Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 3.1.3 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2019-13414
The Rencontre plugin prior to 3.1.3 for WordPress allows XSS via inc/rencontre_widget.php.
Boiteasite Rencontre
668
VMScore
CVE-2019-13413
The Rencontre plugin prior to 3.1.3 for WordPress allows SQL Injection via inc/rencontre_widget.php.
Boiteasite Rencontre
312
VMScore
CVE-2015-9389
The mtouch-quiz plugin prior to 3.1.3 for WordPress has XSS via a quiz name.
Mtouch Quiz Project Mtouch Quiz
383
VMScore
CVE-2015-9387
The mtouch-quiz plugin prior to 3.1.3 for WordPress has wp-admin/options-general.php CSRF.
Mtouch Quiz Project Mtouch Quiz
383
VMScore
CVE-2015-9388
The mtouch-quiz plugin prior to 3.1.3 for WordPress has wp-admin/edit.php CSRF with resultant XSS.
Mtouch Quiz Project Mtouch Quiz
NA
CVE-2023-6113
The WP STAGING WordPress Backup Plugin prior to 3.1.3 and WP STAGING Pro WordPress Backup Plugin prior to 5.1.3 do not prevent visitors from leaking key information about ongoing backups processes, allowing unauthenticated malicious users to download said backups later.
Wp-staging Wp Staging
383
VMScore
CVE-2015-9386
The mtouch-quiz plugin prior to 3.1.3 for WordPress has XSS via the quiz parameter during a Quiz Manage operation.
Mtouch Quiz Project Mtouch Quiz
383
VMScore
CVE-2021-25098
The Pricing Tables WordPress Plugin WordPress plugin prior to 3.1.3 does not verify the CSRF nonce when removing posts, allowing malicious users to make a logged in admin remove arbitrary posts from the blog via a CSRF attack, which will be put in the trash
Fatcatapps Easy Pricing Tables
312
VMScore
CVE-2021-24302
The Hana Flv Player WordPress plugin up to and including 3.1.3 is vulnerable to an Authenticated Stored Cross-Site Scripting (XSS) vulnerability within the 'Default Skin' field.
Neox Hana Flv Player
NA
CVE-2024-2761
The Genesis Blocks WordPress plugin prior to 3.1.3 does not properly escape data input provided to some of its blocks, allowing using with at least contributor privileges to conduct Stored XSS attacks.
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »