Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.2.2 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-9391
The yawpp plugin up to and including 1.2.2 for WordPress has XSS via the field1 parameter.
Ostenta Yawpp
4.3
CVSSv2
CVE-2021-24372
The WP Hardening – Fix Your WordPress Security WordPress plugin prior to 1.2.2 did not sanitise or escape the $_SERVER['REQUEST_URI'] before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue.
Getastra Wp Hardening
4.3
CVSSv2
CVE-2012-6718
The sharebar plugin prior to 1.2.2 for WordPress has XSS, a different issue than CVE-2013-3491.
Sharebar Project Sharebar
4.3
CVSSv2
CVE-2021-24373
The WP Hardening – Fix Your WordPress Security WordPress plugin prior to 1.2.2 did not sanitise or escape the historyvalue GET parameter before outputting it in a Javascript block, leading to a reflected Cross-Site Scripting issue.
Getastra Wp Hardening
NA
CVE-2023-28661
The WP Popup Banners WordPress Plugin, version <= 1.2.5, is affected by an authenticated SQL injection vulnerability in the 'value' parameter in the get_popup_data action.
Accesspressthemes Wp Popup Banners 1.2.3
Accesspressthemes Wp Popup Banners 1.2.4
Accesspressthemes Wp Popup Banners 1.2.2
Accesspressthemes Wp Popup Banners 1.2.1
Accesspressthemes Wp Popup Banners 1.2.0
Accesspressthemes Wp Popup Banners 1.1.9
Accesspressthemes Wp Popup Banners 1.1.8
Accesspressthemes Wp Popup Banners 1.1.7
Accesspressthemes Wp Popup Banners 1.1.6
Accesspressthemes Wp Popup Banners 1.1.5
Accesspressthemes Wp Popup Banners 1.1.4
Accesspressthemes Wp Popup Banners 1.1.3
Accesspressthemes Wp Popup Banners 1.1.2
Accesspressthemes Wp Popup Banners 1.1.1
Accesspressthemes Wp Popup Banners 1.1.0
Accesspressthemes Wp Popup Banners 1.0.9
Accesspressthemes Wp Popup Banners 1.0.8
Accesspressthemes Wp Popup Banners 1.0.7
Accesspressthemes Wp Popup Banners 1.0.6
Accesspressthemes Wp Popup Banners 1.0.5
Accesspressthemes Wp Popup Banners 1.0.4
Accesspressthemes Wp Popup Banners 1.0.3
6.5
CVSSv2
CVE-2018-5374
The Dbox 3D Slider Lite plugin up to and including 1.2.2 for WordPress has SQL Injection via settings\sliders.php (current_slider_id parameter).
Slidervilla Dbox Slider
3.5
CVSSv2
CVE-2022-27845
Authenticated (admin or higher user role) Stored Cross-Site Scripting (XSS) in PlausibleHQ Plausible Analytics (WordPress plugin) <= 1.2.2
Plausible Plausible Analytics
NA
CVE-2023-2362
The Float menu WordPress plugin prior to 5.0.2, Bubble Menu WordPress plugin prior to 3.0.4, Button Generator WordPress plugin prior to 2.3.5, Calculator Builder WordPress plugin prior to 1.5.1, Counter Box WordPress plugin prior to 1.2.2, Floating Button WordPress plugin prior t...
Wow-company Button Generator
Wow-company Bubble Menu
Wow-company Float Menu
Wow-company Wp Coder
Wow-company Wow Skype Buttons
Wow-company Sticky Buttons
Wow-company Side Menu Lite
Wow-company Herd Effects
Wow-company Floating Button
Wow-company Counter Box
Wow-company Calculator-builder
Wow-company Popup Box
4.3
CVSSv2
CVE-2019-20210
The CTHthemes CityBook prior to 2.3.4, TownHub prior to 1.0.6, and EasyBook prior to 1.2.2 themes for WordPress allow Reflected XSS via a search query.
Cththemes Citybook
Cththemes Easybook
Cththemes Townhub
4.3
CVSSv2
CVE-2019-20212
The CTHthemes CityBook prior to 2.3.4, TownHub prior to 1.0.6, and EasyBook prior to 1.2.2 themes for WordPress allow Persistent XSS via the chat widget/page message form.
Cththemes Citybook
Cththemes Easybook
Cththemes Townhub
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »