Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.0 vulnerabilities and exploits
(subscribe to this query)
655
VMScore
CVE-2017-14848
WPHRM Human Resource Management System for WordPress 1.0 allows SQL Injection via the employee_id parameter.
Dasinfomedia Wphrm Human Resource Management System 1.0
1 EDB exploit
655
VMScore
CVE-2017-6097
A SQL injection issue exists in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/campaign/count_of_send.php (Requires authentication to Wordpress admin) with the POST Parameter: camp_id.
Mail-masta Project Mail-masta 1.0
1 EDB exploit
655
VMScore
CVE-2017-6096
A SQL injection issue exists in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/lists/view-list.php (Requires authentication to Wordpress admin) with the GET Parameter: filter_list.
Mail-masta Project Mail-masta 1.0
1 EDB exploit
655
VMScore
CVE-2017-6098
A SQL injection issue exists in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/campaign_save.php (Requires authentication to Wordpress admin) with the POST Parameter: list_id.
Mail-masta Project Mail-masta 1.0
1 EDB exploit
655
VMScore
CVE-2014-3210
SQL injection vulnerability in dopbs-backend-forms.php in the Booking System (Booking Calendar) plugin prior to 1.3 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the booking_form_id parameter to wp-admin/admin-ajax.php.
Dotonpaper Booking System
Dotonpaper Booking System 1.1
Dotonpaper Booking System 1.0
1 EDB exploit
605
VMScore
CVE-2021-24704
In the Orange Form WordPress plugin up to and including 1.0, the process_bulk_action() function in "admin/orange-form-email.php" performs an unprepared SQL query with an unsanitized parameter ($id). Only admin can access the page that invokes the function, but because o...
Orange-form Project Orange-form
605
VMScore
CVE-2014-9441
Multiple cross-site request forgery (CSRF) vulnerabilities in the Lightbox Photo Gallery plugin 1.0 for WordPress allow remote malicious users to hijack the authentication of administrators for requests that (1) change plugin settings via unspecified vectors or conduct cross-site...
Lightbox Photo Gallery Project Lightbox Photo Gallery 1.0
605
VMScore
CVE-2014-9400
Multiple cross-site request forgery (CSRF) vulnerabilities in the Wp Unique Article Header Image plugin 1.0 and previous versions for WordPress allow remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks...
Wp Unique Article Header Image Project Wp Unique Article Header Image
605
VMScore
CVE-2014-3907
Cross-site request forgery (CSRF) vulnerability in the MailPoet Newsletters (wysija-newsletters) plugin prior to 2.6.11 for WordPress allows remote malicious users to hijack the authentication of arbitrary users.
Mailpoet Mailpoet Newsletters 2.6.6
Mailpoet Mailpoet Newsletters 2.6.4
Mailpoet Mailpoet Newsletters 2.6
Mailpoet Mailpoet Newsletters 2.5.9.3
Mailpoet Mailpoet Newsletters 2.5.4
Mailpoet Mailpoet Newsletters 2.5.2
Mailpoet Mailpoet Newsletters 2.4
Mailpoet Mailpoet Newsletters 2.3.4
Mailpoet Mailpoet Newsletters 2.2.3
Mailpoet Mailpoet Newsletters 2.2.1
Mailpoet Mailpoet Newsletters 2.1.4
Mailpoet Mailpoet Newsletters 2.6.3
Mailpoet Mailpoet Newsletters 2.6.2
Mailpoet Mailpoet Newsletters 2.6.1
Mailpoet Mailpoet Newsletters 2.5.1
Mailpoet Mailpoet Newsletters 2.5
Mailpoet Mailpoet Newsletters 2.4.4
Mailpoet Mailpoet Newsletters 2.4.3
Mailpoet Mailpoet Newsletters 2.4.2
Mailpoet Mailpoet Newsletters 2.1.9
Mailpoet Mailpoet Newsletters 2.1.8
Mailpoet Mailpoet Newsletters 2.1.7
605
VMScore
CVE-2013-3257
Cross-site request forgery (CSRF) vulnerability in the Related Posts plugin prior to 2.7.2 for WordPress allows remote malicious users to hijack the authentication of users for requests that modify settings via unspecified vectors.
Zemanta Related Posts 1.7
Zemanta Related Posts 1.6
Zemanta Related Posts 1.1
Zemanta Related Posts 1.0
Zemanta Related Posts 1.5
Zemanta Related Posts 1.4
Zemanta Related Posts
Zemanta Related Posts 2.7
Zemanta Related Posts 1.8.1
Zemanta Related Posts 1.8
Zemanta Related Posts 1.3.1
Zemanta Related Posts 1.3
Zemanta Related Posts 1.2
Zemanta Related Posts 2.4.1
Zemanta Related Posts 2.3
Zemanta Related Posts 1.3.3
Zemanta Related Posts 1.3.2
Zemanta Related Posts 2.6
Zemanta Related Posts 2.5.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201
CVE-2024-4779
CVE-2024-35090
CVE-2024-5084
hard-coded
CVE-2024-4985
HTML injection
CVE-2024-33655
local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »