Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 2.0.3 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2018-20970
The pdf-print plugin prior to 2.0.3 for WordPress has multiple XSS issues.
Bestwebsoft Pdf \\& Print
383
VMScore
CVE-2017-17780
The Clockwork SMS clockwork-test-message.php component has XSS via a crafted "to" parameter in a clockwork-test-message request to wp-admin/admin.php. This component code is found in the following WordPress plugins: Clockwork Free and Paid SMS Notifications 2.0.3, Two-F...
Mediaburst Booking Calendar Sms 1.0.5
Mediaburst Clockwork Sms Notfications 2.0.3
Mediaburst Contact Form 7 Sms 2.3.0
Mediaburst Fast Secure Contact Form Sms 2.1.2
Mediaburst Formidable 1.0.2
Mediaburst Gravity Forms 2.2
Mediaburst Two-factor Authentication 1.0.2
Mediaburst Wp E-commerce 2.0.5
383
VMScore
CVE-2014-8492
Multiple cross-site scripting (XSS) vulnerabilities in assets/misc/fallback-page.php in the Profile Builder plugin prior to 2.0.3 for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) site_name, (2) message, or (3) site_url parameter.
Cozmoslabs Profile Builder
383
VMScore
CVE-2014-4576
Cross-site scripting (XSS) vulnerability in services/diagnostics.php in the WordPress Social Login plugin 2.0.3 and previous versions for WordPress allows remote malicious users to inject arbitrary web script or HTML via the xhrurl parameter.
Wordpress Social Login Project Wordpress Social Login
383
VMScore
CVE-2014-4521
Cross-site scripting (XSS) vulnerability in client-assist.php in the dsIDXpress IDX plugin prior to 2.1.1 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the action parameter.
Diversesolutions Dsidxpress Idx Plugin 2.0.30
Diversesolutions Dsidxpress Idx Plugin 2.0.29
Diversesolutions Dsidxpress Idx Plugin 2.0.28
Diversesolutions Dsidxpress Idx Plugin 2.0.27
Diversesolutions Dsidxpress Idx Plugin 2.0.26
Diversesolutions Dsidxpress Idx Plugin 2.0.13
Diversesolutions Dsidxpress Idx Plugin 2.0.12
Diversesolutions Dsidxpress Idx Plugin 2.0.11
Diversesolutions Dsidxpress Idx Plugin 2.0.10
Diversesolutions Dsidxpress Idx Plugin 2.0.38
Diversesolutions Dsidxpress Idx Plugin 2.0.37
Diversesolutions Dsidxpress Idx Plugin 2.0.36
Diversesolutions Dsidxpress Idx Plugin 2.0.35
Diversesolutions Dsidxpress Idx Plugin 2.0.21
Diversesolutions Dsidxpress Idx Plugin 2.0.20
Diversesolutions Dsidxpress Idx Plugin 2.0.19
Diversesolutions Dsidxpress Idx Plugin 2.0.18
Diversesolutions Dsidxpress Idx Plugin 2.0.5
Diversesolutions Dsidxpress Idx Plugin 2.0.4
Diversesolutions Dsidxpress Idx Plugin 2.0.3
Diversesolutions Dsidxpress Idx Plugin 2.0.2
Diversesolutions Dsidxpress Idx Plugin 2.0.1
383
VMScore
CVE-2014-3841
Cross-site scripting (XSS) vulnerability in the Contact Bank plugin prior to 2.0.20 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the Label field, related to form layout configuration. NOTE: some of these details are obtained from third pa...
Tech-banker Contact Bank 2.0.16
Tech-banker Contact Bank 2.0.14
Tech-banker Contact Bank 2.0.7
Tech-banker Contact Bank
Tech-banker Contact Bank 2.0.18
Tech-banker Contact Bank 2.0.4
Tech-banker Contact Bank 2.0.3
Tech-banker Contact Bank 2.0.2
Tech-banker Contact Bank 2.0.1
Tech-banker Contact Bank 2.0.12
Tech-banker Contact Bank 2.0.11
Tech-banker Contact Bank 2.0.10
Tech-banker Contact Bank 2.0.9
Tech-banker Contact Bank 2.0.17
Tech-banker Contact Bank 2.0.15
Tech-banker Contact Bank 2.0.13
Tech-banker Contact Bank 2.0.8
Tech-banker Contact Bank 2.0.6
Tech-banker Contact Bank 2.0.5
Tech-banker Contact Bank 2.0.0
383
VMScore
CVE-2013-6342
Cross-site scripting (XSS) vulnerability in the Tweet Blender plugin prior to 4.0.2 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the tb_tab_index parameter to wp-admin/options-general.php.
Tweet-blender Tweet-blender
Tweet-blender Tweet-blender 4.0.0
Tweet-blender Tweet-blender 3.3.15
Tweet-blender Tweet-blender 3.3.14
Tweet-blender Tweet-blender 3.3.0
Tweet-blender Tweet-blender 3.2.4
Tweet-blender Tweet-blender 3.2.3
Tweet-blender Tweet-blender 3.2.2
Tweet-blender Tweet-blender 3.1.8
Tweet-blender Tweet-blender 3.1.7
Tweet-blender Tweet-blender 3.1.6
Tweet-blender Tweet-blender 3.1.5
Tweet-blender Tweet-blender 3.1.4
Tweet-blender Tweet-blender 3.0.0
Tweet-blender Tweet-blender 2.4.7
Tweet-blender Tweet-blender 2.4.6
Tweet-blender Tweet-blender 2.4.5
Tweet-blender Tweet-blender 2.0.4
Tweet-blender Tweet-blender 2.0.3
Tweet-blender Tweet-blender 2.0.2
Tweet-blender Tweet-blender 2.0.1
Tweet-blender Tweet-blender 3.3.9
383
VMScore
CVE-2013-6280
Cross-site scripting (XSS) vulnerability in Social Sharing Toolkit plugin prior to 2.1.2 for WordPress allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Linksalpha Social Sharing Toolkit Plugin
Linksalpha Social Sharing Toolkit Plugin 1.3.1
Linksalpha Social Sharing Toolkit Plugin 1.3.0
Linksalpha Social Sharing Toolkit Plugin 1.2.5
Linksalpha Social Sharing Toolkit Plugin 1.2.0
Linksalpha Social Sharing Toolkit Plugin 1.0.1
Linksalpha Social Sharing Toolkit Plugin 2.0.6
Linksalpha Social Sharing Toolkit Plugin 2.0.5
Linksalpha Social Sharing Toolkit Plugin 2.0.4
Linksalpha Social Sharing Toolkit Plugin 2.0.3
Linksalpha Social Sharing Toolkit Plugin 2.0.9
Linksalpha Social Sharing Toolkit Plugin 2.0.7
Linksalpha Social Sharing Toolkit Plugin 2.0.2
Linksalpha Social Sharing Toolkit Plugin 2.0.0
Linksalpha Social Sharing Toolkit Plugin 1.0.0
Linksalpha Social Sharing Toolkit Plugin 2.1.0
Linksalpha Social Sharing Toolkit Plugin 2.0.8
Linksalpha Social Sharing Toolkit Plugin 2.0.1
Linksalpha Social Sharing Toolkit Plugin 1.3.2
383
VMScore
CVE-2012-1068
Cross-site scripting (XSS) vulnerability in the rc_ajax function in core.php in the WP-RecentComments plugin prior to 2.0.7 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the page parameter, related to AJAX paging.
Mg12 Wp-recentcomments 2.0.4
Mg12 Wp-recentcomments 2.0.3
Mg12 Wp-recentcomments 2.0.6
Mg12 Wp-recentcomments 2.0.5
Mg12 Wp-recentcomments 1.8.1
Mg12 Wp-recentcomments 1.8
Mg12 Wp-recentcomments 2.0.2
Mg12 Wp-recentcomments 2.0.1
Mg12 Wp-recentcomments
Mg12 Wp-recentcomments 2.0
Mg12 Wp-recentcomments 1.8.2
383
VMScore
CVE-2008-5278
Cross-site scripting (XSS) vulnerability in the self_link function in in the RSS Feed Generator (wp-includes/feed.php) for WordPress prior to 2.6.5 allows remote malicious users to inject arbitrary web script or HTML via the Host header (HTTP_HOST variable).
Wordpress Wordpress 2.3
Wordpress Wordpress 2.2 Revision5003
Wordpress Wordpress 2.1.3 Rc1
Wordpress Wordpress 2.1.3
Wordpress Wordpress 2.1
Wordpress Wordpress 2.0.8
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.0.10
Wordpress Wordpress 1.2.1
Wordpress Wordpress 1.2.2
Wordpress Wordpress 1.0-platinum
Wordpress Wordpress 1.0.2-blakey
Wordpress Wordpress 0.6.2.1
Wordpress Wordpress 0.6.2
Wordpress Wordpress 0.72
Wordpress Wordpress 2.5
Wordpress Wordpress 2.5.1
Wordpress Wordpress 2.3.1
Wordpress Wordpress 2.2.2
Wordpress Wordpress 2.2.1
Wordpress Wordpress 2.2.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »