Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 2.3.2 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2015-9420
The soundcloud-is-gold plugin prior to 2.3.2 for WordPress has XSS via the wp-admin/admin-ajax.php?action=get_soundcloud_player id parameter.
Mightymess Soundcloud Is Gold
312
VMScore
CVE-2022-29420
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Adam Skaat's Countdown & Clock plugin <= 2.3.2 at WordPress via &ycd-circle-countdown-before-countdown and &ycd-circle-countdown-after-countdown vulnerable parameters.
Edmonsoft Countdown Builder
1 Github repository
383
VMScore
CVE-2021-24832
The WP SEO Redirect 301 WordPress plugin prior to 2.3.2 does not have CSRF in place when deleting redirects, which could allow malicious users to make a logged in admin delete them via a CSRF attack
Wp Seo Redirect 301 Project Wp Seo Redirect 301
383
VMScore
CVE-2021-25077
The Store Toolkit for WooCommerce WordPress plugin prior to 2.3.2 does not sanitise and escape the tab parameter before outputting it back in an admin page in an error message, leading to a Reflected Cross-Site Scripting
Visser Store Toolkit For Woocommerce
312
VMScore
CVE-2022-1208
The Ultimate Member plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Biography field featured on individual user profile pages due to insufficient input sanitization and output escaping that allows users to encode malicious web scripts with HTML encoding ...
Ultimatemember Ultimate Member
NA
CVE-2023-4887
The Google Maps Plugin by Intergeo for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'intergeo' shortcode in versions up to, and including, 2.3.2 due to insufficient input sanitization and output escaping on user supplied attributes. Th...
Themeisle Google Maps Plugin By Intergeo
668
VMScore
CVE-2014-4726
Unspecified vulnerability in the MailPoet Newsletters (wysija-newsletters) plugin prior to 2.6.8 for WordPress has unspecified impact and attack vectors.
Mailpoet Mailpoet Newsletters 2.1.1
Mailpoet Mailpoet Newsletters 2.0.6
Mailpoet Mailpoet Newsletters 1.1.5
Mailpoet Mailpoet Newsletters 2.0
Mailpoet Mailpoet Newsletters 2.6.6
Mailpoet Mailpoet Newsletters 2.1.2
Mailpoet Mailpoet Newsletters 2.6.3
Mailpoet Mailpoet Newsletters 1.0.1
Mailpoet Mailpoet Newsletters 2.5.4
Mailpoet Mailpoet Newsletters 0.9.2
Mailpoet Mailpoet Newsletters 2.3.1
Mailpoet Mailpoet Newsletters 2.4.1
Mailpoet Mailpoet Newsletters 2.3.2
Mailpoet Mailpoet Newsletters 2.6
Mailpoet Mailpoet Newsletters 2.5.9.3
Mailpoet Mailpoet Newsletters 2.0.7
Mailpoet Mailpoet Newsletters 2.0.8
Mailpoet Mailpoet Newsletters 2.0.9
Mailpoet Mailpoet Newsletters 2.4.4
Mailpoet Mailpoet Newsletters 2.6.4
Mailpoet Mailpoet Newsletters 2.5.3
Mailpoet Mailpoet Newsletters 2.3.3
NA
CVE-2024-3206
The Different Menu in Different Pages – Control Menu Visibility (All in One) plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the ajax() function in all versions up to, and including, 2.3.2. This makes it possible for authentica...
NA
CVE-2024-0825
The Vimeography: Vimeo Video Gallery WordPress Plugin plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.3.2 via deserialization of untrusted input via the vimeography_duplicate_gallery_serialized in the duplicate_gallery function. ...
312
VMScore
CVE-2022-29422
Multiple Authenticated (admin+) Persistent Cross-Site Scripting (XSS) vulnerabilities in Adam Skaat's Countdown & Clock plugin <= 2.3.2 at WordPress via &ycd-countdown-width, &ycd-progress-height, &ycd-progress-width, &ycd-button-margin-top, &ycd-b...
Edmonsoft Countdown Builder
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
NEXT »