Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 2.3 vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2015-9532
The Easy Digital Downloads (EDD) Digital Store theme for WordPress, as used with EDD 1.8.x prior to 1.8.7, 1.9.x prior to 1.9.10, 2.0.x prior to 2.0.5, 2.1.x prior to 2.1.11, 2.2.x prior to 2.2.9, and 2.3.x prior to 2.3.7, has XSS because add_query_arg is misused.
Sandhillsdev Easy Digital Downloads
Easydigitaldownloads Digital Store -
6.1
CVSSv3
CVE-2015-9534
The Easy Digital Downloads (EDD) Quota theme for WordPress, as used with EDD 1.8.x prior to 1.8.7, 1.9.x prior to 1.9.10, 2.0.x prior to 2.0.5, 2.1.x prior to 2.1.11, 2.2.x prior to 2.2.9, and 2.3.x prior to 2.3.7, has XSS because add_query_arg is misused.
Sandhillsdev Easy Digital Downloads
Easydigitaldownloads Quota -
6.1
CVSSv3
CVE-2015-9535
The Easy Digital Downloads (EDD) Shoppette theme for WordPress, as used with EDD 1.8.x prior to 1.8.7, 1.9.x prior to 1.9.10, 2.0.x prior to 2.0.5, 2.1.x prior to 2.1.11, 2.2.x prior to 2.2.9, and 2.3.x prior to 2.3.7, has XSS because add_query_arg is misused.
Sandhillsdev Easy Digital Downloads
Easydigitaldownloads Shoppette -
6.1
CVSSv3
CVE-2018-5286
The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-about page.
Gd Rating System Project Gd Rating System 2.3
6.1
CVSSv3
CVE-2018-5288
The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-transfer page.
Gd Rating System Project Gd Rating System 2.3
6.1
CVSSv3
CVE-2018-5292
The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-information page.
Gd Rating System Project Gd Rating System 2.3
6.1
CVSSv3
CVE-2018-5293
The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-tools page.
Gd Rating System Project Gd Rating System 2.3
5.7
CVSSv3
CVE-2021-24752
Multiple Plugins from the CatchThemes vendor do not perform capability and CSRF checks in the ctp_switch AJAX action, which could allow any authenticated users, such as Subscriber to change the Essential Widgets WordPress plugin prior to 1.9, To Top WordPress plugin prior to 2.3,...
Catchplugins Catch Scroll Progress Bar
Catchplugins Catch Sticky Menu
Catchplugins Catch Themes Demo Import
Catchplugins Catch Under Construction
Catchplugins Catch Web Tools
Catchplugins Essential Content Types
Catchplugins Generate Child Theme
Catchplugins Header Enhancement
Catchplugins To Top
Catchplugins Essential Widgets
5.4
CVSSv3
CVE-2023-4514
The Mmm Simple File List WordPress plugin up to and including 2.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored C...
Mediamanifesto Mmm Simple File List
5.4
CVSSv3
CVE-2023-0064
The eVision Responsive Column Layout Shortcodes WordPress plugin up to and including 2.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and ab...
Eaglevisionit Evision Responsive Column Layout Shortcodes
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »