Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.2.3 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2014-9413
Multiple cross-site request forgery (CSRF) vulnerabilities in the IP Ban (simple-ip-ban) plugin 1.2.3 for WordPress allow remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) ip_list, (2) us...
Ip Ban Project Ip Ban 1.2.3
7.5
CVSSv2
CVE-2012-5469
The Portable phpMyAdmin plugin prior to 1.3.1 for WordPress allows remote malicious users to bypass authentication and obtain phpMyAdmin console access via a direct request to wp-content/plugins/portable-phpmyadmin/wp-pma-mod.
Phpmyadmin Phpmyadmin 1.2.7
Phpmyadmin Phpmyadmin 1.2.6
Phpmyadmin Phpmyadmin 1.2.5
Phpmyadmin Phpmyadmin 1.2.4
Phpmyadmin Phpmyadmin 1.0.1
Phpmyadmin Phpmyadmin 1.0.0
Phpmyadmin Phpmyadmin 1.3
Phpmyadmin Phpmyadmin 1.2.9.5
Phpmyadmin Phpmyadmin 1.2.9.4
Phpmyadmin Phpmyadmin 1.2.9.3
Phpmyadmin Phpmyadmin 1.1
Phpmyadmin Phpmyadmin 1.0.8
Phpmyadmin Phpmyadmin 1.0.7
Phpmyadmin Phpmyadmin 1.0.6
Phpmyadmin Phpmyadmin 1.2.9.1
Phpmyadmin Phpmyadmin 1.2.8
Phpmyadmin Phpmyadmin 1.2.3
Phpmyadmin Phpmyadmin 1.2.1
Phpmyadmin Phpmyadmin 1.0.5
Phpmyadmin Phpmyadmin 1.0.3
Phpmyadmin Phpmyadmin 1.2.9.2
Phpmyadmin Phpmyadmin 1.2.9
1 EDB exploit
4.3
CVSSv2
CVE-2011-3852
Cross-site scripting (XSS) vulnerability in the EvoLve theme prior to 1.2.6 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the s parameter.
Theme4press Evolve
Theme4press Evolve 1.0
Theme4press Evolve 1.0.0
Theme4press Evolve 1.0.1
Theme4press Evolve 1.0.2
Theme4press Evolve 1.0.3
Theme4press Evolve 1.0.4
Theme4press Evolve 1.0.5
Theme4press Evolve 1.0.6
Theme4press Evolve 1.0.7
Theme4press Evolve 1.0.8
Theme4press Evolve 1.0.9
Theme4press Evolve 1.1.0
Theme4press Evolve 1.1.1
Theme4press Evolve 1.1.2
Theme4press Evolve 1.1.3
Theme4press Evolve 1.1.4
Theme4press Evolve 1.1.5
Theme4press Evolve 1.1.6
Theme4press Evolve 1.1.7
Theme4press Evolve 1.1.8
Theme4press Evolve 1.1.9
1 EDB exploit
2.6
CVSSv2
CVE-2013-4954
Multiple cross-site scripting (XSS) vulnerabilities in wp-login.php in the Genetech Solutions Pie-Register plugin prior to 1.31 for WordPress, when "Allow New Registrations to set their own Password" is enabled, allow remote malicious users to inject arbitrary web scrip...
Genetechsolutions Pie-register 1.2.9
Genetechsolutions Pie-register 1.2.1
Genetechsolutions Pie-register 1.2.0
Genetechsolutions Pie-register 1.1.3
Genetechsolutions Pie-register 1.1.2
Genetechsolutions Pie-register 1.2.91
Genetechsolutions Pie-register 1.2.3
Genetechsolutions Pie-register 1.2.2
Genetechsolutions Pie-register 1.1.6
Genetechsolutions Pie-register 1.1.5
Genetechsolutions Pie-register 1.2.6
Genetechsolutions Pie-register 1.2.4
Genetechsolutions Pie-register 1.1.8
Genetechsolutions Pie-register 1.1.7
Genetechsolutions Pie-register 1.2.8
Genetechsolutions Pie-register 1.2.7
Genetechsolutions Pie-register 1.1.9
Genetechsolutions Pie-register 1.1.1
Genetechsolutions Pie-register 1.0.1
Genetechsolutions Pie-register
1 EDB exploit
3.5
CVSSv2
CVE-2022-1001
The WP Downgrade WordPress plugin prior to 1.2.3 only perform client side validation of its "WordPress Target Version" settings, but does not sanitise and escape it server side, allowing high privilege users such as admin to perform Cross-Site attacks even when the unfi...
Wp Downgrade Project Wp Downgrade
6.8
CVSSv2
CVE-2015-2084
Cross-site request forgery (CSRF) vulnerability in the Easy Social Icons plugin prior to 1.2.3 for WordPress allows remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the image_file parameter in a...
Cybernetikz Easy Social Icons
1 EDB exploit
4.3
CVSSv2
CVE-2013-5918
Cross-site scripting (XSS) vulnerability in platinum_seo_pack.php in the Platinum SEO plugin prior to 1.3.8 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the s parameter.
Platinum Seo Project Platinum Seo Plugin 1.3.6
Platinum Seo Project Platinum Seo Plugin 1.3.5
Platinum Seo Project Platinum Seo Plugin 1.3.4
Platinum Seo Project Platinum Seo Plugin 1.3.3
Platinum Seo Project Platinum Seo Plugin 1.2
Platinum Seo Project Platinum Seo Plugin 1.1
Platinum Seo Project Platinum Seo Plugin 1.0
Platinum Seo Project Platinum Seo Plugin 1.2.8
Platinum Seo Project Platinum Seo Plugin 1.2.7
Platinum Seo Project Platinum Seo Plugin 1.2.6
Platinum Seo Project Platinum Seo Plugin 1.2.5
Platinum Seo Project Platinum Seo Plugin
Platinum Seo Project Platinum Seo Plugin 1.3.2
Platinum Seo Project Platinum Seo Plugin 1.3
Platinum Seo Project Platinum Seo Plugin 1.2.3
Platinum Seo Project Platinum Seo Plugin 1.2.1
Platinum Seo Project Platinum Seo Plugin 1.3.1
Platinum Seo Project Platinum Seo Plugin 1.2.9
Platinum Seo Project Platinum Seo Plugin 1.2.4
Platinum Seo Project Platinum Seo Plugin 1.2.2
4.3
CVSSv2
CVE-2011-4568
Cross-site scripting (XSS) vulnerability in view/frontend-head.php in the Flowplayer plugin prior to 1.2.12 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the URI.
Foliovision Fv Wordpress Flowplayer Plugin 1.2.10
Foliovision Fv Wordpress Flowplayer Plugin 1.2.3
Foliovision Fv Wordpress Flowplayer Plugin 1.2.1
Foliovision Fv Wordpress Flowplayer Plugin 1.0.4
Foliovision Fv Wordpress Flowplayer Plugin 1.0.2
Foliovision Fv Wordpress Flowplayer Plugin 0.9.13
Foliovision Fv Wordpress Flowplayer Plugin 1.2.0
Foliovision Fv Wordpress Flowplayer Plugin 1.1.0
Foliovision Fv Wordpress Flowplayer Plugin 1.0.6
Foliovision Fv Wordpress Flowplayer Plugin 1.0.5
Foliovision Fv Wordpress Flowplayer Plugin 1.2.8
Foliovision Fv Wordpress Flowplayer Plugin 1.2.7
Foliovision Fv Wordpress Flowplayer Plugin 1.2.6
Foliovision Fv Wordpress Flowplayer Plugin 1.2.5
Foliovision Fv Wordpress Flowplayer Plugin 1.0
Foliovision Fv Wordpress Flowplayer Plugin 0.9.18
Foliovision Fv Wordpress Flowplayer Plugin 0.9.16
Foliovision Fv Wordpress Flowplayer Plugin 0.9.15
Foliovision Fv Wordpress Flowplayer Plugin
Foliovision Fv Wordpress Flowplayer Plugin 1.2.9
Foliovision Fv Wordpress Flowplayer Plugin 1.2.4
Foliovision Fv Wordpress Flowplayer Plugin 1.2.2
4.3
CVSSv2
CVE-2015-9342
The wp-rollback plugin prior to 1.2.3 for WordPress has XSS.
Impress Wp Rollback
6.8
CVSSv2
CVE-2015-9343
The wp-rollback plugin prior to 1.2.3 for WordPress has CSRF.
Impress Wp Rollback
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »