Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-0895
Cross-site scripting (XSS) vulnerability in map/map.php in the Count Per Day module prior to 3.1.1 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the map parameter.
Tom Braider Count Per Day
Tom Braider Count Per Day 1.0
1 EDB exploit
6.1
CVSSv3
CVE-2013-4692
Xorbin Analog Flash Clock 1.0 extension for Joomia has XSS
Xorbin Analog Flash Clock 1.0
2 EDB exploits
7.5
CVSSv3
CVE-2018-16299
The Localize My Post plugin 1.0 for WordPress allows Directory Traversal via the ajax/include.php file parameter.
Localize My Post Project Localize My Post 1.0
1 EDB exploit
7.8
CVSSv3
CVE-2019-14467
The Social Photo Gallery plugin 1.0 for WordPress allows Remote Code Execution by creating an album and attaching a malicious PHP file in the cover photo album, because the file extension is not checked.
Infoway Social Photo Gallery 1.0
NA
CVE-2012-0901
Cross-site scripting (XSS) vulnerability in yousaytoo.php in YouSayToo auto-publishing plugin 1.0 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the submit parameter.
Attenzione Yousaytoo 1.0
1 EDB exploit
NA
CVE-2011-3861
Cross-site scripting (XSS) vulnerability in the Web Minimalist 200901 theme prior to 1.2 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to index.php.
Webminimalist Web Minimalist 200901
Webminimalist Web Minimalist 200901 1.0
1 EDB exploit
NA
CVE-2012-1125
Unrestricted file upload vulnerability in uploadify/scripts/uploadify.php in the Kish Guest Posting plugin prior to 1.2 for WordPress allows remote malicious users to execute arbitrary code by uploading a file with a PHP extension, then accessing it via a direct request to the fi...
Kishore Asokan Kish Guest Posting Plugin
Kishore Asokan Kish Guest Posting Plugin 1.0
1 EDB exploit
NA
CVE-2011-5179
Cross-site scripting (XSS) vulnerability in skysa-official/skysa.php in Skysa App Bar Integration plugin, possibly prior to 1.04, for WordPress allows remote malicious users to inject arbitrary web script or HTML via the submit parameter.
Skysa Skysa App Bar Integration Plugin
Skysa Skysa App Bar Integration Plugin 1.02
Skysa Skysa App Bar Integration Plugin 1.01
Skysa Skysa App Bar Integration Plugin 1.0
1 EDB exploit
NA
CVE-2012-0896
Absolute path traversal vulnerability in download.php in the Count Per Day module prior to 3.1.1 for WordPress allows remote malicious users to read arbitrary files via the f parameter.
Count Per Day Project Count Per Day 2.16
Count Per Day Project Count Per Day 2.15.1
Count Per Day Project Count Per Day 2.15
Count Per Day Project Count Per Day 2.2
Tom Braider Count Per Day
Tom Braider Count Per Day 1.0
1 EDB exploit
NA
CVE-2011-3856
Cross-site scripting (XSS) vulnerability in the Elegant Grunge theme prior to 1.0.4 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the s parameter.
Atastypixel Elegant Grunge
Atastypixel Elegant Grunge 0.1
Atastypixel Elegant Grunge 0.2
Atastypixel Elegant Grunge 0.2.1
Atastypixel Elegant Grunge 0.2.2
Atastypixel Elegant Grunge 0.3
Atastypixel Elegant Grunge 0.4.1
Atastypixel Elegant Grunge 0.4.2
Atastypixel Elegant Grunge 0.4.3
Atastypixel Elegant Grunge 0.4.4
Atastypixel Elegant Grunge 0.4.5
Atastypixel Elegant Grunge 1.0
Atastypixel Elegant Grunge 1.0.1
Atastypixel Elegant Grunge 1.0.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »