Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.4 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2022-0621
The dTabs WordPress plugin up to and including 1.4 does not sanitize and escape the tab parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting.
Dtabs Project Dtabs
383
VMScore
CVE-2017-1000033
Wordpress Plugin Vospari Forms version < 1.4 is vulnerable to a reflected cross site scripting in the form submission resulting in javascript code execution in the context on the current user.
Vospari Forms Project Vospari Forms
668
VMScore
CVE-2014-3937
SQL injection vulnerability in the Contextual Related Posts plugin prior to 1.8.10.2 for WordPress allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Ajaydsouza Contextual Related Posts 1.8.9.1
Ajaydsouza Contextual Related Posts 1.8.8
Ajaydsouza Contextual Related Posts 1.8.1
Ajaydsouza Contextual Related Posts 1.7.3
Ajaydsouza Contextual Related Posts 1.6.4
Ajaydsouza Contextual Related Posts 1.6.2
Ajaydsouza Contextual Related Posts 1.4.1
Ajaydsouza Contextual Related Posts 1.3.1
Ajaydsouza Contextual Related Posts 1.0
Ajaydsouza Contextual Related Posts 1.8.6
Ajaydsouza Contextual Related Posts 1.8.5
Ajaydsouza Contextual Related Posts 1.8.4
Ajaydsouza Contextual Related Posts 1.8.3
Ajaydsouza Contextual Related Posts 1.6
Ajaydsouza Contextual Related Posts 1.5.2
Ajaydsouza Contextual Related Posts 1.5.1
Ajaydsouza Contextual Related Posts 1.5
Ajaydsouza Contextual Related Posts 1.4.2
Ajaydsouza Contextual Related Posts
Ajaydsouza Contextual Related Posts 1.8.10
Ajaydsouza Contextual Related Posts 1.7.2
Ajaydsouza Contextual Related Posts 1.7.1
NA
CVE-2023-2813
All of the above Aapna WordPress theme up to and including 1.3, Anand WordPress theme up to and including 1.2, Anfaust WordPress theme up to and including 1.1, Arendelle WordPress theme prior to 1.1.13, Atlast Business WordPress theme up to and including 1.5.8.5, Bazaar Lite Word...
Saumendra Aapna
Saumendra Anand
Thewebhunter Anfaust
Deothemes Arendelle
Archimidismertzanos Atlast Business
Themeinprogress Bazaar Lite
Arthousewebdesign Brain Power
Yws Bunnypress Lite
Ayecode Cafe Bistro
Ayecode College
Omarfolgheraiter Digitally
Henleythemes Counterpoint
Ajaydsouza Connections Reloaded
Competethemes Drop
Ayecode Directory
Deothemes Everse
Archimidismertzanos Fashionable Store
Marchettidesign Fullbase
Dotecsa Ilex
Jinwen Js O3 Lite
Climaxthemes Kata
Jinwen Js Paper
312
VMScore
CVE-2022-1387
The No Future Posts WordPress plugin up to and including 1.4 does not escape its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks when unfiltered_html is disallowed
No Future Posts Project No Future Posts
NA
CVE-2024-3918
The Pet Manager WordPress plugin up to and including 1.4 does not sanitise and escape some of its Pet settings, which could allow high privilege users such as Contributor to perform Stored Cross-Site Scripting attacks.
383
VMScore
CVE-2014-4550
Cross-site scripting (XSS) vulnerability in preview-shortcode-external.php in the Shortcode Ninja plugin 1.4 and previous versions for WordPress allows remote malicious users to inject arbitrary web script or HTML via the shortcode parameter.
Visualshortcodes Ninja
383
VMScore
CVE-2011-5128
Multiple cross-site scripting (XSS) vulnerabilities in the Adminimize plugin prior to 1.7.22 for WordPress allow remote malicious users to inject arbitrary web script or HTML via the page parameter to (1) inc-options/deinstall_options.php, (2) inc-options/theme_options.php, or (3...
Bueltge Adminimize
Bueltge Adminimize 0.6.9
Bueltge Adminimize 0.7
Bueltge Adminimize 0.7.1
Bueltge Adminimize 0.7.2
Bueltge Adminimize 0.7.3
Bueltge Adminimize 0.7.5
Bueltge Adminimize 0.7.6
Bueltge Adminimize 0.7.7
Bueltge Adminimize 0.7.8
Bueltge Adminimize 0.7.9
Bueltge Adminimize 0.8
Bueltge Adminimize 0.8.1
Bueltge Adminimize 1.0
Bueltge Adminimize 1.1
Bueltge Adminimize 1.2
Bueltge Adminimize 1.3
Bueltge Adminimize 1.4
Bueltge Adminimize 1.4.1
Bueltge Adminimize 1.4.2
Bueltge Adminimize 1.4.3-6
Bueltge Adminimize 1.4.7
668
VMScore
CVE-2009-2144
SQL injection vulnerability in the FireStats plugin prior to 1.6.2-stable for WordPress allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Edgewall Firestats 0.9.0-beta
Edgewall Firestats 0.9.2-beta
Edgewall Firestats 0.9.4-beta
Edgewall Firestats 0.9.3-beta
Edgewall Firestats 1.1.3
Edgewall Firestats 1.1.4
Edgewall Firestats 1.1.5
Edgewall Firestats 1.1.6
Edgewall Firestats 1.3.0-beta
Edgewall Firestats 1.4.4
Edgewall Firestats 1.4.3
Edgewall Firestats 1.4
Edgewall Firestats 1.5.12
Edgewall Firestats 1.5
Edgewall Firestats 1.6.0-beta1
Edgewall Firestats 1.6.0-beta2
Edgewall Firestats 1.6
Firestats Firestats 1.6.0
Edgewall Firestats 0.9.1-beta
Edgewall Firestats 0.9.5-beta
Edgewall Firestats 0.9.7-beta
Edgewall Firestats 0.9.9
668
VMScore
CVE-2009-2143
PHP remote file inclusion vulnerability in firestats-wordpress.php in the FireStats plugin prior to 1.6.2-stable for WordPress allows remote malicious users to execute arbitrary PHP code via a URL in the fs_javascript parameter.
Firestats Firestats 1.6.0
Firestats Firestats 1.6.0-beta1
Firestats Firestats 0.9.0-beta
Firestats Firestats 0.9.1-beta
Firestats Firestats 0.9.8-beta
Firestats Firestats 0.9.9
Firestats Firestats 1.1.3
Firestats Firestats 1.2.1
Firestats Firestats 1.2.2
Firestats Firestats 1.6.0-beta2
Firestats Firestats 0.9.2-beta
Firestats Firestats 1.3.4
Firestats Firestats 1.3.5
Firestats Firestats 1.3.6
Firestats Firestats 1.5
Firestats Firestats 1.5.0-beta
Firestats Firestats 1.5.5
Firestats Firestats 1.5.7
Firestats Firestats 0.9.6-beta
Firestats Firestats 0.9.7-beta
Firestats Firestats 1.1.1
Firestats Firestats 1.1.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36954
CVE-2024-36933
CVE-2024-24919
CVE-2024-36923
CVE-2024-2961
CVE-2024-36925
bypass
encryption
command injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
NEXT »