Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

wordpress wordpress 3.1.1 vulnerabilities and exploits

(subscribe to this query)

NA
CVE-2014-2340
Cross-site request forgery (CSRF) vulnerability in the XCloner plugin before 3.1.1 for WordPress allows remote attackers to hijack the authentication of administrators for requests that create website backups via a request to wp-admin/plugins.php....
Xcloner XclonerXcloner Xcloner 2.1.2Xcloner Xcloner 3.0Xcloner Xcloner 3.0.3Xcloner Xcloner 3.0.1Xcloner Xcloner 3.0.6Xcloner Xcloner 3.0.8Xcloner Xcloner 3.0.7Xcloner Xcloner 3.0.5Xcloner Xcloner 3.0.2Xcloner Xcloner 3.0.4Xcloner Xcloner 2.2.1Xcloner Xcloner 2.1
NA
CVE-2013-5962
Unrestricted file upload vulnerability in frames/upload-images.php in the Complete Gallery Manager plugin before 3.3.4 rev40279 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct...
Envato Complete Gallery Manager Plugin 3.3.2Envato Complete Gallery Manager Plugin 3.3.1Envato Complete Gallery Manager Plugin 3.2.2Envato Complete Gallery Manager Plugin 3.2.1Envato Complete Gallery Manager Plugin 2.0.2Envato Complete Gallery Manager Plugin 2.0.1Envato Complete Gallery Manager Plugin 3.2.6Envato Complete Gallery Manager Plugin 3.2.5Envato Complete Gallery Manager Plugin 3.1.0Envato Complete Gallery Manager Plugin 3.0.1Envato Complete Gallery Manager Plugin 1.0.1Envato Complete Gallery Manager Plugin 1.0.0Envato Complete Gallery Manager Plugin 3.3.0Envato Complete Gallery Manager Plugin 3.2.8Envato Complete Gallery Manager Plugin 3.2.7Envato Complete Gallery Manager Plugin 3.2.0Envato Complete Gallery Manager Plugin 3.1.1Envato Complete Gallery Manager Plugin 2.0.0Envato Complete Gallery Manager Plugin 1.0.2Envato Complete Gallery Manager PluginEnvato Complete Gallery Manager Plugin 3.2.4Envato Complete Gallery Manager Plugin 3.2.3Envato Complete Gallery Manager Plugin 3.0.0Envato Complete Gallery Manager Plugin 2.0.3
NA
CVE-2013-1636
Cross-site scripting (XSS) vulnerability in open-flash-chart.swf in Open Flash Chart (aka Open-Flash Chart), as used in the Pretty Link Lite plugin before 1.6.3 for WordPress, JNews (com_jnews) component 8.0.1 for Joomla!, and CiviCRM 3.1.0 through 4.2.9 and 4.3.0 through 4.3.3,...
Blair Williams Pretty Link Lite 1.6.0Blair Williams Pretty Link Lite 1.6.1Blair Williams Pretty Link LiteJoobi Com Jnews 8.0.1Civicrm Civicrm 4.3.1Civicrm Civicrm 3.1.1Civicrm Civicrm 3.1.2Civicrm Civicrm 3.2.2Civicrm Civicrm 3.2.3Civicrm Civicrm 3.3.6Civicrm Civicrm 3.4.0Civicrm Civicrm 4.1.5Civicrm Civicrm 4.1.6Civicrm Civicrm 4.2.7Civicrm Civicrm 4.2.8Civicrm Civicrm 4.3.3Civicrm Civicrm 3.1.0Civicrm Civicrm 3.2.0Civicrm Civicrm 3.2.1Civicrm Civicrm 3.3.3Civicrm Civicrm 3.3.5Civicrm Civicrm 4.1.3Civicrm Civicrm 4.1.4Civicrm Civicrm 4.2.5Civicrm Civicrm 4.2.6Civicrm Civicrm 4.3.2Civicrm Civicrm 3.1.5Civicrm Civicrm 3.1.6Civicrm Civicrm 3.3.0Civicrm Civicrm 3.3.1Civicrm Civicrm 3.3.2Civicrm Civicrm 4.1.1Civicrm Civicrm 4.1.2Civicrm Civicrm 4.2.2Civicrm Civicrm 4.2.4Civicrm Civicrm 4.3.0Civicrm Civicrm 3.1.3Civicrm Civicrm 3.1.4Civicrm Civicrm 3.2.4Civicrm Civicrm 3.2.5Civicrm Civicrm 4.0.5Civicrm Civicrm 4.1.0Civicrm Civicrm 4.2.0Civicrm Civicrm 4.2.1Civicrm Civicrm 4.2.9
4.8
CVE-2022-2635
The Autoptimize WordPress plugin before 3.1.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...
Autoptimize Autoptimize
6.1
CVSSv3
CVE-2021-24387
The WP Pro Real Estate 7 WordPress theme before 3.1.1 did not properly sanitise the ct_community parameter in its search listing page before outputting it back in it, leading to a reflected Cross-Site Scripting which can be triggered in both unauthenticated or authenticated user...
Contempothemes Real Estate 7
NA
CVE-2014-7228
Akeeba Restore (restore.php), as used in Joomla! 2.5.4 through 2.5.25, 3.x through 3.2.5, and 3.3.0 through 3.3.4; Akeeba Backup for Joomla! Professional 3.0.0 through 4.0.2; Backup Professional for WordPress 1.0.b1 through 1.1.3; Solo 1.0.b1 through 1.1.2; Admin Tools Core and...
Joomla Joomla\\! 2.5.4Joomla Joomla\\! 2.5.11Joomla Joomla\\! 2.5.13Joomla Joomla\\! 2.5.18Joomla Joomla\\! 2.5.21Joomla Joomla\\! 3.0.2Joomla Joomla\\! 3.0.4Joomla Joomla\\! 3.1.6Joomla Joomla\\! 3.2.1Joomla Joomla\\! 3.3.0Joomla Joomla\\! 3.3.2Joomla Joomla\\! 2.5.5Joomla Joomla\\! 2.5.6Joomla Joomla\\! 2.5.7Joomla Joomla\\! 2.5.8Joomla Joomla\\! 2.5.9Joomla Joomla\\! 2.5.23Joomla Joomla\\! 2.5.24Joomla Joomla\\! 2.5.25Joomla Joomla\\! 3.0.0Joomla Joomla\\! 3.2.2Joomla Joomla\\! 3.2.3Joomla Joomla\\! 3.2.4Joomla Joomla\\! 3.2.5Joomla Joomla\\! 2.5.10Joomla Joomla\\! 2.5.12Joomla Joomla\\! 2.5.20Joomla Joomla\\! 2.5.22Joomla Joomla\\! 3.0.1Joomla Joomla\\! 3.0.3Joomla Joomla\\! 3.1.5Joomla Joomla\\! 3.2.0Joomla Joomla\\! 3.3.1Joomla Joomla\\! 3.3.3Joomla Joomla\\! 2.5.14Joomla Joomla\\! 2.5.15Joomla Joomla\\! 2.5.16Joomla Joomla\\! 2.5.17Joomla Joomla\\! 3.1.0Joomla Joomla\\! 3.1.1Joomla Joomla\\! 3.1.2Joomla Joomla\\! 3.1.3Joomla Joomla\\! 3.1.4Joomla Joomla\\! 3.3.4Joomla Joomla\\! 2.5.19
NA
CVE-2013-1852
SQL injection vulnerability in leaguemanager.php in the LeagueManager plugin before 3.8.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the league_id parameter in the leaguemanager-export page to wp-admin/admin.php....
Kolja Schleich LeaguemanagerKolja Schleich Leaguemanager 3.7Kolja Schleich Leaguemanager 3.6.9Kolja Schleich Leaguemanager 3.5.2Kolja Schleich Leaguemanager 3.5.1Kolja Schleich Leaguemanager 3.5Kolja Schleich Leaguemanager 3.4.2Kolja Schleich Leaguemanager 3.1.7Kolja Schleich Leaguemanager 3.1.6Kolja Schleich Leaguemanager 3.1.5Kolja Schleich Leaguemanager 3.1.4Kolja Schleich Leaguemanager 2.9Kolja Schleich Leaguemanager 2.8Kolja Schleich Leaguemanager 2.7.1Kolja Schleich Leaguemanager 2.1Kolja Schleich Leaguemanager 2.0Kolja Schleich Leaguemanager 1.5Kolja Schleich Leaguemanager 1.4.2Kolja Schleich Leaguemanager 3.6.7Kolja Schleich Leaguemanager 3.6.5Kolja Schleich Leaguemanager 3.6Kolja Schleich Leaguemanager 3.5.5Kolja Schleich Leaguemanager 3.5.3Kolja Schleich Leaguemanager 3.4.1Kolja Schleich Leaguemanager 3.4Kolja Schleich Leaguemanager 3.2Kolja Schleich Leaguemanager 3.1.8Kolja Schleich Leaguemanager 3.1.3Kolja Schleich Leaguemanager 3.1.1Kolja Schleich Leaguemanager 3.0.4Kolja Schleich Leaguemanager 2.9.3Kolja Schleich Leaguemanager 2.9.1Kolja Schleich Leaguemanager 2.6.3Kolja Schleich Leaguemanager 2.6.1Kolja Schleich Leaguemanager 2.4.1Kolja Schleich Leaguemanager 2.3.1Kolja Schleich Leaguemanager 2.2Kolja Schleich Leaguemanager 1.4.1Kolja Schleich Leaguemanager 1.3Kolja Schleich Leaguemanager 3.6.4Kolja Schleich Leaguemanager 3.6.3Kolja Schleich Leaguemanager 3.6.2Kolja Schleich Leaguemanager 3.6.1Kolja Schleich Leaguemanager 3.3.1Kolja Schleich Leaguemanager 3.3Kolja Schleich Leaguemanager 3.2.2Kolja Schleich Leaguemanager 3.2.1Kolja Schleich Leaguemanager 3.0.3Kolja Schleich Leaguemanager 3.0.2Kolja Schleich Leaguemanager 3.0.1Kolja Schleich Leaguemanager 3.0Kolja Schleich Leaguemanager 2.6Kolja Schleich Leaguemanager 2.5.2Kolja Schleich Leaguemanager 2.5.1Kolja Schleich Leaguemanager 2.5Kolja Schleich Leaguemanager 1.2.1Kolja Schleich Leaguemanager 1.2Kolja Schleich Leaguemanager 1.1Kolja Schleich Leaguemanager 1.0Kolja Schleich Leaguemanager 3.6.8Kolja Schleich Leaguemanager 3.6.6Kolja Schleich Leaguemanager 3.5.6Kolja Schleich Leaguemanager 3.5.4Kolja Schleich Leaguemanager 3.1.9Kolja Schleich Leaguemanager 3.1.2Kolja Schleich Leaguemanager 3.1Kolja Schleich Leaguemanager 2.9.2Kolja Schleich Leaguemanager 2.7Kolja Schleich Leaguemanager 2.6.2Kolja Schleich Leaguemanager 2.4Kolja Schleich Leaguemanager 2.3Kolja Schleich Leaguemanager 1.4Kolja Schleich Leaguemanager 1.2.2
NA
CVE-2013-6342
Cross-site scripting (XSS) vulnerability in the Tweet Blender plugin before 4.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the tb_tab_index parameter to wp-admin/options-general.php....
Tweet-blender Tweet-blenderTweet-blender Tweet-blender 4.0.0Tweet-blender Tweet-blender 3.3.15Tweet-blender Tweet-blender 3.3.14Tweet-blender Tweet-blender 3.3.0Tweet-blender Tweet-blender 3.2.4Tweet-blender Tweet-blender 3.2.3Tweet-blender Tweet-blender 3.2.2Tweet-blender Tweet-blender 3.1.8Tweet-blender Tweet-blender 3.1.7Tweet-blender Tweet-blender 3.1.6Tweet-blender Tweet-blender 3.1.5Tweet-blender Tweet-blender 3.1.4Tweet-blender Tweet-blender 3.0.0Tweet-blender Tweet-blender 2.4.7Tweet-blender Tweet-blender 2.4.6Tweet-blender Tweet-blender 2.4.5Tweet-blender Tweet-blender 2.0.4Tweet-blender Tweet-blender 2.0.3Tweet-blender Tweet-blender 2.0.2Tweet-blender Tweet-blender 2.0.1Tweet-blender Tweet-blender 3.3.9Tweet-blender Tweet-blender 3.3.8Tweet-blender Tweet-blender 3.3.7Tweet-blender Tweet-blender 3.3.6Tweet-blender Tweet-blender 3.3.5Tweet-blender Tweet-blender 3.1.16Tweet-blender Tweet-blender 3.1.15Tweet-blender Tweet-blender 3.1.14Tweet-blender Tweet-blender 3.1.13Tweet-blender Tweet-blender 3.0.8Tweet-blender Tweet-blender 3.0.7Tweet-blender Tweet-blender 3.0.6Tweet-blender Tweet-blender 3.0.5Tweet-blender Tweet-blender 2.3.0Tweet-blender Tweet-blender 2.2.3Tweet-blender Tweet-blender 2.2.2Tweet-blender Tweet-blender 3.3.13Tweet-blender Tweet-blender 3.3.11Tweet-blender Tweet-blender 3.3.4Tweet-blender Tweet-blender 3.3.2Tweet-blender Tweet-blender 3.2.0Tweet-blender Tweet-blender 3.1.17Tweet-blender Tweet-blender 3.1.12Tweet-blender Tweet-blender 3.1.10Tweet-blender Tweet-blender 3.1.3Tweet-blender Tweet-blender 3.1.1Tweet-blender Tweet-blender 3.0.3Tweet-blender Tweet-blender 3.0.1Tweet-blender Tweet-blender 2.4.4Tweet-blender Tweet-blender 2.4.2Tweet-blender Tweet-blender 2.4.0Tweet-blender Tweet-blender 2.2.0Tweet-blender Tweet-blender 2.1.0Tweet-blender Tweet-blender 3.3.12Tweet-blender Tweet-blender 3.3.10Tweet-blender Tweet-blender 3.3.3Tweet-blender Tweet-blender 3.3.1Tweet-blender Tweet-blender 3.2.1Tweet-blender Tweet-blender 3.1.18Tweet-blender Tweet-blender 3.1.11Tweet-blender Tweet-blender 3.1.9Tweet-blender Tweet-blender 3.1.2Tweet-blender Tweet-blender 3.1.0Tweet-blender Tweet-blender 3.0.4Tweet-blender Tweet-blender 3.0.2Tweet-blender Tweet-blender 2.4.3Tweet-blender Tweet-blender 2.4.1Tweet-blender Tweet-blender 2.1.1Tweet-blender Tweet-blender 2.0.5Tweet-blender Tweet-blender 2.0.0Tweet-blender Tweet-blender 2.2.1
8.8
CVE-2022-3240
The "Follow Me Plugin" plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.1.1. This is due to missing nonce validation on the FollowMeIgniteSocialMedia_options_page() function. This makes it possible for unauthenticated...
Follow Me Plugin Project Follow Me Plugin
9.8
CVE-2020-36724
The Wordable plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.1.1. This is due to the use of a user supplied hashing algorithm passed to the hash_hmac() function and the use of a loose comparison on the hash which allows an attacker...
Wordable Wordable
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
XSSCVE-2023-48314CVE-2023-6376CVE-2023-46384arbitrary codeCVE-2023-42917CVE-2023-48842CVE-2023-42916firewall
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook