
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.2.3
Wordpress Wordpress 2.0.2
Wordpress Wordpress 3.7
Wordpress Wordpress 1.6.2
Wordpress Wordpress 3.5.0
Wordpress Wordpress 2.1
Wordpress Wordpress 1.1.1
Wordpress Wordpress 1.2.4
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.8.4
Wordpress Wordpress 2.0.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »