Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.1.1 vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2015-4070
Open redirect vulnerability in the proxyimages function in wowproxy.php in the Wow Moodboard Lite plugin 1.1.1.1 for WordPress allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter.
Wow New Media Wow Moodboard Lite 1.1.1
5.4
CVSSv3
CVE-2017-15811
The Pootle Button plugin prior to 1.2.0 for WordPress has XSS via the assets_url parameter in assets/dialog.php, exploitable via wp-admin/admin-ajax.php.
Pootlepress Pootle Button 1.1.0
Pootlepress Pootle Button 1.1.1
Pootlepress Pootle Button 1.0.0
NA
CVE-2012-1010
Unrestricted file upload vulnerability in actions.php in the AllWebMenus plugin prior to 1.1.8 for WordPress allows remote malicious users to execute arbitrary PHP code by uploading a ZIP file containing a PHP file, then accessing it via a direct request to the file in an unspeci...
Likno Allwebmenus Plugin 1.0.12
Likno Allwebmenus Plugin 1.0.17
Likno Allwebmenus Plugin 1.1.1
Likno Allwebmenus Plugin 1.1.2
Likno Allwebmenus Plugin 1.0.10
Likno Allwebmenus Plugin 1.0.11
Likno Allwebmenus Plugin 1.0.23
Likno Allwebmenus Plugin 1.0.24
Likno Allwebmenus Plugin
Likno Allwebmenus Plugin 1.0.4
Likno Allwebmenus Plugin 1.0.9
Likno Allwebmenus Plugin 1.0.21
Likno Allwebmenus Plugin 1.0.22
Likno Allwebmenus Plugin 1.1.5
Likno Allwebmenus Plugin 1.1.6
Likno Allwebmenus Plugin 1.0.1
Likno Allwebmenus Plugin 1.0.3
Likno Allwebmenus Plugin 1.0.18
Likno Allwebmenus Plugin 1.0.19
Likno Allwebmenus Plugin 1.0.20
Likno Allwebmenus Plugin 1.1.3
Likno Allwebmenus Plugin 1.1.4
1 EDB exploit
NA
CVE-2011-3852
Cross-site scripting (XSS) vulnerability in the EvoLve theme prior to 1.2.6 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the s parameter.
Theme4press Evolve
Theme4press Evolve 1.0
Theme4press Evolve 1.0.0
Theme4press Evolve 1.0.1
Theme4press Evolve 1.0.2
Theme4press Evolve 1.0.3
Theme4press Evolve 1.0.4
Theme4press Evolve 1.0.5
Theme4press Evolve 1.0.6
Theme4press Evolve 1.0.7
Theme4press Evolve 1.0.8
Theme4press Evolve 1.0.9
Theme4press Evolve 1.1.0
Theme4press Evolve 1.1.1
Theme4press Evolve 1.1.2
Theme4press Evolve 1.1.3
Theme4press Evolve 1.1.4
Theme4press Evolve 1.1.5
Theme4press Evolve 1.1.6
Theme4press Evolve 1.1.7
Theme4press Evolve 1.1.8
Theme4press Evolve 1.1.9
1 EDB exploit
NA
CVE-2013-5977
Cross-site request forgery (CSRF) vulnerability in Cart66Product.php in the Cart66 Lite plugin prior to 1.5.1.15 for WordPress allows remote malicious users to hijack the authentication of administrators for requests that (1) create or modify products or conduct cross-site script...
Cart66 Cart66 Lite Plugin 1.1.3
Cart66 Cart66 Lite Plugin 1.4.0
Cart66 Cart66 Lite Plugin 1.5.0.1
Cart66 Cart66 Lite Plugin 1.0.7
Cart66 Cart66 Lite Plugin 1.4.9
Cart66 Cart66 Lite Plugin 1.4.7
Cart66 Cart66 Lite Plugin 1.5.0
Cart66 Cart66 Lite Plugin 1.5.1.8
Cart66 Cart66 Lite Plugin 1.0.8
Cart66 Cart66 Lite Plugin 1.5.1.2
Cart66 Cart66 Lite Plugin 1.1.5
Cart66 Cart66 Lite Plugin 1.1.4
Cart66 Cart66 Lite Plugin 1.4.1
Cart66 Cart66 Lite Plugin 1.4.8
Cart66 Cart66 Lite Plugin 1.1
Cart66 Cart66 Lite Plugin
Cart66 Cart66 Lite Plugin 1.1.2
Cart66 Cart66 Lite Plugin 1.4.4
Cart66 Cart66 Lite Plugin 1.5.0.2
Cart66 Cart66 Lite Plugin 1.5.1.1
Cart66 Cart66 Lite Plugin 1.1.1
Cart66 Cart66 Lite Plugin 1.3.0
1 EDB exploit
NA
CVE-2013-4954
Multiple cross-site scripting (XSS) vulnerabilities in wp-login.php in the Genetech Solutions Pie-Register plugin prior to 1.31 for WordPress, when "Allow New Registrations to set their own Password" is enabled, allow remote malicious users to inject arbitrary web scrip...
Genetechsolutions Pie-register 1.2.9
Genetechsolutions Pie-register 1.2.1
Genetechsolutions Pie-register 1.2.0
Genetechsolutions Pie-register 1.1.3
Genetechsolutions Pie-register 1.1.2
Genetechsolutions Pie-register 1.2.91
Genetechsolutions Pie-register 1.2.3
Genetechsolutions Pie-register 1.2.2
Genetechsolutions Pie-register 1.1.6
Genetechsolutions Pie-register 1.1.5
Genetechsolutions Pie-register 1.2.6
Genetechsolutions Pie-register 1.2.4
Genetechsolutions Pie-register 1.1.8
Genetechsolutions Pie-register 1.1.7
Genetechsolutions Pie-register 1.2.8
Genetechsolutions Pie-register 1.2.7
Genetechsolutions Pie-register 1.1.9
Genetechsolutions Pie-register 1.1.1
Genetechsolutions Pie-register 1.0.1
Genetechsolutions Pie-register
1 EDB exploit
NA
CVE-2011-3858
Cross-site scripting (XSS) vulnerability in the Pixiv Custom theme prior to 2.1.6 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the s parameter.
Zespia Pixiv Custom
Zespia Pixiv Custom 1.0
Zespia Pixiv Custom 1.0.1
Zespia Pixiv Custom 1.0.2
Zespia Pixiv Custom 1.1
Zespia Pixiv Custom 1.1.1
Zespia Pixiv Custom 1.1.2
Zespia Pixiv Custom 1.1.3
Zespia Pixiv Custom 1.1.4
Zespia Pixiv Custom 1.1.5
Zespia Pixiv Custom 1.1.6
Zespia Pixiv Custom 1.1.7
Zespia Pixiv Custom 1.1.9
Zespia Pixiv Custom 1.1.10
Zespia Pixiv Custom 1.1.11
Zespia Pixiv Custom 1.1.12
Zespia Pixiv Custom 1.1.13
Zespia Pixiv Custom 1.1.14
Zespia Pixiv Custom 1.2.0
Zespia Pixiv Custom 1.2.1
Zespia Pixiv Custom 1.3.0
Zespia Pixiv Custom 1.3.1
1 EDB exploit
NA
CVE-2013-3526
Cross-site scripting (XSS) vulnerability in js/ta_loaded.js.php in the Traffic Analyzer plugin, possibly 3.3.2 and previous versions, for WordPress allows remote malicious users to inject arbitrary web script or HTML via the aoid parameter.
Wptrafficanalyzer Trafficanalyzer 3.3.2
Wptrafficanalyzer Trafficanalyzer 3.0.1
Wptrafficanalyzer Trafficanalyzer 3.0.0
Wptrafficanalyzer Trafficanalyzer 2.7.0
Wptrafficanalyzer Trafficanalyzer 2.6.0
Wptrafficanalyzer Trafficanalyzer 2.2.1
Wptrafficanalyzer Trafficanalyzer 2.2.0
Wptrafficanalyzer Trafficanalyzer 1.5.0
Wptrafficanalyzer Trafficanalyzer 1.4.0
Wptrafficanalyzer Trafficanalyzer 1.0.0
Wptrafficanalyzer Trafficanalyzer 3.2.1
Wptrafficanalyzer Trafficanalyzer 3.2.0
Wptrafficanalyzer Trafficanalyzer 3.1.0
Wptrafficanalyzer Trafficanalyzer 2.8.2
Wptrafficanalyzer Trafficanalyzer 2.8.1
Wptrafficanalyzer Trafficanalyzer 2.5.0
Wptrafficanalyzer Trafficanalyzer 2.4.1
Wptrafficanalyzer Trafficanalyzer 1.8.0
Wptrafficanalyzer Trafficanalyzer 1.7.0
Wptrafficanalyzer Trafficanalyzer 1.1.3
Wptrafficanalyzer Trafficanalyzer 1.1.2
Wptrafficanalyzer Trafficanalyzer 3.0.3
1 EDB exploit
NA
CVE-2008-1502
The _bad_protocol_once function in phpgwapi/inc/class.kses.inc.php in KSES, as used in eGroupWare prior to 1.4.003, Moodle prior to 1.8.5, and other products, allows remote malicious users to bypass HTML filtering and conduct cross-site scripting (XSS) attacks via a string contai...
Moodle Moodle 1.8.1
Moodle Moodle 1.6.7
Moodle Moodle 1.5.0
Moodle Moodle 1.5.3
Moodle Moodle 1.4.2
Moodle Moodle 1.4.1
Moodle Moodle 1.2.0
Moodle Moodle 1.1.1
Moodle Moodle
Moodle Moodle 1.7.4
Moodle Moodle 1.7.3
Moodle Moodle 1.6.4
Moodle Moodle 1.6.3
Moodle Moodle 1.6.2
Moodle Moodle 1.5
Moodle Moodle 1.4.5
Moodle Moodle 1.3.2
Moodle Moodle 1.3.1
Egroupware Egroupware 1.0.3
Egroupware Egroupware 1.0.1
Moodle Moodle 1.7.6
Moodle Moodle 1.7.5
NA
CVE-2014-3882
Cross-site request forgery (CSRF) vulnerability in the Login rebuilder plugin prior to 1.2.0 for WordPress allows remote malicious users to hijack the authentication of arbitrary users.
12net Login Rebuilder
12net Login Rebuilder 1.1.2
12net Login Rebuilder 1.1.0
12net Login Rebuilder 1.0.2
12net Login Rebuilder 1.0.1
12net Login Rebuilder 1.0.0
12net Login Rebuilder 1.1.1
12net Login Rebuilder 1.0.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »