Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
announcements vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-3129
The file upload functionality in WordPress 3.1 prior to 3.1.3 and 3.2 before Beta 2, when running "on hosts with dangerous security settings," has unknown impact and attack vectors, possibly related to dangerous filenames.
Wordpress Wordpress 3.1
Wordpress Wordpress 3.1.1
Wordpress Wordpress 3.1.2
Wordpress Wordpress 3.2
NA
CVE-2012-2403
wp-includes/formatting.php in WordPress prior to 3.3.2 attempts to enable clickable links inside attributes, which makes it easier for remote malicious users to conduct cross-site scripting (XSS) attacks via unspecified vectors.
Wordpress Wordpress 2.6.2
Wordpress Wordpress 2.0.8
Wordpress Wordpress 1.5.1.2
Wordpress Wordpress 1.5.1.3
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.0.4
Wordpress Wordpress 3.0.3
Wordpress Wordpress 2.8.3
Wordpress Wordpress 3.0.5
Wordpress Wordpress 2.8.6
Wordpress Wordpress 2.2.2
Wordpress Wordpress 3.0.1
Wordpress Wordpress 1.0.2
Wordpress Wordpress 2.9
Wordpress Wordpress 1.2.5
Wordpress Wordpress 2.5
Wordpress Wordpress 2.7.1
Wordpress Wordpress 3.1.2
Wordpress Wordpress 1.3.2
Wordpress Wordpress
Wordpress Wordpress 2.2
Wordpress Wordpress 2.2.1
NA
CVE-2013-1163
Multiple SQL injection vulnerabilities in the device-management implementation in Cisco Connected Grid Network Management System (CG-NMS) allow remote malicious users to execute arbitrary SQL commands via unspecified vectors, aka Bug IDs CSCue14553 and CSCue38746.
Cisco Connected Grid Network Management System -
NA
CVE-2013-1188
Cisco Unified Communications Manager (CUCM) does not properly limit the rate of authentication attempts, which allows remote malicious users to cause a denial of service (application slowdown) via a series of requests, aka Bug ID CSCud39515.
Cisco Unified Communications Manager
NA
CVE-2011-3130
wp-includes/taxonomy.php in WordPress 3.1 prior to 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Taxonomy query hardening," possibly involving SQL injection.
Wordpress Wordpress 3.2
Wordpress Wordpress 3.1.1
Wordpress Wordpress 3.1.2
Wordpress Wordpress 3.1
NA
CVE-2011-4957
The make_clickable function in wp-includes/formatting.php in WordPress prior to 3.1.1 does not properly check URLs before passing them to the PCRE library, which allows remote malicious users to cause a denial of service (crash) via a comment with a crafted URL that triggers many...
Wordpress Wordpress 2.2.3
Wordpress Wordpress 2.1.3
Wordpress Wordpress 2.0.8
Wordpress Wordpress 2.8
Wordpress Wordpress 2.1
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.1.2
Wordpress Wordpress 2.7
Wordpress Wordpress 2.2.2
Wordpress Wordpress 2.9.2
Wordpress Wordpress 2.9
Wordpress Wordpress 2.9.1
Wordpress Wordpress 1.2.1
Wordpress Wordpress 1.2.2
Wordpress Wordpress 1.0.2
Wordpress Wordpress 1.2
Wordpress Wordpress 3.0
Wordpress Wordpress 2.0.11
Wordpress Wordpress 2.0.9
Wordpress Wordpress 2.3.1
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.0.5
NA
CVE-2012-2401
Plupload prior to 1.5.4, as used in wp-includes/js/plupload/ in WordPress prior to 3.3.2 and other products, enables scripting regardless of the domain from which the SWF content was loaded, which allows remote malicious users to bypass the Same Origin Policy via crafted content.
Wordpress Wordpress
Wordpress Wordpress 2.0.9
Wordpress Wordpress 2.2
Wordpress Wordpress 2.0
Wordpress Wordpress 2.3.2
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.0.7
Wordpress Wordpress 2.1
Wordpress Wordpress 2.8.1
Wordpress Wordpress 2.8.2
Wordpress Wordpress 2.2.3
Wordpress Wordpress 2.6.2
Wordpress Wordpress 2.3.1
Wordpress Wordpress 1.5.1.2
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.0.4
Wordpress Wordpress 2.7
Wordpress Wordpress 3.0.3
Wordpress Wordpress 2.3.3
Wordpress Wordpress 3.0.5
Wordpress Wordpress 2.2.2
Wordpress Wordpress 3.0.1
NA
CVE-2013-1174
Cisco Tivoli Business Service Manager (TBSM) in Hosted Collaboration Mediation (HCM) in Cisco Hosted Collaboration Solution allows remote malicious users to cause a denial of service (temporary service hang) by sending many TCP packets to certain ports, aka Bug ID CSCue03703.
Cisco Hosted Collaboration Solution -
NA
CVE-2013-1197
The XML parser in the server in Cisco Unified Presence (CUP) allows remote authenticated users to cause a denial of service (jabberd daemon crash) via crafted XML content in an XMPP message, aka Bug ID CSCue13912.
Cisco Unified Presence -
NA
CVE-2011-3127
WordPress 3.1 prior to 3.1.3 and 3.2 before Beta 2 does not prevent rendering for (1) admin or (2) login pages inside a frame in a third-party HTML document, which makes it easier for remote malicious users to conduct clickjacking attacks via a crafted web site.
Wordpress Wordpress 3.1
Wordpress Wordpress 3.2
Wordpress Wordpress 3.1.1
Wordpress Wordpress 3.1.2
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »