Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 3.1.1 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2012-0896
Absolute path traversal vulnerability in download.php in the Count Per Day module prior to 3.1.1 for WordPress allows remote malicious users to read arbitrary files via the f parameter.
Count Per Day Project Count Per Day 2.16
Count Per Day Project Count Per Day 2.15.1
Count Per Day Project Count Per Day 2.15
Count Per Day Project Count Per Day 2.2
Tom Braider Count Per Day
Tom Braider Count Per Day 1.0
1 EDB exploit
5
CVSSv2
CVE-2011-3126
WordPress 3.1 prior to 3.1.3 and 3.2 before Beta 2 allows remote malicious users to determine usernames of non-authors via canonical redirects.
Wordpress Wordpress 3.1.2
Wordpress Wordpress 3.2
Wordpress Wordpress 3.1
Wordpress Wordpress 3.1.1
5
CVSSv2
CVE-2011-3128
WordPress 3.1 prior to 3.1.3 and 3.2 before Beta 2 treats unattached attachments as published, which might allow remote malicious users to obtain sensitive data via vectors related to wp-includes/post.php.
Wordpress Wordpress 3.1
Wordpress Wordpress 3.1.1
Wordpress Wordpress 3.1.2
Wordpress Wordpress 3.2
4.3
CVSSv2
CVE-2022-2173
The Advanced Database Cleaner WordPress plugin prior to 3.1.1 does not escape numerous generated URLs before outputting them back in href attributes of admin dashboard pages, leading to Reflected Cross-Site Scripting
Sigmaplugin Advanced Database Cleaner
4.3
CVSSv2
CVE-2021-24387
The WP Pro Real Estate 7 WordPress theme prior to 3.1.1 did not properly sanitise the ct_community parameter in its search listing page before outputting it back in it, leading to a reflected Cross-Site Scripting which can be triggered in both unauthenticated or authenticated use...
Contempothemes Real Estate 7
4.3
CVSSv2
CVE-2017-9420
Cross site scripting (XSS) vulnerability in the Spiffy Calendar plugin prior to 3.3.0 for WordPress allows remote malicious users to inject arbitrary JavaScript via the yr parameter.
Sunnythemes Spiffy Calendar 3.0.8
Sunnythemes Spiffy Calendar 3.0.7
Sunnythemes Spiffy Calendar 3.0.0
Sunnythemes Spiffy Calendar 2.1.3
Sunnythemes Spiffy Calendar 1.2.0
Sunnythemes Spiffy Calendar 1.1.8
Sunnythemes Spiffy Calendar 1.1.2
Sunnythemes Spiffy Calendar 1.1.1
Sunnythemes Spiffy Calendar 3.1.3
Sunnythemes Spiffy Calendar 3.1.2
Sunnythemes Spiffy Calendar 3.0.4
Sunnythemes Spiffy Calendar 3.0.3
Sunnythemes Spiffy Calendar 2.1.0
Sunnythemes Spiffy Calendar 2.0.1
Sunnythemes Spiffy Calendar 1.1.5
Sunnythemes Spiffy Calendar 2.0.0
Sunnythemes Spiffy Calendar 1.0.3
Sunnythemes Spiffy Calendar 1.0.1
Sunnythemes Spiffy Calendar 3.1.1
Sunnythemes Spiffy Calendar 3.1.0
Sunnythemes Spiffy Calendar 3.0.2
Sunnythemes Spiffy Calendar 3.0.1
4.3
CVSSv2
CVE-2014-6312
Cross-site request forgery (CSRF) vulnerability in the Login Widget With Shortcode (login-sidebar-widget) plugin prior to 3.2.1 for WordPress allows remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks ...
Login Widget With Shortcode Project Login Widget With Shortcode 1.0.1
Login Widget With Shortcode Project Login Widget With Shortcode 2.0.2
Login Widget With Shortcode Project Login Widget With Shortcode 2.2.3
Login Widget With Shortcode Project Login Widget With Shortcode 2.2.4
Login Widget With Shortcode Project Login Widget With Shortcode
Login Widget With Shortcode Project Login Widget With Shortcode 2.0.1
Login Widget With Shortcode Project Login Widget With Shortcode 2.1.3
1 EDB exploit
4.3
CVSSv2
CVE-2013-1636
Cross-site scripting (XSS) vulnerability in open-flash-chart.swf in Open Flash Chart (aka Open-Flash Chart), as used in the Pretty Link Lite plugin prior to 1.6.3 for WordPress, JNews (com_jnews) component 8.0.1 for Joomla!, and CiviCRM 3.1.0 up to and including 4.2.9 and 4.3.0 u...
Blair Williams Pretty Link Lite 1.6.0
Blair Williams Pretty Link Lite 1.6.1
Blair Williams Pretty Link Lite
Joobi Com Jnews 8.0.1
Civicrm Civicrm 4.3.1
Civicrm Civicrm 3.1.1
Civicrm Civicrm 3.1.2
Civicrm Civicrm 3.2.2
Civicrm Civicrm 3.2.3
Civicrm Civicrm 3.3.6
Civicrm Civicrm 3.4.0
Civicrm Civicrm 4.1.5
Civicrm Civicrm 4.1.6
Civicrm Civicrm 4.2.7
Civicrm Civicrm 4.2.8
Civicrm Civicrm 4.3.3
Civicrm Civicrm 3.1.0
Civicrm Civicrm 3.2.0
Civicrm Civicrm 3.2.1
Civicrm Civicrm 3.3.3
Civicrm Civicrm 3.3.5
Civicrm Civicrm 4.1.3
1 EDB exploit
4.3
CVSSv2
CVE-2012-6633
Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php in WordPress prior to 3.3.3 allows remote malicious users to inject arbitrary web script or HTML via an editable slug field.
Wordpress Wordpress 3.2
Wordpress Wordpress 3.1.4
Wordpress Wordpress 3.1.3
Wordpress Wordpress 3.1.2
Wordpress Wordpress
Wordpress Wordpress 3.0.3
Wordpress Wordpress 3.0.2
Wordpress Wordpress 3.0.1
Wordpress Wordpress 3.0
Wordpress Wordpress 3.3
Wordpress Wordpress 3.1.1
Wordpress Wordpress 3.0.6
Wordpress Wordpress 3.0.4
Wordpress Wordpress 3.3.1
Wordpress Wordpress 3.2.1
Wordpress Wordpress 3.1
Wordpress Wordpress 3.0.5
4.3
CVSSv2
CVE-2013-6342
Cross-site scripting (XSS) vulnerability in the Tweet Blender plugin prior to 4.0.2 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the tb_tab_index parameter to wp-admin/options-general.php.
Tweet-blender Tweet-blender
Tweet-blender Tweet-blender 4.0.0
Tweet-blender Tweet-blender 3.3.15
Tweet-blender Tweet-blender 3.3.14
Tweet-blender Tweet-blender 3.3.0
Tweet-blender Tweet-blender 3.2.4
Tweet-blender Tweet-blender 3.2.3
Tweet-blender Tweet-blender 3.2.2
Tweet-blender Tweet-blender 3.1.8
Tweet-blender Tweet-blender 3.1.7
Tweet-blender Tweet-blender 3.1.6
Tweet-blender Tweet-blender 3.1.5
Tweet-blender Tweet-blender 3.1.4
Tweet-blender Tweet-blender 3.0.0
Tweet-blender Tweet-blender 2.4.7
Tweet-blender Tweet-blender 2.4.6
Tweet-blender Tweet-blender 2.4.5
Tweet-blender Tweet-blender 2.0.4
Tweet-blender Tweet-blender 2.0.3
Tweet-blender Tweet-blender 2.0.2
Tweet-blender Tweet-blender 2.0.1
Tweet-blender Tweet-blender 3.3.9
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »