Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.0 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2013-4692
Xorbin Analog Flash Clock 1.0 extension for Joomia has XSS
Xorbin Analog Flash Clock 1.0
2 EDB exploits
4.3
CVSSv2
CVE-2012-0895
Cross-site scripting (XSS) vulnerability in map/map.php in the Count Per Day module prior to 3.1.1 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the map parameter.
Tom Braider Count Per Day
Tom Braider Count Per Day 1.0
1 EDB exploit
5
CVSSv2
CVE-2018-16299
The Localize My Post plugin 1.0 for WordPress allows Directory Traversal via the ajax/include.php file parameter.
Localize My Post Project Localize My Post 1.0
1 EDB exploit
4.6
CVSSv2
CVE-2019-14467
The Social Photo Gallery plugin 1.0 for WordPress allows Remote Code Execution by creating an album and attaching a malicious PHP file in the cover photo album, because the file extension is not checked.
Infoway Social Photo Gallery 1.0
4.3
CVSSv2
CVE-2012-0901
Cross-site scripting (XSS) vulnerability in yousaytoo.php in YouSayToo auto-publishing plugin 1.0 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the submit parameter.
Attenzione Yousaytoo 1.0
1 EDB exploit
4.3
CVSSv2
CVE-2011-3861
Cross-site scripting (XSS) vulnerability in the Web Minimalist 200901 theme prior to 1.2 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to index.php.
Webminimalist Web Minimalist 200901
Webminimalist Web Minimalist 200901 1.0
1 EDB exploit
6.8
CVSSv2
CVE-2012-1125
Unrestricted file upload vulnerability in uploadify/scripts/uploadify.php in the Kish Guest Posting plugin prior to 1.2 for WordPress allows remote malicious users to execute arbitrary code by uploading a file with a PHP extension, then accessing it via a direct request to the fi...
Kishore Asokan Kish Guest Posting Plugin
Kishore Asokan Kish Guest Posting Plugin 1.0
1 EDB exploit
4.3
CVSSv2
CVE-2011-5179
Cross-site scripting (XSS) vulnerability in skysa-official/skysa.php in Skysa App Bar Integration plugin, possibly prior to 1.04, for WordPress allows remote malicious users to inject arbitrary web script or HTML via the submit parameter.
Skysa Skysa App Bar Integration Plugin
Skysa Skysa App Bar Integration Plugin 1.02
Skysa Skysa App Bar Integration Plugin 1.01
Skysa Skysa App Bar Integration Plugin 1.0
1 EDB exploit
5
CVSSv2
CVE-2012-0896
Absolute path traversal vulnerability in download.php in the Count Per Day module prior to 3.1.1 for WordPress allows remote malicious users to read arbitrary files via the f parameter.
Count Per Day Project Count Per Day 2.16
Count Per Day Project Count Per Day 2.15.1
Count Per Day Project Count Per Day 2.15
Count Per Day Project Count Per Day 2.2
Tom Braider Count Per Day
Tom Braider Count Per Day 1.0
1 EDB exploit
4.3
CVSSv2
CVE-2011-3856
Cross-site scripting (XSS) vulnerability in the Elegant Grunge theme prior to 1.0.4 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the s parameter.
Atastypixel Elegant Grunge
Atastypixel Elegant Grunge 0.1
Atastypixel Elegant Grunge 0.2
Atastypixel Elegant Grunge 0.2.1
Atastypixel Elegant Grunge 0.2.2
Atastypixel Elegant Grunge 0.3
Atastypixel Elegant Grunge 0.4.1
Atastypixel Elegant Grunge 0.4.2
Atastypixel Elegant Grunge 0.4.3
Atastypixel Elegant Grunge 0.4.4
Atastypixel Elegant Grunge 0.4.5
Atastypixel Elegant Grunge 1.0
Atastypixel Elegant Grunge 1.0.1
Atastypixel Elegant Grunge 1.0.2
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »