Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 2.0.3 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2018-20970
The pdf-print plugin prior to 2.0.3 for WordPress has multiple XSS issues.
Bestwebsoft Pdf & Print
383
VMScore
CVE-2017-17780
The Clockwork SMS clockwork-test-message.php component has XSS via a crafted "to" parameter in a clockwork-test-message request to wp-admin/admin.php. This component code is found in the following WordPress plugins: Clockwork Free and Paid SMS Notifications 2.0.3, Two-F...
Mediaburst Booking Calendar Sms 1.0.5
Mediaburst Clockwork Sms Notfications 2.0.3
Mediaburst Contact Form 7 Sms 2.3.0
Mediaburst Fast Secure Contact Form Sms 2.1.2
Mediaburst Formidable 1.0.2
Mediaburst Gravity Forms 2.2
Mediaburst Two-factor Authentication 1.0.2
Mediaburst Wp E-commerce 2.0.5
383
VMScore
CVE-2014-8492
Multiple cross-site scripting (XSS) vulnerabilities in assets/misc/fallback-page.php in the Profile Builder plugin prior to 2.0.3 for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) site_name, (2) message, or (3) site_url parameter.
Cozmoslabs Profile Builder
383
VMScore
CVE-2014-4576
Cross-site scripting (XSS) vulnerability in services/diagnostics.php in the WordPress Social Login plugin 2.0.3 and previous versions for WordPress allows remote malicious users to inject arbitrary web script or HTML via the xhrurl parameter.
Wordpress Social Login Project Wordpress Social Login
383
VMScore
CVE-2014-4521
Cross-site scripting (XSS) vulnerability in client-assist.php in the dsIDXpress IDX plugin prior to 2.1.1 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the action parameter.
Diversesolutions Dsidxpress Idx Plugin 2.0.16
Diversesolutions Dsidxpress Idx Plugin 2.0.0
Diversesolutions Dsidxpress Idx Plugin 2.0.1
Diversesolutions Dsidxpress Idx Plugin 2.0.18
Diversesolutions Dsidxpress Idx Plugin 2.0.37
Diversesolutions Dsidxpress Idx Plugin 2.0.32
Diversesolutions Dsidxpress Idx Plugin 2.0.7
Diversesolutions Dsidxpress Idx Plugin 2.0.19
Diversesolutions Dsidxpress Idx Plugin 2.0.4
Diversesolutions Dsidxpress Idx Plugin 2.0.5
Diversesolutions Dsidxpress Idx Plugin 2.0.34
Diversesolutions Dsidxpress Idx Plugin 2.0.11
Diversesolutions Dsidxpress Idx Plugin 2.0.22
Diversesolutions Dsidxpress Idx Plugin 2.0.30
Diversesolutions Dsidxpress Idx Plugin 2.0.17
Diversesolutions Dsidxpress Idx Plugin 2.0.12
Diversesolutions Dsidxpress Idx Plugin 2.0.31
Diversesolutions Dsidxpress Idx Plugin
Diversesolutions Dsidxpress Idx Plugin 2.0.6
Diversesolutions Dsidxpress Idx Plugin 2.0.10
Diversesolutions Dsidxpress Idx Plugin 2.0.14
Diversesolutions Dsidxpress Idx Plugin 2.0.9
383
VMScore
CVE-2014-3841
Cross-site scripting (XSS) vulnerability in the Contact Bank plugin prior to 2.0.20 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the Label field, related to form layout configuration. NOTE: some of these details are obtained from third pa...
Tech-banker Contact Bank
Tech-banker Contact Bank 2.0.0
Tech-banker Contact Bank 2.0.1
Tech-banker Contact Bank 2.0.2
Tech-banker Contact Bank 2.0.3
Tech-banker Contact Bank 2.0.4
Tech-banker Contact Bank 2.0.5
Tech-banker Contact Bank 2.0.6
Tech-banker Contact Bank 2.0.7
Tech-banker Contact Bank 2.0.8
Tech-banker Contact Bank 2.0.9
Tech-banker Contact Bank 2.0.10
Tech-banker Contact Bank 2.0.11
Tech-banker Contact Bank 2.0.12
Tech-banker Contact Bank 2.0.13
Tech-banker Contact Bank 2.0.14
Tech-banker Contact Bank 2.0.15
Tech-banker Contact Bank 2.0.16
Tech-banker Contact Bank 2.0.17
Tech-banker Contact Bank 2.0.18
383
VMScore
CVE-2013-6342
Cross-site scripting (XSS) vulnerability in the Tweet Blender plugin prior to 4.0.2 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the tb_tab_index parameter to wp-admin/options-general.php.
Tweet-blender Tweet-blender 3.2.2
Tweet-blender Tweet-blender 2.0.1
Tweet-blender Tweet-blender 3.3.9
Tweet-blender Tweet-blender 3.3.6
Tweet-blender Tweet-blender 3.3.15
Tweet-blender Tweet-blender 3.1.5
Tweet-blender Tweet-blender 3.0.1
Tweet-blender Tweet-blender 3.3.7
Tweet-blender Tweet-blender 3.1.12
Tweet-blender Tweet-blender 3.3.4
Tweet-blender Tweet-blender 2.4.6
Tweet-blender Tweet-blender 3.3.5
Tweet-blender Tweet-blender 3.1.7
Tweet-blender Tweet-blender 2.0.5
Tweet-blender Tweet-blender 3.3.13
Tweet-blender Tweet-blender 2.4.5
Tweet-blender Tweet-blender 3.1.8
Tweet-blender Tweet-blender 3.0.4
Tweet-blender Tweet-blender 2.3.0
Tweet-blender Tweet-blender 3.3.8
Tweet-blender Tweet-blender 3.1.10
Tweet-blender Tweet-blender 3.1.11
383
VMScore
CVE-2013-6280
Cross-site scripting (XSS) vulnerability in Social Sharing Toolkit plugin prior to 2.1.2 for WordPress allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Linksalpha Social Sharing Toolkit Plugin 2.1.0
Linksalpha Social Sharing Toolkit Plugin 2.0.9
Linksalpha Social Sharing Toolkit Plugin 2.0.1
Linksalpha Social Sharing Toolkit Plugin 2.0.0
Linksalpha Social Sharing Toolkit Plugin 2.0.5
Linksalpha Social Sharing Toolkit Plugin 1.3.0
Linksalpha Social Sharing Toolkit Plugin 2.0.6
Linksalpha Social Sharing Toolkit Plugin 1.3.2
Linksalpha Social Sharing Toolkit Plugin
Linksalpha Social Sharing Toolkit Plugin 2.0.3
Linksalpha Social Sharing Toolkit Plugin 1.0.1
Linksalpha Social Sharing Toolkit Plugin 2.0.4
Linksalpha Social Sharing Toolkit Plugin 1.0.0
Linksalpha Social Sharing Toolkit Plugin 1.3.1
Linksalpha Social Sharing Toolkit Plugin 1.2.0
Linksalpha Social Sharing Toolkit Plugin 2.0.8
Linksalpha Social Sharing Toolkit Plugin 2.0.2
Linksalpha Social Sharing Toolkit Plugin 1.2.5
Linksalpha Social Sharing Toolkit Plugin 2.0.7
383
VMScore
CVE-2012-1068
Cross-site scripting (XSS) vulnerability in the rc_ajax function in core.php in the WP-RecentComments plugin prior to 2.0.7 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the page parameter, related to AJAX paging.
Mg12 Wp-recentcomments
Mg12 Wp-recentcomments 1.8
Mg12 Wp-recentcomments 1.8.1
Mg12 Wp-recentcomments 1.8.2
Mg12 Wp-recentcomments 2.0
Mg12 Wp-recentcomments 2.0.1
Mg12 Wp-recentcomments 2.0.2
Mg12 Wp-recentcomments 2.0.3
Mg12 Wp-recentcomments 2.0.4
Mg12 Wp-recentcomments 2.0.5
Mg12 Wp-recentcomments 2.0.6
383
VMScore
CVE-2008-5278
Cross-site scripting (XSS) vulnerability in the self_link function in in the RSS Feed Generator (wp-includes/feed.php) for WordPress prior to 2.6.5 allows remote malicious users to inject arbitrary web script or HTML via the Host header (HTTP_HOST variable).
Wordpress Wordpress 2.0.11
Wordpress Wordpress 1.2-mingus
Wordpress Wordpress 2.3.1
Wordpress Wordpress 2.0
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.1.3 Rc2
Wordpress Wordpress 2.2.3
Wordpress Wordpress 2.0.2
Wordpress Wordpress 1.2
Wordpress Wordpress 2.1
Wordpress Wordpress 2.0.10 Rc1
Wordpress Wordpress 1.5-strayhorn
Wordpress Wordpress 1.2-delta
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.0.4
Wordpress Wordpress 1.3.1
Wordpress Wordpress 0.6.2.1
Wordpress Wordpress 0.71-gold
Wordpress Wordpress 2.2 Revision5003
Wordpress Wordpress 0.711
Wordpress Wordpress 1.4
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
malicious code
XML injection
CVE-2024-28020
CVE-2024-35252
CVE-2024-5833
CVE-2024-30066
injection
CVE-2024-23282
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »