Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.3.2 vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2021-24554
The Paytm – Donation Plugin WordPress plugin up to and including 1.3.2 does not sanitise, validate or escape the id GET parameter before using it in a SQL statement when deleting donations, leading to an authenticated SQL injection issue
Freelancetoindia Paytm-pay
6.1
CVSSv3
CVE-2021-34643
The Skaut bazar WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to the use of $_SERVER['PHP_SELF'] in the ~/skaut-bazar.php file which allows malicious users to inject arbitrary web scripts, in versions up to and including 1.3.2.
Skaut-bazar Project Skaut-bazar
6.1
CVSSv3
CVE-2021-24434
The Glass WordPress plugin up to and including 1.3.2 does not sanitise or escape its "Glass Pages" setting before outputting in a page, leading to a Stored Cross-Site Scripting issue. Furthermore, the plugin did not have CSRF check in place when saving its settings, all...
Codeblab Glass
6.1
CVSSv3
CVE-2021-24287
The settings page of the Select All Categories and Taxonomies, Change Checkbox to Radio Buttons WordPress plugin prior to 1.3.2 did not properly sanitise the tab parameter before outputting it back, leading to a reflected Cross-Site Scripting issue
Mooveagency Select All Categories And Taxonomies, Change Checkbox To Radio Buttons
8.8
CVSSv3
CVE-2013-2011
WordPress W3 Super Cache Plugin prior to 1.3.2 contains a PHP code-execution vulnerability which could allow remote malicious users to inject arbitrary code. This issue exists because of an incomplete fix for CVE-2013-2009.
Automattic W3 Super Cache
8.8
CVSSv3
CVE-2015-9474
The Simpolio theme 1.3.2 for WordPress has insufficient restrictions on option updates.
Simpolio Project Simpolio 1.3.2
8.8
CVSSv3
CVE-2016-10950
The sirv plugin prior to 1.3.2 for WordPress has SQL injection via the id parameter.
Sirv Sirv
5.3
CVSSv3
CVE-2019-14936
Easy!Appointments 1.3.2 plugin for WordPress allows Sensitive Information Disclosure (Username and Password Hash).
Easyappointments Easy!appointments 1.3.2
6.1
CVSSv3
CVE-2018-21012
The cf7-invisible-recaptcha plugin prior to 1.3.2 for WordPress has XSS.
Vsourz Cf7 Invisible Recaptcha
8.8
CVSSv3
CVE-2017-18546
The jayj-quicktag plugin prior to 1.3.2 for WordPress has CSRF.
Jayj Quicktag Project Jayj Quicktag
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »