Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.2.1 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-9417
The testimonial-slider plugin up to and including 1.2.1 for WordPress has CSRF with resultant XSS.
Slidervilla Testimonial Slider
4.3
CVSSv2
CVE-2017-18490
The contact-form-multi plugin prior to 1.2.1 for WordPress has multiple XSS issues.
Bestwebsoft Contact Form Multi
7.5
CVSSv2
CVE-2017-18605
The gravitate-qa-tracker plugin up to and including 1.2.1 for WordPress has PHP Object Injection.
Gravitatedesign Gravitate Qa Tracker
4.3
CVSSv2
CVE-2017-18576
The event-notifier plugin prior to 1.2.1 for WordPress has XSS via the loading animation.
Event Notifier Project Event Notifier
NA
CVE-2023-28661
The WP Popup Banners WordPress Plugin, version <= 1.2.5, is affected by an authenticated SQL injection vulnerability in the 'value' parameter in the get_popup_data action.
Accesspressthemes Wp Popup Banners 1.2.3
Accesspressthemes Wp Popup Banners 1.2.4
Accesspressthemes Wp Popup Banners 1.2.2
Accesspressthemes Wp Popup Banners 1.2.1
Accesspressthemes Wp Popup Banners 1.2.0
Accesspressthemes Wp Popup Banners 1.1.9
Accesspressthemes Wp Popup Banners 1.1.8
Accesspressthemes Wp Popup Banners 1.1.7
Accesspressthemes Wp Popup Banners 1.1.6
Accesspressthemes Wp Popup Banners 1.1.5
Accesspressthemes Wp Popup Banners 1.1.4
Accesspressthemes Wp Popup Banners 1.1.3
Accesspressthemes Wp Popup Banners 1.1.2
Accesspressthemes Wp Popup Banners 1.1.1
Accesspressthemes Wp Popup Banners 1.1.0
Accesspressthemes Wp Popup Banners 1.0.9
Accesspressthemes Wp Popup Banners 1.0.8
Accesspressthemes Wp Popup Banners 1.0.7
Accesspressthemes Wp Popup Banners 1.0.6
Accesspressthemes Wp Popup Banners 1.0.5
Accesspressthemes Wp Popup Banners 1.0.4
Accesspressthemes Wp Popup Banners 1.0.3
4.3
CVSSv2
CVE-2022-29453
Cross-Site Request Forgery (CSRF) vulnerability in API KEY for Google Maps plugin <= 1.2.1 at WordPress leading to Google Maps API key update.
Ayecode Api Key For Google Maps
NA
CVE-2023-4311
The Vrm 360 3D Model Viewer WordPress plugin up to and including 1.2.1 is vulnerable to arbitrary file upload due to insufficient checks in a plugin shortcode.
Maurice Vrm360
6.8
CVSSv2
CVE-2022-1202
The WP-CRM WordPress plugin up to and including 1.2.1 does not validate and sanitise fields when exporting people to a CSV file, leading to a CSV injection vulnerability.
Usabilitydynamics Wp-crm
7.5
CVSSv2
CVE-2018-21013
The Swape theme prior to 1.2.1 for WordPress has incorrect access control, as demonstrated by allowing new administrator accounts via vectors involving xmlPath to wp-admin/admin-ajax.php.
Upperthemes Swape
NA
CVE-2023-5177
The Vrm 360 3D Model Viewer WordPress plugin up to and including 1.2.1 exposes the full path of a file when putting in a non-existent file in a parameter of the shortcode.
Maurice Vrm360
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »