Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.1.1 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2013-6991
Cross-site scripting (XSS) vulnerability in the WP-Cron Dashboard plugin 1.1.5 and previous versions for WordPress allows remote malicious users to inject arbitrary web script or HTML via the procname parameter to wp-admin/tools.php.
Wokamoto Wp-cron Dashboard 1.1.0
Wokamoto Wp-cron Dashboard
Wokamoto Wp-cron Dashboard 1.1.4
Wokamoto Wp-cron Dashboard 1.1.3
Wokamoto Wp-cron Dashboard 1.1.2
Wokamoto Wp-cron Dashboard 1.1.1
5
CVSSv2
CVE-2018-7422
A Local File Inclusion vulnerability in the Site Editor plugin up to and including 1.1.1 for WordPress allows remote malicious users to retrieve arbitrary files via the ajax_path parameter to editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php, aka absolute path tra...
Siteeditor Site Editor
1 EDB exploit
4 Github repositories
5
CVSSv2
CVE-2018-20782
The GloBee plugin prior to 1.1.2 for WooCommerce mishandles IPN messages.
Globee Woocommerce
1 EDB exploit
4
CVSSv2
CVE-2021-24966
The Error Log Viewer WordPress plugin up to and including 1.1.1 does not validate the path of the log file to clear, allowing high privilege users to clear arbitrary files on the web server, including those outside of the blog folder
Bestwebsoft Error Log Viewer
6.8
CVSSv2
CVE-2018-5656
An issue exists in the weblizar-pinterest-feeds plugin 1.1.1 for WordPress. CSRF exists via wp-admin/admin-ajax.php.
Weblizar Pinterest-feeds 1.1.1
4.3
CVSSv2
CVE-2018-5655
An issue exists in the weblizar-pinterest-feeds plugin 1.1.1 for WordPress. XSS exists via the wp-admin/admin-ajax.php security parameter.
Weblizar Pinterest-feeds 1.1.1
4.3
CVSSv2
CVE-2018-5654
An issue exists in the weblizar-pinterest-feeds plugin 1.1.1 for WordPress. XSS exists via the wp-admin/admin-ajax.php PFFREE_Access_Token parameter.
Weblizar Pinterest-feeds 1.1.1
4.3
CVSSv2
CVE-2018-5653
An issue exists in the weblizar-pinterest-feeds plugin 1.1.1 for WordPress. XSS exists via the wp-admin/admin-ajax.php weblizar_pffree_settings_save_get-users parameter.
Weblizar Pinterest-feeds 1.1.1
4.3
CVSSv2
CVE-2011-5207
Cross-site scripting (XSS) vulnerability in admin/OptionsPostsList.php in the TheCartPress plugin for WordPress prior to 1.1.6 prior to 2011-12-31 allows remote malicious users to inject arbitrary web script or HTML via the tcp_name_post_XXXXX parameter.
Thecartpress Thecartpress
Thecartpress Thecartpress 1.1.5
Thecartpress Thecartpress 1.0.8
Thecartpress Thecartpress 1.0.7
Thecartpress Thecartpress 1.1.2
Thecartpress Thecartpress 1.1.1
Thecartpress Thecartpress 1.0.4
Thecartpress Thecartpress 1.0.3
Thecartpress Thecartpress 1.1.4
Thecartpress Thecartpress 1.1.3
Thecartpress Thecartpress 1.0.6
Thecartpress Thecartpress 1.0.5
Thecartpress Thecartpress 1.1.0
Thecartpress Thecartpress 1.0.9
Thecartpress Thecartpress 1.0.2
Thecartpress Thecartpress 1.0.1
Thecartpress Thecartpress 1.0
1 EDB exploit
4.3
CVSSv2
CVE-2012-6630
Multiple cross-site scripting (XSS) vulnerabilities in the Media Library Categories plugin 1.1.1 for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) bulk parameter to media-library-categories/add.php or (2) q parameter to media-library-ca...
Rick Mead Media Library Categories 1.1.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »