Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 3.1.3 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2011-3128
WordPress 3.1 prior to 3.1.3 and 3.2 before Beta 2 treats unattached attachments as published, which might allow remote malicious users to obtain sensitive data via vectors related to wp-includes/post.php.
Wordpress Wordpress 3.1
Wordpress Wordpress 3.1.1
Wordpress Wordpress 3.1.2
Wordpress Wordpress 3.2
4.3
CVSSv2
CVE-2021-25098
The Pricing Tables WordPress Plugin WordPress plugin prior to 3.1.3 does not verify the CSRF nonce when removing posts, allowing malicious users to make a logged in admin remove arbitrary posts from the blog via a CSRF attack, which will be put in the trash
Fatcatapps Easy Pricing Tables
4.3
CVSSv2
CVE-2020-11727
A cross-site scripting (XSS) vulnerability in the AlgolPlus Advanced Order Export For WooCommerce plugin 3.1.3 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the view/settings-form.php woe_post_type parameter.
Algolplus Advanced Order Export 3.1.3
4.3
CVSSv2
CVE-2015-9386
The mtouch-quiz plugin prior to 3.1.3 for WordPress has XSS via the quiz parameter during a Quiz Manage operation.
Mtouch Quiz Project Mtouch Quiz
4.3
CVSSv2
CVE-2015-9387
The mtouch-quiz plugin prior to 3.1.3 for WordPress has wp-admin/options-general.php CSRF.
Mtouch Quiz Project Mtouch Quiz
4.3
CVSSv2
CVE-2015-9388
The mtouch-quiz plugin prior to 3.1.3 for WordPress has wp-admin/edit.php CSRF with resultant XSS.
Mtouch Quiz Project Mtouch Quiz
4.3
CVSSv2
CVE-2019-13414
The Rencontre plugin prior to 3.1.3 for WordPress allows XSS via inc/rencontre_widget.php.
Boiteasite Rencontre
4.3
CVSSv2
CVE-2017-9420
Cross site scripting (XSS) vulnerability in the Spiffy Calendar plugin prior to 3.3.0 for WordPress allows remote malicious users to inject arbitrary JavaScript via the yr parameter.
Sunnythemes Spiffy Calendar 3.0.8
Sunnythemes Spiffy Calendar 3.0.7
Sunnythemes Spiffy Calendar 3.0.0
Sunnythemes Spiffy Calendar 2.1.3
Sunnythemes Spiffy Calendar 1.2.0
Sunnythemes Spiffy Calendar 1.1.8
Sunnythemes Spiffy Calendar 1.1.2
Sunnythemes Spiffy Calendar 1.1.1
Sunnythemes Spiffy Calendar 3.1.3
Sunnythemes Spiffy Calendar 3.1.2
Sunnythemes Spiffy Calendar 3.0.4
Sunnythemes Spiffy Calendar 3.0.3
Sunnythemes Spiffy Calendar 2.1.0
Sunnythemes Spiffy Calendar 2.0.1
Sunnythemes Spiffy Calendar 1.1.5
Sunnythemes Spiffy Calendar 2.0.0
Sunnythemes Spiffy Calendar 1.0.3
Sunnythemes Spiffy Calendar 1.0.1
Sunnythemes Spiffy Calendar 3.1.1
Sunnythemes Spiffy Calendar 3.1.0
Sunnythemes Spiffy Calendar 3.0.2
Sunnythemes Spiffy Calendar 3.0.1
4.3
CVSSv2
CVE-2013-1636
Cross-site scripting (XSS) vulnerability in open-flash-chart.swf in Open Flash Chart (aka Open-Flash Chart), as used in the Pretty Link Lite plugin prior to 1.6.3 for WordPress, JNews (com_jnews) component 8.0.1 for Joomla!, and CiviCRM 3.1.0 up to and including 4.2.9 and 4.3.0 u...
Blair Williams Pretty Link Lite 1.6.0
Blair Williams Pretty Link Lite 1.6.1
Blair Williams Pretty Link Lite
Joobi Com Jnews 8.0.1
Civicrm Civicrm 4.3.1
Civicrm Civicrm 3.1.1
Civicrm Civicrm 3.1.2
Civicrm Civicrm 3.2.2
Civicrm Civicrm 3.2.3
Civicrm Civicrm 3.3.6
Civicrm Civicrm 3.4.0
Civicrm Civicrm 4.1.5
Civicrm Civicrm 4.1.6
Civicrm Civicrm 4.2.7
Civicrm Civicrm 4.2.8
Civicrm Civicrm 4.3.3
Civicrm Civicrm 3.1.0
Civicrm Civicrm 3.2.0
Civicrm Civicrm 3.2.1
Civicrm Civicrm 3.3.3
Civicrm Civicrm 3.3.5
Civicrm Civicrm 4.1.3
1 EDB exploit
4.3
CVSSv2
CVE-2012-6633
Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php in WordPress prior to 3.3.3 allows remote malicious users to inject arbitrary web script or HTML via an editable slug field.
Wordpress Wordpress 3.2
Wordpress Wordpress 3.1.4
Wordpress Wordpress 3.1.3
Wordpress Wordpress 3.1.2
Wordpress Wordpress
Wordpress Wordpress 3.0.3
Wordpress Wordpress 3.0.2
Wordpress Wordpress 3.0.1
Wordpress Wordpress 3.0
Wordpress Wordpress 3.3
Wordpress Wordpress 3.1.1
Wordpress Wordpress 3.0.6
Wordpress Wordpress 3.0.4
Wordpress Wordpress 3.3.1
Wordpress Wordpress 3.2.1
Wordpress Wordpress 3.1
Wordpress Wordpress 3.0.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »