Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.3 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-3477
Cross-site request forgery (CSRF) vulnerability in the Related Posts by Zemanta plugin prior to 1.3.2 for WordPress allows remote malicious users to hijack the authentication of unspecified users for requests that change settings via unknown vectors.
Zemanta Related Posts
Zemanta Related Posts 1.3
Zemanta Related Posts 1.2
Zemanta Related Posts 1.1
Zemanta Related Posts 1.0
NA
CVE-2013-1852
SQL injection vulnerability in leaguemanager.php in the LeagueManager plugin prior to 3.8.1 for WordPress allows remote malicious users to execute arbitrary SQL commands via the league_id parameter in the leaguemanager-export page to wp-admin/admin.php.
Kolja Schleich Leaguemanager
Kolja Schleich Leaguemanager 3.7
Kolja Schleich Leaguemanager 3.6.9
Kolja Schleich Leaguemanager 3.5.2
Kolja Schleich Leaguemanager 3.5.1
Kolja Schleich Leaguemanager 3.5
Kolja Schleich Leaguemanager 3.4.2
Kolja Schleich Leaguemanager 3.1.7
Kolja Schleich Leaguemanager 3.1.6
Kolja Schleich Leaguemanager 3.1.5
Kolja Schleich Leaguemanager 3.1.4
Kolja Schleich Leaguemanager 2.9
Kolja Schleich Leaguemanager 2.8
Kolja Schleich Leaguemanager 2.7.1
Kolja Schleich Leaguemanager 2.1
Kolja Schleich Leaguemanager 2.0
Kolja Schleich Leaguemanager 1.5
Kolja Schleich Leaguemanager 1.4.2
Kolja Schleich Leaguemanager 3.6.7
Kolja Schleich Leaguemanager 3.6.5
Kolja Schleich Leaguemanager 3.6
Kolja Schleich Leaguemanager 3.5.5
1 EDB exploit
1 Github repository
6.1
CVSSv3
CVE-2017-14751
The Intense WP "WP Jobs" plugin 1.5 for WordPress has XSS, related to the Job Qualification field.
Intensewp Wp Jobs 1.5
Intensewp Wp Jobs 1.1
Intensewp Wp Jobs 1.3
Intensewp Wp Jobs 1.0
Intensewp Wp Jobs 1.2
Intensewp Wp Jobs 1.4
NA
CVE-2011-4926
Cross-site scripting (XSS) vulnerability in adminimize/adminimize_page.php in the Adminimize plugin prior to 1.7.22 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the page parameter.
Bueltge Adminimize
Bueltge Adminimize 0.6.9
Bueltge Adminimize 0.7
Bueltge Adminimize 0.7.1
Bueltge Adminimize 0.7.2
Bueltge Adminimize 0.7.3
Bueltge Adminimize 0.7.5
Bueltge Adminimize 0.7.6
Bueltge Adminimize 0.7.7
Bueltge Adminimize 0.7.8
Bueltge Adminimize 0.7.9
Bueltge Adminimize 0.8
Bueltge Adminimize 0.8.1
Bueltge Adminimize 1.0
Bueltge Adminimize 1.1
Bueltge Adminimize 1.2
Bueltge Adminimize 1.3
Bueltge Adminimize 1.4
Bueltge Adminimize 1.4.1
Bueltge Adminimize 1.4.2
Bueltge Adminimize 1.4.3-6
Bueltge Adminimize 1.4.7
1 EDB exploit
NA
CVE-2013-5711
Cross-site scripting (XSS) vulnerability in admin/walkthrough/walkthrough.php in the Design Approval System plugin prior to 3.7 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the step parameter.
Slickremix Design Approval System Plugin 2.6
Slickremix Design Approval System Plugin 2.5
Slickremix Design Approval System Plugin 2.4
Slickremix Design Approval System Plugin 2.3
Slickremix Design Approval System Plugin 3.4
Slickremix Design Approval System Plugin 3.3
Slickremix Design Approval System Plugin 3.2
Slickremix Design Approval System Plugin 3.1
Slickremix Design Approval System Plugin 1.8
Slickremix Design Approval System Plugin 1.7
Slickremix Design Approval System Plugin 1.6
Slickremix Design Approval System Plugin 1.5
Slickremix Design Approval System Plugin 1.4
Slickremix Design Approval System Plugin 3.5
Slickremix Design Approval System Plugin 3.0
Slickremix Design Approval System Plugin 2.8
Slickremix Design Approval System Plugin 2.1
Slickremix Design Approval System Plugin 1.9
Slickremix Design Approval System Plugin 1.2
Slickremix Design Approval System Plugin 1.0
Slickremix Design Approval System Plugin
Slickremix Design Approval System Plugin 2.9
NA
CVE-2011-3857
Cross-site scripting (XSS) vulnerability in the Antisnews theme prior to 1.10 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the s parameter.
Antisocialmediallc Antisnews
Antisocialmediallc Antisnews 1.0
Antisocialmediallc Antisnews 1.1
Antisocialmediallc Antisnews 1.2
Antisocialmediallc Antisnews 1.3
Antisocialmediallc Antisnews 1.4
Antisocialmediallc Antisnews 1.5
Antisocialmediallc Antisnews 1.6
Antisocialmediallc Antisnews 1.7
Antisocialmediallc Antisnews 1.8
NA
CVE-2014-4717
Multiple cross-site request forgery (CSRF) vulnerabilities in the Simple Share Buttons Adder plugin prior to 4.5 for WordPress allow remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) ssba...
Sharethis Simple Share Buttons Adder 2.2
Sharethis Simple Share Buttons Adder 2.0
Sharethis Simple Share Buttons Adder 1.0
Sharethis Simple Share Buttons Adder 3.2
Sharethis Simple Share Buttons Adder 3.9
Sharethis Simple Share Buttons Adder 3.8
Sharethis Simple Share Buttons Adder 1.5
Sharethis Simple Share Buttons Adder 2.3
Sharethis Simple Share Buttons Adder 1.1
Sharethis Simple Share Buttons Adder 3.1
Sharethis Simple Share Buttons Adder 3.0
Sharethis Simple Share Buttons Adder 2.9
Sharethis Simple Share Buttons Adder 1.3
Sharethis Simple Share Buttons Adder 4.1
Sharethis Simple Share Buttons Adder 4.0
Sharethis Simple Share Buttons Adder 2.4
Sharethis Simple Share Buttons Adder
Sharethis Simple Share Buttons Adder 4.2
Sharethis Simple Share Buttons Adder 3.5
Sharethis Simple Share Buttons Adder 2.8
Sharethis Simple Share Buttons Adder 2.6
Sharethis Simple Share Buttons Adder 1.9
1 EDB exploit
NA
CVE-2012-5387
Cross-site request forgery (CSRF) vulnerability in wlcms-plugin.php in the White Label CMS plugin prior to 1.5.1 for WordPress allows remote malicious users to hijack the authentication of administrators for requests that modify the developer name via the wlcms_o_developer_name p...
Videousermanuals White-label-cms 1.4.1
Videousermanuals White-label-cms 1.4
Videousermanuals White-label-cms 1.0.2
Videousermanuals White-label-cms 1.4.3
Videousermanuals White-label-cms 1.4.2
Videousermanuals White-label-cms 1.0.4
Videousermanuals White-label-cms 1.0.3
Videousermanuals White-label-cms
Videousermanuals White-label-cms 1.4.7
Videousermanuals White-label-cms 1.3
Videousermanuals White-label-cms 1.2
Videousermanuals White-label-cms 1.4.6
Videousermanuals White-label-cms 1.4.5
Videousermanuals White-label-cms 1.4.4
Videousermanuals White-label-cms 1.1
Videousermanuals White-label-cms 1.0.5
1 EDB exploit
NA
CVE-2013-2640
ajax.functions.php in the MailUp plugin prior to 1.3.2 for WordPress does not properly restrict access to unspecified Ajax functions, which allows remote malicious users to modify plugin settings and conduct cross-site scripting (XSS) attacks via unspecified vectors related to &q...
Mailup Wp-mailup 1.1.0
Mailup Wp-mailup
Mailup Wp-mailup 1.3
Mailup Wp-mailup 1.1.1
Mailup Wp-mailup 1.0.0
Mailup Wp-mailup 1.21
Mailup Wp-mailup 1.2
Mailup Wp-mailup 1.1.3
Mailup Wp-mailup 1.1.2
NA
CVE-2013-0724
PHP remote file inclusion vulnerability in includes/generate-pdf.php in the WP ecommerce Shop Styling plugin for WordPress prior to 1.8 allows remote malicious users to execute arbitrary PHP code via a URL in the dompdf parameter.
Wpshopstyling Wp-ecommerce-shop-styling 1.2
Wpshopstyling Wp-ecommerce-shop-styling 1.0
Wpshopstyling Wp-ecommerce-shop-styling 1.6
Wpshopstyling Wp-ecommerce-shop-styling 1.5
Wpshopstyling Wp-ecommerce-shop-styling
Wpshopstyling Wp-ecommerce-shop-styling 1.4
Wpshopstyling Wp-ecommerce-shop-styling 1.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »