Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.2 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2015-9448
The sendpress plugin prior to 1.2 for WordPress has SQL Injection via the wp-admin/admin.php?page=sp-queue listid parameter.
Pressified Sendpress
6.1
CVSSv3
CVE-2016-10984
The echosign plugin prior to 1.2 for WordPress has XSS via the inc.php page parameter.
Smackcoders Echo Sign
6.1
CVSSv3
CVE-2016-10976
The safe-editor plugin prior to 1.2 for WordPress has no se_save authentication, with resultant XSS.
Kodebyraaet Safe Editor
6.1
CVSSv3
CVE-2016-10985
The echosign plugin prior to 1.2 for WordPress has XSS via the templates/add_templates.php id parameter.
Smackcoders Echo Sign
9.8
CVSSv3
CVE-2019-15822
The wps-child-theme-generator plugin prior to 1.2 for WordPress has classes/helpers.php directory traversal.
Wpserveur Wps Child Theme Generator
7.5
CVSSv3
CVE-2016-10924
The ebook-download plugin prior to 1.2 for WordPress has directory traversal.
Zedna Ebook Download Project Zedna Ebook Download
1 Github repository
8.8
CVSSv3
CVE-2011-5328
The user-access-manager plugin prior to 1.2 for WordPress has CSRF.
User Access Manager Project User Access Manager
6.5
CVSSv3
CVE-2015-9332
The uninstall plugin prior to 1.2 for WordPress has CSRF to delete all tables via the wp-admin/admin-ajax.php?action=uninstall URI.
Wordpress Uninstall Project Wordpress Uninstall
8.8
CVSSv3
CVE-2013-7476
The simple-fields plugin prior to 1.2 for WordPress has CSRF in the admin interface.
Simple Fields Project Simple Fields
6.5
CVSSv3
CVE-2014-2675
Cross-site request forgery (CSRF) vulnerability in inc/AdminPage.php in the WP HTML Sitemap plugin 1.2 for WordPress allows remote malicious users to hijack the authentication of administrators for requests that delete the sitemap via a request to the wp-html-sitemap page in wp-a...
Wp-html-sitemap Project Wp-html-sitemap 1.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044
client side
CVE-2021-47601
deserialization
CVE-2024-34994
encryption
CVE-2021-47609
CVE-2024-37079
CVE-2024-38608
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »