Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.3 vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2013-3477
Cross-site request forgery (CSRF) vulnerability in the Related Posts by Zemanta plugin prior to 1.3.2 for WordPress allows remote malicious users to hijack the authentication of unspecified users for requests that change settings via unknown vectors.
Zemanta Related Posts
Zemanta Related Posts 1.3
Zemanta Related Posts 1.2
Zemanta Related Posts 1.1
Zemanta Related Posts 1.0
755
VMScore
CVE-2013-1852
SQL injection vulnerability in leaguemanager.php in the LeagueManager plugin prior to 3.8.1 for WordPress allows remote malicious users to execute arbitrary SQL commands via the league_id parameter in the leaguemanager-export page to wp-admin/admin.php.
Kolja Schleich Leaguemanager
Kolja Schleich Leaguemanager 3.7
Kolja Schleich Leaguemanager 3.6.9
Kolja Schleich Leaguemanager 3.5.2
Kolja Schleich Leaguemanager 3.5.1
Kolja Schleich Leaguemanager 3.5
Kolja Schleich Leaguemanager 3.4.2
Kolja Schleich Leaguemanager 3.1.7
Kolja Schleich Leaguemanager 3.1.6
Kolja Schleich Leaguemanager 3.1.5
Kolja Schleich Leaguemanager 3.1.4
Kolja Schleich Leaguemanager 2.9
Kolja Schleich Leaguemanager 2.8
Kolja Schleich Leaguemanager 2.7.1
Kolja Schleich Leaguemanager 2.1
Kolja Schleich Leaguemanager 2.0
Kolja Schleich Leaguemanager 1.5
Kolja Schleich Leaguemanager 1.4.2
Kolja Schleich Leaguemanager 3.6.7
Kolja Schleich Leaguemanager 3.6.5
Kolja Schleich Leaguemanager 3.6
Kolja Schleich Leaguemanager 3.5.5
1 EDB exploit
1 Github repository
383
VMScore
CVE-2017-14751
The Intense WP "WP Jobs" plugin 1.5 for WordPress has XSS, related to the Job Qualification field.
Intensewp Wp Jobs 1.5
Intensewp Wp Jobs 1.1
Intensewp Wp Jobs 1.3
Intensewp Wp Jobs 1.0
Intensewp Wp Jobs 1.2
Intensewp Wp Jobs 1.4
435
VMScore
CVE-2011-4926
Cross-site scripting (XSS) vulnerability in adminimize/adminimize_page.php in the Adminimize plugin prior to 1.7.22 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the page parameter.
Bueltge Adminimize
Bueltge Adminimize 0.6.9
Bueltge Adminimize 0.7
Bueltge Adminimize 0.7.1
Bueltge Adminimize 0.7.2
Bueltge Adminimize 0.7.3
Bueltge Adminimize 0.7.5
Bueltge Adminimize 0.7.6
Bueltge Adminimize 0.7.7
Bueltge Adminimize 0.7.8
Bueltge Adminimize 0.7.9
Bueltge Adminimize 0.8
Bueltge Adminimize 0.8.1
Bueltge Adminimize 1.0
Bueltge Adminimize 1.1
Bueltge Adminimize 1.2
Bueltge Adminimize 1.3
Bueltge Adminimize 1.4
Bueltge Adminimize 1.4.1
Bueltge Adminimize 1.4.2
Bueltge Adminimize 1.4.3-6
Bueltge Adminimize 1.4.7
1 EDB exploit
383
VMScore
CVE-2013-5711
Cross-site scripting (XSS) vulnerability in admin/walkthrough/walkthrough.php in the Design Approval System plugin prior to 3.7 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the step parameter.
Slickremix Design Approval System Plugin 2.6
Slickremix Design Approval System Plugin 2.5
Slickremix Design Approval System Plugin 2.4
Slickremix Design Approval System Plugin 2.3
Slickremix Design Approval System Plugin 3.4
Slickremix Design Approval System Plugin 3.3
Slickremix Design Approval System Plugin 3.2
Slickremix Design Approval System Plugin 3.1
Slickremix Design Approval System Plugin 1.8
Slickremix Design Approval System Plugin 1.7
Slickremix Design Approval System Plugin 1.6
Slickremix Design Approval System Plugin 1.5
Slickremix Design Approval System Plugin 1.4
Slickremix Design Approval System Plugin 3.5
Slickremix Design Approval System Plugin 3.0
Slickremix Design Approval System Plugin 2.8
Slickremix Design Approval System Plugin 2.1
Slickremix Design Approval System Plugin 1.9
Slickremix Design Approval System Plugin 1.2
Slickremix Design Approval System Plugin 1.0
Slickremix Design Approval System Plugin
Slickremix Design Approval System Plugin 2.9
383
VMScore
CVE-2011-3857
Cross-site scripting (XSS) vulnerability in the Antisnews theme prior to 1.10 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the s parameter.
Antisocialmediallc Antisnews
Antisocialmediallc Antisnews 1.0
Antisocialmediallc Antisnews 1.1
Antisocialmediallc Antisnews 1.2
Antisocialmediallc Antisnews 1.3
Antisocialmediallc Antisnews 1.4
Antisocialmediallc Antisnews 1.5
Antisocialmediallc Antisnews 1.6
Antisocialmediallc Antisnews 1.7
Antisocialmediallc Antisnews 1.8
685
VMScore
CVE-2014-4717
Multiple cross-site request forgery (CSRF) vulnerabilities in the Simple Share Buttons Adder plugin prior to 4.5 for WordPress allow remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) ssba...
Sharethis Simple Share Buttons Adder 2.2
Sharethis Simple Share Buttons Adder 2.0
Sharethis Simple Share Buttons Adder 1.0
Sharethis Simple Share Buttons Adder 3.2
Sharethis Simple Share Buttons Adder 3.9
Sharethis Simple Share Buttons Adder 3.8
Sharethis Simple Share Buttons Adder 1.5
Sharethis Simple Share Buttons Adder 2.3
Sharethis Simple Share Buttons Adder 1.1
Sharethis Simple Share Buttons Adder 3.1
Sharethis Simple Share Buttons Adder 3.0
Sharethis Simple Share Buttons Adder 2.9
Sharethis Simple Share Buttons Adder 1.3
Sharethis Simple Share Buttons Adder 4.1
Sharethis Simple Share Buttons Adder 4.0
Sharethis Simple Share Buttons Adder 2.4
Sharethis Simple Share Buttons Adder
Sharethis Simple Share Buttons Adder 4.2
Sharethis Simple Share Buttons Adder 3.5
Sharethis Simple Share Buttons Adder 2.8
Sharethis Simple Share Buttons Adder 2.6
Sharethis Simple Share Buttons Adder 1.9
1 EDB exploit
685
VMScore
CVE-2012-5387
Cross-site request forgery (CSRF) vulnerability in wlcms-plugin.php in the White Label CMS plugin prior to 1.5.1 for WordPress allows remote malicious users to hijack the authentication of administrators for requests that modify the developer name via the wlcms_o_developer_name p...
Videousermanuals White-label-cms 1.4.1
Videousermanuals White-label-cms 1.4
Videousermanuals White-label-cms 1.0.2
Videousermanuals White-label-cms 1.4.3
Videousermanuals White-label-cms 1.4.2
Videousermanuals White-label-cms 1.0.4
Videousermanuals White-label-cms 1.0.3
Videousermanuals White-label-cms
Videousermanuals White-label-cms 1.4.7
Videousermanuals White-label-cms 1.3
Videousermanuals White-label-cms 1.2
Videousermanuals White-label-cms 1.4.6
Videousermanuals White-label-cms 1.4.5
Videousermanuals White-label-cms 1.4.4
Videousermanuals White-label-cms 1.1
Videousermanuals White-label-cms 1.0.5
1 EDB exploit
445
VMScore
CVE-2013-2640
ajax.functions.php in the MailUp plugin prior to 1.3.2 for WordPress does not properly restrict access to unspecified Ajax functions, which allows remote malicious users to modify plugin settings and conduct cross-site scripting (XSS) attacks via unspecified vectors related to &q...
Mailup Wp-mailup 1.1.0
Mailup Wp-mailup
Mailup Wp-mailup 1.3
Mailup Wp-mailup 1.1.1
Mailup Wp-mailup 1.0.0
Mailup Wp-mailup 1.21
Mailup Wp-mailup 1.2
Mailup Wp-mailup 1.1.3
Mailup Wp-mailup 1.1.2
668
VMScore
CVE-2013-0724
PHP remote file inclusion vulnerability in includes/generate-pdf.php in the WP ecommerce Shop Styling plugin for WordPress prior to 1.8 allows remote malicious users to execute arbitrary PHP code via a URL in the dompdf parameter.
Wpshopstyling Wp-ecommerce-shop-styling 1.2
Wpshopstyling Wp-ecommerce-shop-styling 1.0
Wpshopstyling Wp-ecommerce-shop-styling 1.6
Wpshopstyling Wp-ecommerce-shop-styling 1.5
Wpshopstyling Wp-ecommerce-shop-styling
Wpshopstyling Wp-ecommerce-shop-styling 1.4
Wpshopstyling Wp-ecommerce-shop-styling 1.3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
open redirect
CVE-2024-3946
LFI
CVE-2024-25977
CVE-2024-36368
CVE-2024-23109
CVE-2024-23580
CVE-2024-23108
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »