Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.1.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-6991
Cross-site scripting (XSS) vulnerability in the WP-Cron Dashboard plugin 1.1.5 and previous versions for WordPress allows remote malicious users to inject arbitrary web script or HTML via the procname parameter to wp-admin/tools.php.
Wokamoto Wp-cron Dashboard 1.1.0
Wokamoto Wp-cron Dashboard
Wokamoto Wp-cron Dashboard 1.1.4
Wokamoto Wp-cron Dashboard 1.1.3
Wokamoto Wp-cron Dashboard 1.1.2
Wokamoto Wp-cron Dashboard 1.1.1
7.5
CVSSv3
CVE-2018-7422
A Local File Inclusion vulnerability in the Site Editor plugin up to and including 1.1.1 for WordPress allows remote malicious users to retrieve arbitrary files via the ajax_path parameter to editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php, aka absolute path tra...
Siteeditor Site Editor
1 EDB exploit
4 Github repositories
7.5
CVSSv3
CVE-2018-20782
The GloBee plugin prior to 1.1.2 for WooCommerce mishandles IPN messages.
Globee Woocommerce
1 EDB exploit
4.9
CVSSv3
CVE-2021-24966
The Error Log Viewer WordPress plugin up to and including 1.1.1 does not validate the path of the log file to clear, allowing high privilege users to clear arbitrary files on the web server, including those outside of the blog folder
Bestwebsoft Error Log Viewer
8.8
CVSSv3
CVE-2018-5656
An issue exists in the weblizar-pinterest-feeds plugin 1.1.1 for WordPress. CSRF exists via wp-admin/admin-ajax.php.
Weblizar Pinterest-feeds 1.1.1
6.1
CVSSv3
CVE-2018-5655
An issue exists in the weblizar-pinterest-feeds plugin 1.1.1 for WordPress. XSS exists via the wp-admin/admin-ajax.php security parameter.
Weblizar Pinterest-feeds 1.1.1
6.1
CVSSv3
CVE-2018-5654
An issue exists in the weblizar-pinterest-feeds plugin 1.1.1 for WordPress. XSS exists via the wp-admin/admin-ajax.php PFFREE_Access_Token parameter.
Weblizar Pinterest-feeds 1.1.1
6.1
CVSSv3
CVE-2018-5653
An issue exists in the weblizar-pinterest-feeds plugin 1.1.1 for WordPress. XSS exists via the wp-admin/admin-ajax.php weblizar_pffree_settings_save_get-users parameter.
Weblizar Pinterest-feeds 1.1.1
NA
CVE-2011-5207
Cross-site scripting (XSS) vulnerability in admin/OptionsPostsList.php in the TheCartPress plugin for WordPress prior to 1.1.6 prior to 2011-12-31 allows remote malicious users to inject arbitrary web script or HTML via the tcp_name_post_XXXXX parameter.
Thecartpress Thecartpress
Thecartpress Thecartpress 1.1.5
Thecartpress Thecartpress 1.0.8
Thecartpress Thecartpress 1.0.7
Thecartpress Thecartpress 1.1.2
Thecartpress Thecartpress 1.1.1
Thecartpress Thecartpress 1.0.4
Thecartpress Thecartpress 1.0.3
Thecartpress Thecartpress 1.1.4
Thecartpress Thecartpress 1.1.3
Thecartpress Thecartpress 1.0.6
Thecartpress Thecartpress 1.0.5
Thecartpress Thecartpress 1.1.0
Thecartpress Thecartpress 1.0.9
Thecartpress Thecartpress 1.0.2
Thecartpress Thecartpress 1.0.1
Thecartpress Thecartpress 1.0
1 EDB exploit
NA
CVE-2012-6630
Multiple cross-site scripting (XSS) vulnerabilities in the Media Library Categories plugin 1.1.1 for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) bulk parameter to media-library-categories/add.php or (2) q parameter to media-library-ca...
Rick Mead Media Library Categories 1.1.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »