Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 3.3 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-1850
The AI Post Generator | AutoWriter plugin for WordPress is vulnerable to unauthorized access, modification or deletion of posts due to a missing capability check on functions hooked by AJAX actions in all versions up to, and including, 3.3. This makes it possible for authenticate...
NA
CVE-2023-5614
The Theme Switcha plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'theme_switcha_list' shortcode in all versions up to, and including, 3.3 due to insufficient input sanitization and output escaping on user supplied attributes. Thi...
Plugin-planet Theme Switcha
NA
CVE-2023-2495
The Greeklish-permalink WordPress plugin up to and including 3.3 does not implement correct authorization or nonce checks in the cyrtrans_ajax_old AJAX action, allowing unauthenticated and low-privilege users to trigger the plugin's functionality to change Post slugs either ...
Greeklish-permalink Project Greeklish-permalink
NA
CVE-2023-0262
The WP Airbnb Review Slider WordPress plugin prior to 3.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber.
Ljapps Wp Airbnb Review Slider
NA
CVE-2022-4792
The News & Blog Designer Pack WordPress plugin prior to 3.3 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack.
Infornweb News \\& Blog Designer Pack
NA
CVE-2022-4305
The Login as User or Customer WordPress plugin prior to 3.3 lacks authorization checks to ensure that users are allowed to log in as another one, which could allow unauthenticated malicious users to obtain a valid admin session.
Wp-buy Login As User Or Customer \\(user Switching\\)
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6