Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 2.0.11 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-2821
SQL injection vulnerability in wp-admin/admin-ajax.php in WordPress prior to 2.2 allows remote malicious users to execute arbitrary SQL commands via the cookie parameter.
Wordpress Wordpress
1 EDB exploit
1 Github repository
NA
CVE-2008-0194
Directory traversal vulnerability in wp-db-backup.php in WordPress 2.0.3 and previous versions allows remote malicious users to read arbitrary files, delete arbitrary files, and cause a denial of service via a .. (dot dot) in the backup parameter in a wp-db-backup.php action to w...
Wordpress Wordpress
NA
CVE-2007-3238
Cross-site scripting (XSS) vulnerability in functions.php in the default theme in WordPress 2.2 allows remote authenticated administrators to inject arbitrary web script or HTML via the PATH_INFO (REQUEST_URI) to wp-admin/themes.php, a different vulnerability than CVE-2007-1622. ...
Wordpress Wordpress 2.2
6.1
CVSSv3
CVE-2013-4241
Multiple cross-site scripting (XSS) vulnerabilities in the HMS Testimonials plugin prior to 2.0.11 for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) name, (2) image, (3) url, or (4) testimonial parameter to the Testimonial form (hms-tes...
Hitmyserver Hms Testimonials
1 EDB exploit
NA
CVE-2013-4240
Multiple cross-site request forgery (CSRF) vulnerabilities in the HMS Testimonials plugin prior to 2.0.11 for WordPress allow remote malicious users to hijack the authentication of administrators for requests that (1) add new testimonials via the hms-testimonials-addnew page, (2)...
Hitmyserver Hms Testimonials 1.1
Hitmyserver Hms Testimonials 1.2
Hitmyserver Hms Testimonials 1.3
Hitmyserver Hms Testimonials 1.4
Hitmyserver Hms Testimonials 1.4.1
Hitmyserver Hms Testimonials 1.5
Hitmyserver Hms Testimonials 1.6
Hitmyserver Hms Testimonials 1.6.1
Hitmyserver Hms Testimonials 1.6.2
Hitmyserver Hms Testimonials 1.7
Hitmyserver Hms Testimonials 1.7.1
Hitmyserver Hms Testimonials 2.0
Hitmyserver Hms Testimonials 2.0.1
Hitmyserver Hms Testimonials 2.0.2
Hitmyserver Hms Testimonials 2.0.3
Hitmyserver Hms Testimonials 2.0.4
Hitmyserver Hms Testimonials 2.0.5
Hitmyserver Hms Testimonials 2.0.6
Hitmyserver Hms Testimonials 2.0.7
Hitmyserver Hms Testimonials 2.0.8
Hitmyserver Hms Testimonials 2.0.9
Hitmyserver Hms Testimonials
1 EDB exploit
NA
CVE-2012-3576
Unrestricted file upload vulnerability in php/upload.php in the wpStoreCart plugin prior to 2.5.30 for WordPress allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in uploads...
Jquindlen Wpstorecart
Jquindlen Wpstorecart 0.62
Jquindlen Wpstorecart 1.0.0
Jquindlen Wpstorecart 2.0.0
Jquindlen Wpstorecart 2.0.1
Jquindlen Wpstorecart 2.0.2
Jquindlen Wpstorecart 2.0.3
Jquindlen Wpstorecart 2.0.4
Jquindlen Wpstorecart 2.0.5
Jquindlen Wpstorecart 2.0.6
Jquindlen Wpstorecart 2.0.7
Jquindlen Wpstorecart 2.0.8
Jquindlen Wpstorecart 2.0.9
Jquindlen Wpstorecart 2.0.10
Jquindlen Wpstorecart 2.0.11
Jquindlen Wpstorecart 2.0.12
Jquindlen Wpstorecart 2.0.13
Jquindlen Wpstorecart 2.1.0
Jquindlen Wpstorecart 2.1.1
Jquindlen Wpstorecart 2.1.2
Jquindlen Wpstorecart 2.1.3
Jquindlen Wpstorecart 2.1.4
1 EDB exploit
NA
CVE-2014-3841
Cross-site scripting (XSS) vulnerability in the Contact Bank plugin prior to 2.0.20 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the Label field, related to form layout configuration. NOTE: some of these details are obtained from third pa...
Tech-banker Contact Bank
Tech-banker Contact Bank 2.0.0
Tech-banker Contact Bank 2.0.1
Tech-banker Contact Bank 2.0.2
Tech-banker Contact Bank 2.0.3
Tech-banker Contact Bank 2.0.4
Tech-banker Contact Bank 2.0.5
Tech-banker Contact Bank 2.0.6
Tech-banker Contact Bank 2.0.7
Tech-banker Contact Bank 2.0.8
Tech-banker Contact Bank 2.0.9
Tech-banker Contact Bank 2.0.10
Tech-banker Contact Bank 2.0.11
Tech-banker Contact Bank 2.0.12
Tech-banker Contact Bank 2.0.13
Tech-banker Contact Bank 2.0.14
Tech-banker Contact Bank 2.0.15
Tech-banker Contact Bank 2.0.16
Tech-banker Contact Bank 2.0.17
Tech-banker Contact Bank 2.0.18
4.8
CVSSv3
CVE-2018-10234
Authenticated Cross site Scripting exists in the User Profile & Membership plugin prior to 2.0.11 for WordPress via the "Account Deletion Custom Text" input field on the wp-admin/admin.php?page=um_options§ion=account page.
Ultimatemember User Profile & Membership
6.1
CVSSv3
CVE-2021-34655
The WP Songbook WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the url parameter found in the ~/inc/class.ajax.php file which allows malicious users to inject arbitrary web scripts, in versions up to and including 2.0.11.
Wp Songbook Project Wp Songbook
NA
CVE-2014-4521
Cross-site scripting (XSS) vulnerability in client-assist.php in the dsIDXpress IDX plugin prior to 2.1.1 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the action parameter.
Diversesolutions Dsidxpress Idx Plugin 2.0.16
Diversesolutions Dsidxpress Idx Plugin 2.0.0
Diversesolutions Dsidxpress Idx Plugin 2.0.1
Diversesolutions Dsidxpress Idx Plugin 2.0.18
Diversesolutions Dsidxpress Idx Plugin 2.0.37
Diversesolutions Dsidxpress Idx Plugin 2.0.32
Diversesolutions Dsidxpress Idx Plugin 2.0.7
Diversesolutions Dsidxpress Idx Plugin 2.0.19
Diversesolutions Dsidxpress Idx Plugin 2.0.4
Diversesolutions Dsidxpress Idx Plugin 2.0.5
Diversesolutions Dsidxpress Idx Plugin 2.0.34
Diversesolutions Dsidxpress Idx Plugin 2.0.11
Diversesolutions Dsidxpress Idx Plugin 2.0.22
Diversesolutions Dsidxpress Idx Plugin 2.0.30
Diversesolutions Dsidxpress Idx Plugin 2.0.17
Diversesolutions Dsidxpress Idx Plugin 2.0.12
Diversesolutions Dsidxpress Idx Plugin 2.0.31
Diversesolutions Dsidxpress Idx Plugin
Diversesolutions Dsidxpress Idx Plugin 2.0.6
Diversesolutions Dsidxpress Idx Plugin 2.0.10
Diversesolutions Dsidxpress Idx Plugin 2.0.14
Diversesolutions Dsidxpress Idx Plugin 2.0.9
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »