Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.2.1 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2017-18605
The gravitate-qa-tracker plugin up to and including 1.2.1 for WordPress has PHP Object Injection.
Gravitatedesign Gravitate Qa Tracker
383
VMScore
CVE-2017-18490
The contact-form-multi plugin prior to 1.2.1 for WordPress has multiple XSS issues.
Bestwebsoft Contact Form Multi
383
VMScore
CVE-2015-9417
The testimonial-slider plugin up to and including 1.2.1 for WordPress has CSRF with resultant XSS.
Slidervilla Testimonial Slider
383
VMScore
CVE-2017-18576
The event-notifier plugin prior to 1.2.1 for WordPress has XSS via the loading animation.
Event Notifier Project Event Notifier
NA
CVE-2023-28661
The WP Popup Banners WordPress Plugin, version <= 1.2.5, is affected by an authenticated SQL injection vulnerability in the 'value' parameter in the get_popup_data action.
Accesspressthemes Wp Popup Banners 1.2.3
Accesspressthemes Wp Popup Banners 1.2.4
Accesspressthemes Wp Popup Banners 1.2.2
Accesspressthemes Wp Popup Banners 1.2.1
Accesspressthemes Wp Popup Banners 1.2.0
Accesspressthemes Wp Popup Banners 1.1.9
Accesspressthemes Wp Popup Banners 1.1.8
Accesspressthemes Wp Popup Banners 1.1.7
Accesspressthemes Wp Popup Banners 1.1.6
Accesspressthemes Wp Popup Banners 1.1.5
Accesspressthemes Wp Popup Banners 1.1.4
Accesspressthemes Wp Popup Banners 1.1.3
Accesspressthemes Wp Popup Banners 1.1.2
Accesspressthemes Wp Popup Banners 1.1.1
Accesspressthemes Wp Popup Banners 1.1.0
Accesspressthemes Wp Popup Banners 1.0.9
Accesspressthemes Wp Popup Banners 1.0.8
Accesspressthemes Wp Popup Banners 1.0.7
Accesspressthemes Wp Popup Banners 1.0.6
Accesspressthemes Wp Popup Banners 1.0.5
Accesspressthemes Wp Popup Banners 1.0.4
Accesspressthemes Wp Popup Banners 1.0.3
383
VMScore
CVE-2022-29453
Cross-Site Request Forgery (CSRF) vulnerability in API KEY for Google Maps plugin <= 1.2.1 at WordPress leading to Google Maps API key update.
Ayecode Api Key For Google Maps
NA
CVE-2023-4311
The Vrm 360 3D Model Viewer WordPress plugin up to and including 1.2.1 is vulnerable to arbitrary file upload due to insufficient checks in a plugin shortcode.
Maurice Vrm360
605
VMScore
CVE-2022-1202
The WP-CRM WordPress plugin up to and including 1.2.1 does not validate and sanitise fields when exporting people to a CSV file, leading to a CSV injection vulnerability.
Usabilitydynamics Wp-crm
668
VMScore
CVE-2018-21013
The Swape theme prior to 1.2.1 for WordPress has incorrect access control, as demonstrated by allowing new administrator accounts via vectors involving xmlPath to wp-admin/admin-ajax.php.
Upperthemes Swape
NA
CVE-2023-5177
The Vrm 360 3D Model Viewer WordPress plugin up to and including 1.2.1 exposes the full path of a file when putting in a non-existent file in a parameter of the shortcode.
Maurice Vrm360
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »