Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 3.3.3 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-0662
The FancyBox for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions 3.0.2 to 3.3.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level perm...
NA
CVE-2014-7228
Akeeba Restore (restore.php), as used in Joomla! 2.5.4 up to and including 2.5.25, 3.x up to and including 3.2.5, and 3.3.0 up to and including 3.3.4; Akeeba Backup for Joomla! Professional 3.0.0 up to and including 4.0.2; Backup Professional for WordPress 1.0.b1 up to and includ...
Joomla Joomla! 2.5.19
Joomla Joomla! 2.5.7
Joomla Joomla! 2.5.17
Joomla Joomla! 3.1.4
Joomla Joomla! 3.1.3
Joomla Joomla! 3.3.3
Joomla Joomla! 2.5.25
Joomla Joomla! 3.2.1
Joomla Joomla! 2.5.22
Joomla Joomla! 3.3.4
Joomla Joomla! 2.5.8
Joomla Joomla! 3.1.5
Joomla Joomla! 3.1.1
Joomla Joomla! 3.3.1
Joomla Joomla! 3.2.2
Joomla Joomla! 3.0.2
Joomla Joomla! 2.5.15
Joomla Joomla! 2.5.13
Joomla Joomla! 2.5.11
Joomla Joomla! 2.5.23
Joomla Joomla! 3.0.4
Joomla Joomla! 2.5.21
1 EDB exploit
8.8
CVSSv3
CVE-2022-3911
The iubenda WordPress plugin prior to 3.3.3 does does not have authorisation and CSRF in an AJAX action, and does not ensure that the options to be updated belong to the plugin as long as they are arrays. As a result, any authenticated users, such as subscriber can grant themselv...
Iubenda Iubenda-cookie-law-solution
7.5
CVSSv3
CVE-2022-0656
The Web To Print Shop : uDraw WordPress plugin prior to 3.3.3 does not validate the url parameter in its udraw_convert_url_to_base64 AJAX action (available to both unauthenticated and authenticated users) before using it in the file_get_contents function and returning its content...
Webtoprint Web To Print Shop Udraw
NA
CVE-2024-3136
The MasterStudy LMS plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.3.3 via the 'template' parameter. This makes it possible for unauthenticated malicious users to include and execute arbitrary files on the server, allo...
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4