Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

wordpress wordpress 3.0 vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2023-2029
The PrePost SEO WordPress plugin up to and including 3.0 does not properly sanitize some of its settings, which could allow high-privilege users to perform Stored Cross-Site Scripting (XSS) attacks even when the unfiltered_html capability is disallowed (for example in multisite s...
Enzipe Prepost Seo
5
CVSSv2
CVE-2017-17058
The WooCommerce plugin up to and including 3.x for WordPress has a Directory Traversal Vulnerability via a /wp-content/plugins/woocommerce/templates/emails/plain/ URI, which accesses a parent directory. NOTE: a software maintainer indicates that Directory Traversal is not possibl...
Automattic Woocommerce
6.8
CVSSv2
CVE-2018-16966
There is a CSRF vulnerability in the mndpsingh287 File Manager plugin 3.0 for WordPress via the page=wp_file_manager_root public_path parameter.
Webdesi9 File Manager 3.0
4.3
CVSSv2
CVE-2018-16967
There is an XSS vulnerability in the mndpsingh287 File Manager plugin 3.0 for WordPress via the page=wp_file_manager_root public_path parameter.
Webdesi9 File Manager 3.0
7.5
CVSSv2
CVE-2011-4671
SQL injection vulnerability in adrotate/adrotate-out.php in the AdRotate plugin 3.6.6, and other versions prior to 3.6.8, for WordPress allows remote malicious users to execute arbitrary SQL commands via the track parameter (aka redirect URL).
Adrotateplugin Adrotate 3.6.3Adrotateplugin Adrotate 3.6.2Adrotateplugin Adrotate 3.3Adrotateplugin Adrotate 3.2.2Adrotateplugin Adrotate 3.0.1Adrotateplugin Adrotate 3.0Adrotateplugin Adrotate 2.4.1Adrotateplugin Adrotate 2.4Adrotateplugin Adrotate 1.0Adrotateplugin Adrotate 0.8Adrotateplugin Adrotate 0.2Adrotateplugin Adrotate 0.1Adrotateplugin AdrotateAdrotateplugin Adrotate 3.6.6Adrotateplugin Adrotate 3.5.1Adrotateplugin Adrotate 3.5Adrotateplugin Adrotate 3.1.1Adrotateplugin Adrotate 3.1Adrotateplugin Adrotate 2.5Adrotateplugin Adrotate 2.4.4Adrotateplugin Adrotate 2.2Adrotateplugin Adrotate 2.1
7.5
CVSSv2
CVE-2017-1002002
Vulnerability in wordpress plugin webapp-builder v2.0, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com/
Webapp-builder Project Webapp-builder 2.0
7.5
CVSSv2
CVE-2017-1002001
Vulnerability in wordpress plugin mobile-app-builder-by-wappress v1.05, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com.
Mobile-app-builder-by-wappress Project Mobile-app-builder-by-wappress 1.05
7.5
CVSSv2
CVE-2017-1002003
Vulnerability in wordpress plugin wp2android-turn-wp-site-into-android-app v1.1.4, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com.
Wp2android-turn-wp-site-into-android-app Project Wp2android-turn-wp-site-into-android-app 1.1.4
7.5
CVSSv2
CVE-2012-4327
Unspecified vulnerability in the Image News slider plugin prior to 3.3 for WordPress has unspecified impact and remote attack vectors.
Wpslideshow Image News Slider 3.1Wpslideshow Image News Slider 3.0Wpslideshow Image News Slider
7.5
CVSSv2
CVE-2013-1852
SQL injection vulnerability in leaguemanager.php in the LeagueManager plugin prior to 3.8.1 for WordPress allows remote malicious users to execute arbitrary SQL commands via the league_id parameter in the leaguemanager-export page to wp-admin/admin.php.
Kolja Schleich LeaguemanagerKolja Schleich Leaguemanager 3.7Kolja Schleich Leaguemanager 3.6.9Kolja Schleich Leaguemanager 3.5.2Kolja Schleich Leaguemanager 3.5.1Kolja Schleich Leaguemanager 3.5Kolja Schleich Leaguemanager 3.4.2Kolja Schleich Leaguemanager 3.1.7Kolja Schleich Leaguemanager 3.1.6Kolja Schleich Leaguemanager 3.1.5Kolja Schleich Leaguemanager 3.1.4Kolja Schleich Leaguemanager 2.9Kolja Schleich Leaguemanager 2.8Kolja Schleich Leaguemanager 2.7.1Kolja Schleich Leaguemanager 2.1Kolja Schleich Leaguemanager 2.0Kolja Schleich Leaguemanager 1.5Kolja Schleich Leaguemanager 1.4.2Kolja Schleich Leaguemanager 3.6.7Kolja Schleich Leaguemanager 3.6.5Kolja Schleich Leaguemanager 3.6Kolja Schleich Leaguemanager 3.5.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924CVE-2024-3400overflowCVE-2024-23528CVE-2024-21338CVE-2024-3818CVE-2024-23535NULL pointer dereferenceelevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook