Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.2.3 vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2014-9413
Multiple cross-site request forgery (CSRF) vulnerabilities in the IP Ban (simple-ip-ban) plugin 1.2.3 for WordPress allow remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) ip_list, (2) us...
Ip Ban Project Ip Ban 1.2.3
755
VMScore
CVE-2012-5469
The Portable phpMyAdmin plugin prior to 1.3.1 for WordPress allows remote malicious users to bypass authentication and obtain phpMyAdmin console access via a direct request to wp-content/plugins/portable-phpmyadmin/wp-pma-mod.
Phpmyadmin Phpmyadmin 1.2.7
Phpmyadmin Phpmyadmin 1.2.6
Phpmyadmin Phpmyadmin 1.2.5
Phpmyadmin Phpmyadmin 1.2.4
Phpmyadmin Phpmyadmin 1.0.1
Phpmyadmin Phpmyadmin 1.0.0
Phpmyadmin Phpmyadmin 1.3
Phpmyadmin Phpmyadmin 1.2.9.5
Phpmyadmin Phpmyadmin 1.2.9.4
Phpmyadmin Phpmyadmin 1.2.9.3
Phpmyadmin Phpmyadmin 1.1
Phpmyadmin Phpmyadmin 1.0.8
Phpmyadmin Phpmyadmin 1.0.7
Phpmyadmin Phpmyadmin 1.0.6
Phpmyadmin Phpmyadmin 1.2.9.1
Phpmyadmin Phpmyadmin 1.2.8
Phpmyadmin Phpmyadmin 1.2.3
Phpmyadmin Phpmyadmin 1.2.1
Phpmyadmin Phpmyadmin 1.0.5
Phpmyadmin Phpmyadmin 1.0.3
Phpmyadmin Phpmyadmin 1.2.9.2
Phpmyadmin Phpmyadmin 1.2.9
1 EDB exploit
435
VMScore
CVE-2011-3852
Cross-site scripting (XSS) vulnerability in the EvoLve theme prior to 1.2.6 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the s parameter.
Theme4press Evolve
Theme4press Evolve 1.0
Theme4press Evolve 1.0.0
Theme4press Evolve 1.0.1
Theme4press Evolve 1.0.2
Theme4press Evolve 1.0.3
Theme4press Evolve 1.0.4
Theme4press Evolve 1.0.5
Theme4press Evolve 1.0.6
Theme4press Evolve 1.0.7
Theme4press Evolve 1.0.8
Theme4press Evolve 1.0.9
Theme4press Evolve 1.1.0
Theme4press Evolve 1.1.1
Theme4press Evolve 1.1.2
Theme4press Evolve 1.1.3
Theme4press Evolve 1.1.4
Theme4press Evolve 1.1.5
Theme4press Evolve 1.1.6
Theme4press Evolve 1.1.7
Theme4press Evolve 1.1.8
Theme4press Evolve 1.1.9
1 EDB exploit
265
VMScore
CVE-2013-4954
Multiple cross-site scripting (XSS) vulnerabilities in wp-login.php in the Genetech Solutions Pie-Register plugin prior to 1.31 for WordPress, when "Allow New Registrations to set their own Password" is enabled, allow remote malicious users to inject arbitrary web scrip...
Genetechsolutions Pie-register 1.2.9
Genetechsolutions Pie-register 1.2.1
Genetechsolutions Pie-register 1.2.0
Genetechsolutions Pie-register 1.1.3
Genetechsolutions Pie-register 1.1.2
Genetechsolutions Pie-register 1.2.91
Genetechsolutions Pie-register 1.2.3
Genetechsolutions Pie-register 1.2.2
Genetechsolutions Pie-register 1.1.6
Genetechsolutions Pie-register 1.1.5
Genetechsolutions Pie-register 1.2.6
Genetechsolutions Pie-register 1.2.4
Genetechsolutions Pie-register 1.1.8
Genetechsolutions Pie-register 1.1.7
Genetechsolutions Pie-register 1.2.8
Genetechsolutions Pie-register 1.2.7
Genetechsolutions Pie-register 1.1.9
Genetechsolutions Pie-register 1.1.1
Genetechsolutions Pie-register 1.0.1
Genetechsolutions Pie-register
1 EDB exploit
312
VMScore
CVE-2022-1001
The WP Downgrade WordPress plugin prior to 1.2.3 only perform client side validation of its "WordPress Target Version" settings, but does not sanitise and escape it server side, allowing high privilege users such as admin to perform Cross-Site attacks even when the unfi...
Wp Downgrade Project Wp Downgrade
685
VMScore
CVE-2015-2084
Cross-site request forgery (CSRF) vulnerability in the Easy Social Icons plugin prior to 1.2.3 for WordPress allows remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the image_file parameter in a...
Cybernetikz Easy Social Icons
1 EDB exploit
383
VMScore
CVE-2013-5918
Cross-site scripting (XSS) vulnerability in platinum_seo_pack.php in the Platinum SEO plugin prior to 1.3.8 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the s parameter.
Platinum Seo Project Platinum Seo Plugin 1.3.6
Platinum Seo Project Platinum Seo Plugin 1.3.5
Platinum Seo Project Platinum Seo Plugin 1.3.4
Platinum Seo Project Platinum Seo Plugin 1.3.3
Platinum Seo Project Platinum Seo Plugin 1.2
Platinum Seo Project Platinum Seo Plugin 1.1
Platinum Seo Project Platinum Seo Plugin 1.0
Platinum Seo Project Platinum Seo Plugin 1.2.8
Platinum Seo Project Platinum Seo Plugin 1.2.7
Platinum Seo Project Platinum Seo Plugin 1.2.6
Platinum Seo Project Platinum Seo Plugin 1.2.5
Platinum Seo Project Platinum Seo Plugin
Platinum Seo Project Platinum Seo Plugin 1.3.2
Platinum Seo Project Platinum Seo Plugin 1.3
Platinum Seo Project Platinum Seo Plugin 1.2.3
Platinum Seo Project Platinum Seo Plugin 1.2.1
Platinum Seo Project Platinum Seo Plugin 1.3.1
Platinum Seo Project Platinum Seo Plugin 1.2.9
Platinum Seo Project Platinum Seo Plugin 1.2.4
Platinum Seo Project Platinum Seo Plugin 1.2.2
383
VMScore
CVE-2011-4568
Cross-site scripting (XSS) vulnerability in view/frontend-head.php in the Flowplayer plugin prior to 1.2.12 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the URI.
Foliovision Fv Wordpress Flowplayer Plugin 1.2.10
Foliovision Fv Wordpress Flowplayer Plugin 1.2.3
Foliovision Fv Wordpress Flowplayer Plugin 1.2.1
Foliovision Fv Wordpress Flowplayer Plugin 1.0.4
Foliovision Fv Wordpress Flowplayer Plugin 1.0.2
Foliovision Fv Wordpress Flowplayer Plugin 0.9.13
Foliovision Fv Wordpress Flowplayer Plugin 1.2.0
Foliovision Fv Wordpress Flowplayer Plugin 1.1.0
Foliovision Fv Wordpress Flowplayer Plugin 1.0.6
Foliovision Fv Wordpress Flowplayer Plugin 1.0.5
Foliovision Fv Wordpress Flowplayer Plugin 1.2.8
Foliovision Fv Wordpress Flowplayer Plugin 1.2.7
Foliovision Fv Wordpress Flowplayer Plugin 1.2.6
Foliovision Fv Wordpress Flowplayer Plugin 1.2.5
Foliovision Fv Wordpress Flowplayer Plugin 1.0
Foliovision Fv Wordpress Flowplayer Plugin 0.9.18
Foliovision Fv Wordpress Flowplayer Plugin 0.9.16
Foliovision Fv Wordpress Flowplayer Plugin 0.9.15
Foliovision Fv Wordpress Flowplayer Plugin
Foliovision Fv Wordpress Flowplayer Plugin 1.2.9
Foliovision Fv Wordpress Flowplayer Plugin 1.2.4
Foliovision Fv Wordpress Flowplayer Plugin 1.2.2
605
VMScore
CVE-2015-9343
The wp-rollback plugin prior to 1.2.3 for WordPress has CSRF.
Impress Wp Rollback
383
VMScore
CVE-2015-9342
The wp-rollback plugin prior to 1.2.3 for WordPress has XSS.
Impress Wp Rollback
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »