Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.0.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-4939
SQL injection vulnerability in the ENL Newsletter (enl-newsletter) plugin 1.0.1 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter in the enl-add-new page to wp-admin/admin.php.
Enl Newsletter Plugin Project Enl-newsletter 1.0.1
1 EDB exploit
NA
CVE-2014-8586
SQL injection vulnerability in the CP Multi View Event Calendar plugin 1.01 for WordPress allows remote malicious users to execute arbitrary SQL commands via the calid parameter.
Cp Multi View Event Calendar Project Cp Multi View Event Calendar 1.0.1
1 EDB exploit
6.1
CVSSv3
CVE-2015-7667
Multiple cross-site scripting (XSS) vulnerabilities in (1) templates/admanagement/admanagement.php and (2) templates/adspot/adspot.php in the ResAds plugin prior to 1.0.2 for WordPress allow remote malicious users to inject arbitrary web script or HTML via the page parameter.
Web-mv Resads
6.1
CVSSv3
CVE-2015-7666
Multiple cross-site scripting (XSS) vulnerabilities in the (1) cp_updateMessageItem and (2) cp_deleteMessageItem functions in cp_ppp_admin_int_message_list.inc.php in the Payment Form for PayPal Pro plugin prior to 1.0.2 for WordPress allow remote malicious users to inject arbitr...
Codepeople Payment Form For Paypal Pro
NA
CVE-2011-3856
Cross-site scripting (XSS) vulnerability in the Elegant Grunge theme prior to 1.0.4 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the s parameter.
Atastypixel Elegant Grunge
Atastypixel Elegant Grunge 0.1
Atastypixel Elegant Grunge 0.2
Atastypixel Elegant Grunge 0.2.1
Atastypixel Elegant Grunge 0.2.2
Atastypixel Elegant Grunge 0.3
Atastypixel Elegant Grunge 0.4.1
Atastypixel Elegant Grunge 0.4.2
Atastypixel Elegant Grunge 0.4.3
Atastypixel Elegant Grunge 0.4.4
Atastypixel Elegant Grunge 0.4.5
Atastypixel Elegant Grunge 1.0
Atastypixel Elegant Grunge 1.0.1
Atastypixel Elegant Grunge 1.0.2
1 EDB exploit
NA
CVE-2012-5469
The Portable phpMyAdmin plugin prior to 1.3.1 for WordPress allows remote malicious users to bypass authentication and obtain phpMyAdmin console access via a direct request to wp-content/plugins/portable-phpmyadmin/wp-pma-mod.
Phpmyadmin Phpmyadmin 1.2.7
Phpmyadmin Phpmyadmin 1.2.6
Phpmyadmin Phpmyadmin 1.2.5
Phpmyadmin Phpmyadmin 1.2.4
Phpmyadmin Phpmyadmin 1.0.1
Phpmyadmin Phpmyadmin 1.0.0
Phpmyadmin Phpmyadmin 1.3
Phpmyadmin Phpmyadmin 1.2.9.5
Phpmyadmin Phpmyadmin 1.2.9.4
Phpmyadmin Phpmyadmin 1.2.9.3
Phpmyadmin Phpmyadmin 1.1
Phpmyadmin Phpmyadmin 1.0.8
Phpmyadmin Phpmyadmin 1.0.7
Phpmyadmin Phpmyadmin 1.0.6
Phpmyadmin Phpmyadmin 1.2.9.1
Phpmyadmin Phpmyadmin 1.2.8
Phpmyadmin Phpmyadmin 1.2.3
Phpmyadmin Phpmyadmin 1.2.1
Phpmyadmin Phpmyadmin 1.0.5
Phpmyadmin Phpmyadmin 1.0.3
Phpmyadmin Phpmyadmin 1.2.9.2
Phpmyadmin Phpmyadmin 1.2.9
1 EDB exploit
NA
CVE-2013-6797
Cross-site request forgery (CSRF) vulnerability in bluewrench-video-widget.php in the Blue Wrench Video Widget plugin prior to 2.0.0 for WordPress allows remote malicious users to hijack the authentication of administrators for requests that embed arbitrary URLs via the bw_url pa...
Sunil Nanda Blue Wrench Video Widget 1.0.0
Sunil Nanda Blue Wrench Video Widget 1.0.4
Sunil Nanda Blue Wrench Video Widget 1.0.2
Sunil Nanda Blue Wrench Video Widget
Sunil Nanda Blue Wrench Video Widget 1.0.3
Sunil Nanda Blue Wrench Video Widget 1.0.1
1 EDB exploit
NA
CVE-2011-5207
Cross-site scripting (XSS) vulnerability in admin/OptionsPostsList.php in the TheCartPress plugin for WordPress prior to 1.1.6 prior to 2011-12-31 allows remote malicious users to inject arbitrary web script or HTML via the tcp_name_post_XXXXX parameter.
Thecartpress Thecartpress
Thecartpress Thecartpress 1.1.5
Thecartpress Thecartpress 1.0.8
Thecartpress Thecartpress 1.0.7
Thecartpress Thecartpress 1.1.2
Thecartpress Thecartpress 1.1.1
Thecartpress Thecartpress 1.0.4
Thecartpress Thecartpress 1.0.3
Thecartpress Thecartpress 1.1.4
Thecartpress Thecartpress 1.1.3
Thecartpress Thecartpress 1.0.6
Thecartpress Thecartpress 1.0.5
Thecartpress Thecartpress 1.1.0
Thecartpress Thecartpress 1.0.9
Thecartpress Thecartpress 1.0.2
Thecartpress Thecartpress 1.0.1
Thecartpress Thecartpress 1.0
1 EDB exploit
NA
CVE-2013-3529
Multiple cross-site scripting (XSS) vulnerabilities in user/obits.php in the WP FuneralPress plugin prior to 1.1.7 for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) message, (2) photo-message, or (3) youtube-message parameter.
Smartypantsplugins Wp-funeral-press 1.1.4
Smartypantsplugins Wp-funeral-press 1.1.3
Smartypantsplugins Wp-funeral-press 1.0.3
Smartypantsplugins Wp-funeral-press 1.0.2
Smartypantsplugins Wp-funeral-press
Smartypantsplugins Wp-funeral-press 1.0.5
Smartypantsplugins Wp-funeral-press 1.0.4
Smartypantsplugins Wp-funeral-press 1.0.9
Smartypantsplugins Wp-funeral-press 1.0.7
Smartypantsplugins Wp-funeral-press 1.1.2
Smartypantsplugins Wp-funeral-press 1.1.0
Smartypantsplugins Wp-funeral-press 1.0.1
1 EDB exploit
9.8
CVSSv3
CVE-2014-125091
A vulnerability has been found in codepeople cp-polls Plugin 1.0.1 on WordPress and classified as critical. This vulnerability affects unknown code of the file cp-admin-int-message-list.inc.php. The manipulation of the argument lu leads to sql injection. The attack can be initiat...
Codepeople Polls Cp 1.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »