Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 3.1.3 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-13414
The Rencontre plugin prior to 3.1.3 for WordPress allows XSS via inc/rencontre_widget.php.
Boiteasite Rencontre
7.5
CVSSv2
CVE-2019-13413
The Rencontre plugin prior to 3.1.3 for WordPress allows SQL Injection via inc/rencontre_widget.php.
Boiteasite Rencontre
4.3
CVSSv2
CVE-2015-9387
The mtouch-quiz plugin prior to 3.1.3 for WordPress has wp-admin/options-general.php CSRF.
Mtouch Quiz Project Mtouch Quiz
3.5
CVSSv2
CVE-2015-9389
The mtouch-quiz plugin prior to 3.1.3 for WordPress has XSS via a quiz name.
Mtouch Quiz Project Mtouch Quiz
4.3
CVSSv2
CVE-2015-9388
The mtouch-quiz plugin prior to 3.1.3 for WordPress has wp-admin/edit.php CSRF with resultant XSS.
Mtouch Quiz Project Mtouch Quiz
NA
CVE-2023-6113
The WP STAGING WordPress Backup Plugin prior to 3.1.3 and WP STAGING Pro WordPress Backup Plugin prior to 5.1.3 do not prevent visitors from leaking key information about ongoing backups processes, allowing unauthenticated malicious users to download said backups later.
Wp-staging Wp Staging
4.3
CVSSv2
CVE-2015-9386
The mtouch-quiz plugin prior to 3.1.3 for WordPress has XSS via the quiz parameter during a Quiz Manage operation.
Mtouch Quiz Project Mtouch Quiz
4.3
CVSSv2
CVE-2021-25098
The Pricing Tables WordPress Plugin WordPress plugin prior to 3.1.3 does not verify the CSRF nonce when removing posts, allowing malicious users to make a logged in admin remove arbitrary posts from the blog via a CSRF attack, which will be put in the trash
Fatcatapps Easy Pricing Tables
3.5
CVSSv2
CVE-2021-24302
The Hana Flv Player WordPress plugin up to and including 3.1.3 is vulnerable to an Authenticated Stored Cross-Site Scripting (XSS) vulnerability within the 'Default Skin' field.
Neox Hana Flv Player
NA
CVE-2024-2761
The Genesis Blocks WordPress plugin prior to 3.1.3 does not properly escape data input provided to some of its blocks, allowing using with at least contributor privileges to conduct Stored XSS attacks.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »