Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.1.1 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2013-6991
Cross-site scripting (XSS) vulnerability in the WP-Cron Dashboard plugin 1.1.5 and previous versions for WordPress allows remote malicious users to inject arbitrary web script or HTML via the procname parameter to wp-admin/tools.php.
Wokamoto Wp-cron Dashboard 1.1.0
Wokamoto Wp-cron Dashboard
Wokamoto Wp-cron Dashboard 1.1.4
Wokamoto Wp-cron Dashboard 1.1.3
Wokamoto Wp-cron Dashboard 1.1.2
Wokamoto Wp-cron Dashboard 1.1.1
506
VMScore
CVE-2018-7422
A Local File Inclusion vulnerability in the Site Editor plugin up to and including 1.1.1 for WordPress allows remote malicious users to retrieve arbitrary files via the ajax_path parameter to editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php, aka absolute path tra...
Siteeditor Site Editor
1 EDB exploit
4 Github repositories
505
VMScore
CVE-2018-20782
The GloBee plugin prior to 1.1.2 for WooCommerce mishandles IPN messages.
Globee Woocommerce
1 EDB exploit
356
VMScore
CVE-2021-24966
The Error Log Viewer WordPress plugin up to and including 1.1.1 does not validate the path of the log file to clear, allowing high privilege users to clear arbitrary files on the web server, including those outside of the blog folder
Bestwebsoft Error Log Viewer
605
VMScore
CVE-2018-5656
An issue exists in the weblizar-pinterest-feeds plugin 1.1.1 for WordPress. CSRF exists via wp-admin/admin-ajax.php.
Weblizar Pinterest-feeds 1.1.1
383
VMScore
CVE-2018-5654
An issue exists in the weblizar-pinterest-feeds plugin 1.1.1 for WordPress. XSS exists via the wp-admin/admin-ajax.php PFFREE_Access_Token parameter.
Weblizar Pinterest-feeds 1.1.1
383
VMScore
CVE-2018-5655
An issue exists in the weblizar-pinterest-feeds plugin 1.1.1 for WordPress. XSS exists via the wp-admin/admin-ajax.php security parameter.
Weblizar Pinterest-feeds 1.1.1
383
VMScore
CVE-2018-5653
An issue exists in the weblizar-pinterest-feeds plugin 1.1.1 for WordPress. XSS exists via the wp-admin/admin-ajax.php weblizar_pffree_settings_save_get-users parameter.
Weblizar Pinterest-feeds 1.1.1
435
VMScore
CVE-2011-5207
Cross-site scripting (XSS) vulnerability in admin/OptionsPostsList.php in the TheCartPress plugin for WordPress prior to 1.1.6 prior to 2011-12-31 allows remote malicious users to inject arbitrary web script or HTML via the tcp_name_post_XXXXX parameter.
Thecartpress Thecartpress
Thecartpress Thecartpress 1.1.5
Thecartpress Thecartpress 1.0.8
Thecartpress Thecartpress 1.0.7
Thecartpress Thecartpress 1.1.2
Thecartpress Thecartpress 1.1.1
Thecartpress Thecartpress 1.0.4
Thecartpress Thecartpress 1.0.3
Thecartpress Thecartpress 1.1.4
Thecartpress Thecartpress 1.1.3
Thecartpress Thecartpress 1.0.6
Thecartpress Thecartpress 1.0.5
Thecartpress Thecartpress 1.1.0
Thecartpress Thecartpress 1.0.9
Thecartpress Thecartpress 1.0.2
Thecartpress Thecartpress 1.0.1
Thecartpress Thecartpress 1.0
1 EDB exploit
383
VMScore
CVE-2012-6630
Multiple cross-site scripting (XSS) vulnerabilities in the Media Library Categories plugin 1.1.1 for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) bulk parameter to media-library-categories/add.php or (2) q parameter to media-library-ca...
Rick Mead Media Library Categories 1.1.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »