Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 2.0 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2017-6104
Remote file upload vulnerability in Wordpress Plugin Mobile App Native 3.0.
Zen Mobile App Native Project Zen Mobile App Native
1 EDB exploit
5
CVSSv2
CVE-2014-5337
The WordPress Mobile Pack plugin prior to 2.0.2 for WordPress does not properly restrict access to password protected posts, which allows remote malicious users to obtain sensitive information via an exportarticles action to export/content.php.
Wpmobilepack Wordpress Mobile Pack 1.2.4
Wpmobilepack Wordpress Mobile Pack 1.2.1
Wpmobilepack Wordpress Mobile Pack 1.1.3
Wpmobilepack Wordpress Mobile Pack 1.1.1
Wordpress Mobile Pack Project Wordpress Mobile Pack 1.2.0
Wpmobilepack Wordpress Mobile Pack 1.1.92
Wpmobilepack Wordpress Mobile Pack 1.1.91
Wordpress Mobile Pack Project Wordpress Mobile Pack
Wpmobilepack Wordpress Mobile Pack 2.0
Wpmobilepack Wordpress Mobile Pack 1.2.5
Wpmobilepack Wordpress Mobile Pack 1.0.8223
Wpmobilepack Wordpress Mobile Pack 1.2.3
Wpmobilepack Wordpress Mobile Pack 1.1.9
Wpmobilepack Wordpress Mobile Pack 1.1.2
5
CVSSv2
CVE-2012-4915
Directory traversal vulnerability in the Google Doc Embedder plugin prior to 2.5.4 for WordPress allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter to libs/pdf.php.
Davistribe Google Doc Embedder 2.5.2
Davistribe Google Doc Embedder 2.5.1
Davistribe Google Doc Embedder 2.4.1
Davistribe Google Doc Embedder 2.4
Davistribe Google Doc Embedder 2.5
Davistribe Google Doc Embedder 2.4.6
Davistribe Google Doc Embedder 2.3
Davistribe Google Doc Embedder 2.2.3
Davistribe Google Doc Embedder 2.4.5
Davistribe Google Doc Embedder 2.4.4
Davistribe Google Doc Embedder 2.2.2
Davistribe Google Doc Embedder 2.2.1
Davistribe Google Doc Embedder 2.2
Davistribe Google Doc Embedder
Davistribe Google Doc Embedder 2.4.3
Davistribe Google Doc Embedder 2.4.2
Davistribe Google Doc Embedder 2.1
Davistribe Google Doc Embedder 2.0
1 EDB exploit
1 Github repository
5
CVSSv2
CVE-2012-6112
classes/GoogleSpell.php in the PHP Spellchecker (aka Google Spellchecker) addon prior to 2.0.6.1 for TinyMCE, as used in Moodle 2.1.x prior to 2.1.10, 2.2.x prior to 2.2.7, 2.3.x prior to 2.3.4, and 2.4.x prior to 2.4.1 and other products, does not properly handle control charact...
Tinymce Spellchecker Php 2.0
Tinymce Spellchecker Php 2.0.2
Tinymce Spellchecker Php 2.0.1
Tinymce Spellchecker Php 2.0.6
Tinymce Spellchecker Php 2.0.3
Moodle Moodle 2.1.0
Moodle Moodle 2.1.4
Moodle Moodle 2.1.7
Moodle Moodle 2.1.8
Moodle Moodle 2.1.9
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.3
Moodle Moodle 2.1.5
Moodle Moodle 2.1.6
Moodle Moodle 2.2.3
Moodle Moodle 2.2.1
Moodle Moodle 2.2.4
Moodle Moodle 2.2.6
Moodle Moodle 2.2.5
Moodle Moodle 2.2.0
Moodle Moodle 2.2.2
5
CVSSv2
CVE-2012-3385
WordPress prior to 3.4.1 does not properly restrict access to post contents such as private or draft posts, which allows remote authors or contributors to obtain sensitive information via unknown vectors.
Wordpress Wordpress 3.3.3
Wordpress Wordpress 3.2
Wordpress Wordpress 3.1.4
Wordpress Wordpress 3.1
Wordpress Wordpress 3.1.3
Wordpress Wordpress 2.9.1.1
Wordpress Wordpress 2.0.11
Wordpress Wordpress 2.5.1
Wordpress Wordpress 2.6.2
Wordpress Wordpress 2.1.3
Wordpress Wordpress 2.6
Wordpress Wordpress 2.3.1
Wordpress Wordpress 2.0
Wordpress Wordpress 2.2.2
Wordpress Wordpress 2.5
Wordpress Wordpress 2.8.3
Wordpress Wordpress 2.7.1
Wordpress Wordpress 2.8.5
Wordpress Wordpress 1.0.2
Wordpress Wordpress 1.2
Wordpress Wordpress 1.0
Wordpress Wordpress 1.0.1
5
CVSSv2
CVE-2011-4957
The make_clickable function in wp-includes/formatting.php in WordPress prior to 3.1.1 does not properly check URLs before passing them to the PCRE library, which allows remote malicious users to cause a denial of service (crash) via a comment with a crafted URL that triggers many...
Wordpress Wordpress 2.2.3
Wordpress Wordpress 2.1.3
Wordpress Wordpress 2.0.8
Wordpress Wordpress 2.8
Wordpress Wordpress 2.1
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.1.2
Wordpress Wordpress 2.7
Wordpress Wordpress 2.2.2
Wordpress Wordpress 2.9.2
Wordpress Wordpress 2.9
Wordpress Wordpress 2.9.1
Wordpress Wordpress 1.2.1
Wordpress Wordpress 1.2.2
Wordpress Wordpress 1.0.2
Wordpress Wordpress 1.2
Wordpress Wordpress 3.0
Wordpress Wordpress 2.0.11
Wordpress Wordpress 2.0.9
Wordpress Wordpress 2.3.1
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.0.5
5
CVSSv2
CVE-2012-2401
Plupload prior to 1.5.4, as used in wp-includes/js/plupload/ in WordPress prior to 3.3.2 and other products, enables scripting regardless of the domain from which the SWF content was loaded, which allows remote malicious users to bypass the Same Origin Policy via crafted content.
Wordpress Wordpress
Wordpress Wordpress 2.0.9
Wordpress Wordpress 2.2
Wordpress Wordpress 2.0
Wordpress Wordpress 2.3.2
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.0.7
Wordpress Wordpress 2.1
Wordpress Wordpress 2.8.1
Wordpress Wordpress 2.8.2
Wordpress Wordpress 2.2.3
Wordpress Wordpress 2.6.2
Wordpress Wordpress 2.3.1
Wordpress Wordpress 1.5.1.2
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.0.4
Wordpress Wordpress 2.7
Wordpress Wordpress 3.0.3
Wordpress Wordpress 2.3.3
Wordpress Wordpress 3.0.5
Wordpress Wordpress 2.2.2
Wordpress Wordpress 3.0.1
5
CVSSv2
CVE-2012-1786
The Media Upload form in the Video Embed & Thumbnail Generator plugin prior to 2.0 for WordPress allows remote malicious users to obtain the installation path via unknown vectors.
Kylegilman Video Embed \\& Thumbnail Generator 1.0.4
Kylegilman Video Embed \\& Thumbnail Generator 1.0.3
Kylegilman Video Embed \\& Thumbnail Generator 1.0.2
Kylegilman Video Embed \\& Thumbnail Generator 1.0.1
Kylegilman Video Embed \\& Thumbnail Generator 1.0.5
Kylegilman Video Embed \\& Thumbnail Generator 0.2
Kylegilman Video Embed \\& Thumbnail Generator
Kylegilman Video Embed \\& Thumbnail Generator 1.0
Kylegilman Video Embed \\& Thumbnail Generator 0.2.1
5
CVSSv2
CVE-2012-0937
wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and previous versions does not limit the number of MySQL queries sent to external MySQL database servers, which allows remote malicious users to use WordPress as a proxy for brute-force attacks or denial o...
Wordpress Wordpress 3.0.5
Wordpress Wordpress 2.0.11
Wordpress Wordpress 2.8.6
Wordpress Wordpress 2.0
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.2.3
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.1
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.8.4
Wordpress Wordpress 2.0.4
Wordpress Wordpress 3.0.2
Wordpress Wordpress 3.2.1
Wordpress Wordpress 0.711
Wordpress Wordpress 3.1.4
Wordpress Wordpress 2.2
Wordpress Wordpress 1.2.1
Wordpress Wordpress 0.7
Wordpress Wordpress 2.1.3
Wordpress Wordpress 3.0
Wordpress Wordpress 2.8
1 EDB exploit
5
CVSSv2
CVE-2011-4898
wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and previous versions generates different error messages for requests lacking a dbname parameter depending on whether the MySQL credentials are valid, which makes it easier for remote malicious users to co...
Wordpress Wordpress 3.0.5
Wordpress Wordpress 2.0.11
Wordpress Wordpress 2.8.6
Wordpress Wordpress 2.0
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.2.3
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.1
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.8.4
Wordpress Wordpress 2.0.4
Wordpress Wordpress 3.0.2
Wordpress Wordpress 3.2.1
Wordpress Wordpress 0.711
Wordpress Wordpress 3.1.4
Wordpress Wordpress 2.2
Wordpress Wordpress 1.2.1
Wordpress Wordpress 0.7
Wordpress Wordpress 2.1.3
Wordpress Wordpress 3.0
Wordpress Wordpress 2.8
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »