Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.2.2 vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2018-11580
An issue exists in mass-pages-posts-creator.php in the MULTIDOTS Mass Pages/Posts Creator plugin 1.2.2 for WordPress. Any logged in user can launch Mass Pages/Posts creation with custom content. There is no nonce or user capability check, so anyone can launch a DoS attack against...
Multidots Mass Pages\\/posts Creator 1.2.2
383
VMScore
CVE-2012-5177
Cross-site scripting (XSS) vulnerability in the Welcart plugin prior to 1.2.2 for WordPress allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Welcart Welcart Plugin 0.5
Welcart Welcart Plugin 0.9.1
Welcart Welcart Plugin 1.2.2
Welcart Welcart Plugin 1.2.1
435
VMScore
CVE-2011-3852
Cross-site scripting (XSS) vulnerability in the EvoLve theme prior to 1.2.6 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the s parameter.
Theme4press Evolve
Theme4press Evolve 1.0
Theme4press Evolve 1.0.0
Theme4press Evolve 1.0.1
Theme4press Evolve 1.0.2
Theme4press Evolve 1.0.3
Theme4press Evolve 1.0.4
Theme4press Evolve 1.0.5
Theme4press Evolve 1.0.6
Theme4press Evolve 1.0.7
Theme4press Evolve 1.0.8
Theme4press Evolve 1.0.9
Theme4press Evolve 1.1.0
Theme4press Evolve 1.1.1
Theme4press Evolve 1.1.2
Theme4press Evolve 1.1.3
Theme4press Evolve 1.1.4
Theme4press Evolve 1.1.5
Theme4press Evolve 1.1.6
Theme4press Evolve 1.1.7
Theme4press Evolve 1.1.8
Theme4press Evolve 1.1.9
1 EDB exploit
265
VMScore
CVE-2013-4954
Multiple cross-site scripting (XSS) vulnerabilities in wp-login.php in the Genetech Solutions Pie-Register plugin prior to 1.31 for WordPress, when "Allow New Registrations to set their own Password" is enabled, allow remote malicious users to inject arbitrary web scrip...
Genetechsolutions Pie-register 1.2.9
Genetechsolutions Pie-register 1.2.1
Genetechsolutions Pie-register 1.2.0
Genetechsolutions Pie-register 1.1.3
Genetechsolutions Pie-register 1.1.2
Genetechsolutions Pie-register 1.2.91
Genetechsolutions Pie-register 1.2.3
Genetechsolutions Pie-register 1.2.2
Genetechsolutions Pie-register 1.1.6
Genetechsolutions Pie-register 1.1.5
Genetechsolutions Pie-register 1.2.6
Genetechsolutions Pie-register 1.2.4
Genetechsolutions Pie-register 1.1.8
Genetechsolutions Pie-register 1.1.7
Genetechsolutions Pie-register 1.2.8
Genetechsolutions Pie-register 1.2.7
Genetechsolutions Pie-register 1.1.9
Genetechsolutions Pie-register 1.1.1
Genetechsolutions Pie-register 1.0.1
Genetechsolutions Pie-register
1 EDB exploit
755
VMScore
CVE-2013-1852
SQL injection vulnerability in leaguemanager.php in the LeagueManager plugin prior to 3.8.1 for WordPress allows remote malicious users to execute arbitrary SQL commands via the league_id parameter in the leaguemanager-export page to wp-admin/admin.php.
Kolja Schleich Leaguemanager
Kolja Schleich Leaguemanager 3.7
Kolja Schleich Leaguemanager 3.6.9
Kolja Schleich Leaguemanager 3.5.2
Kolja Schleich Leaguemanager 3.5.1
Kolja Schleich Leaguemanager 3.5
Kolja Schleich Leaguemanager 3.4.2
Kolja Schleich Leaguemanager 3.1.7
Kolja Schleich Leaguemanager 3.1.6
Kolja Schleich Leaguemanager 3.1.5
Kolja Schleich Leaguemanager 3.1.4
Kolja Schleich Leaguemanager 2.9
Kolja Schleich Leaguemanager 2.8
Kolja Schleich Leaguemanager 2.7.1
Kolja Schleich Leaguemanager 2.1
Kolja Schleich Leaguemanager 2.0
Kolja Schleich Leaguemanager 1.5
Kolja Schleich Leaguemanager 1.4.2
Kolja Schleich Leaguemanager 3.6.7
Kolja Schleich Leaguemanager 3.6.5
Kolja Schleich Leaguemanager 3.6
Kolja Schleich Leaguemanager 3.5.5
1 EDB exploit
1 Github repository
668
VMScore
CVE-2019-14231
An issue exists in the Viral Quiz Maker - OnionBuzz plugin prior to 1.2.2 for WordPress. One could exploit the points parameter in the ob_get_results ajax nopriv handler due to there being no sanitization prior to use in a SQL query in getResultByPointsTrivia. This allows an unau...
Onionbuzz Onionbuzz
383
VMScore
CVE-2013-5918
Cross-site scripting (XSS) vulnerability in platinum_seo_pack.php in the Platinum SEO plugin prior to 1.3.8 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the s parameter.
Platinum Seo Project Platinum Seo Plugin 1.3.6
Platinum Seo Project Platinum Seo Plugin 1.3.5
Platinum Seo Project Platinum Seo Plugin 1.3.4
Platinum Seo Project Platinum Seo Plugin 1.3.3
Platinum Seo Project Platinum Seo Plugin 1.2
Platinum Seo Project Platinum Seo Plugin 1.1
Platinum Seo Project Platinum Seo Plugin 1.0
Platinum Seo Project Platinum Seo Plugin 1.2.8
Platinum Seo Project Platinum Seo Plugin 1.2.7
Platinum Seo Project Platinum Seo Plugin 1.2.6
Platinum Seo Project Platinum Seo Plugin 1.2.5
Platinum Seo Project Platinum Seo Plugin
Platinum Seo Project Platinum Seo Plugin 1.3.2
Platinum Seo Project Platinum Seo Plugin 1.3
Platinum Seo Project Platinum Seo Plugin 1.2.3
Platinum Seo Project Platinum Seo Plugin 1.2.1
Platinum Seo Project Platinum Seo Plugin 1.3.1
Platinum Seo Project Platinum Seo Plugin 1.2.9
Platinum Seo Project Platinum Seo Plugin 1.2.4
Platinum Seo Project Platinum Seo Plugin 1.2.2
383
VMScore
CVE-2011-4568
Cross-site scripting (XSS) vulnerability in view/frontend-head.php in the Flowplayer plugin prior to 1.2.12 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the URI.
Foliovision Fv Wordpress Flowplayer Plugin 1.2.10
Foliovision Fv Wordpress Flowplayer Plugin 1.2.3
Foliovision Fv Wordpress Flowplayer Plugin 1.2.1
Foliovision Fv Wordpress Flowplayer Plugin 1.0.4
Foliovision Fv Wordpress Flowplayer Plugin 1.0.2
Foliovision Fv Wordpress Flowplayer Plugin 0.9.13
Foliovision Fv Wordpress Flowplayer Plugin 1.2.0
Foliovision Fv Wordpress Flowplayer Plugin 1.1.0
Foliovision Fv Wordpress Flowplayer Plugin 1.0.6
Foliovision Fv Wordpress Flowplayer Plugin 1.0.5
Foliovision Fv Wordpress Flowplayer Plugin 1.2.8
Foliovision Fv Wordpress Flowplayer Plugin 1.2.7
Foliovision Fv Wordpress Flowplayer Plugin 1.2.6
Foliovision Fv Wordpress Flowplayer Plugin 1.2.5
Foliovision Fv Wordpress Flowplayer Plugin 1.0
Foliovision Fv Wordpress Flowplayer Plugin 0.9.18
Foliovision Fv Wordpress Flowplayer Plugin 0.9.16
Foliovision Fv Wordpress Flowplayer Plugin 0.9.15
Foliovision Fv Wordpress Flowplayer Plugin
Foliovision Fv Wordpress Flowplayer Plugin 1.2.9
Foliovision Fv Wordpress Flowplayer Plugin 1.2.4
Foliovision Fv Wordpress Flowplayer Plugin 1.2.2
NA
CVE-2022-4061
The JobBoardWP WordPress plugin prior to 1.2.2 does not properly validate file names and types in its file upload functionalities, allowing unauthenticated users to upload arbitrary files such as PHP.
Ultimatemember Jobboardwp
3 Github repositories
668
VMScore
CVE-2012-6719
The sharebar plugin prior to 1.2.2 for WordPress has SQL injection.
Sharebar Project Sharebar
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »