Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.3.2 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2013-0731
ajax.functions.php in the MailUp plugin prior to 1.3.3 for WordPress does not properly restrict access to unspecified Ajax functions, which allows remote malicious users to modify plugin settings and conduct cross-site scripting (XSS) attacks by setting the wordpress_logged_in co...
Mailup Wp-mailup 1.1.3
Mailup Wp-mailup 1.1.2
Mailup Wp-mailup 1.1.1
Mailup Wp-mailup 1.1.0
Mailup Wp-mailup 1.21
Mailup Wp-mailup 1.2
Mailup Wp-mailup 1.3.1
Mailup Wp-mailup 1.3
Mailup Wp-mailup 1.0.0
Mailup Wp-mailup
NA
CVE-2024-1069
The Contact Form Entries plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'view_page' function in versions up to, and including, 1.3.2. This makes it possible for authenticated attackers with administrator-level cap...
Crmperks Database For Contact Form 7\\, Wpforms\\, Elementor Forms
3.5
CVSSv2
CVE-2013-3720
Cross-site scripting (XSS) vulnerability in widget_remove.php in the Feedweb plugin prior to 1.9 for WordPress allows remote authenticated administrators to inject arbitrary web script or HTML via the wp_post_id parameter.
Feedweb Feedweb 1.3.7
Feedweb Feedweb 1.3.6
Feedweb Feedweb 1.3.5
Feedweb Feedweb 1.3.4
Feedweb Feedweb 1.5.11
Feedweb Feedweb 1.5.12
Feedweb Feedweb 1.5.1
Feedweb Feedweb 1.5.10
Feedweb Feedweb 1.7
Feedweb Feedweb 1.7.3
Feedweb Feedweb 1.7.2
Feedweb Feedweb 1.8.7
Feedweb Feedweb 1.3.14
Feedweb Feedweb 1.3.13
Feedweb Feedweb 1.2.6
Feedweb Feedweb 1.2.5
Feedweb Feedweb 1.2.4
Feedweb Feedweb 1.2.11
Feedweb Feedweb 1.0.7
Feedweb Feedweb 1.0.8
Feedweb Feedweb 1.0.5
Feedweb Feedweb
NA
CVE-2024-2348
The Gum Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Post Meta widget in all versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subs...
NA
CVE-2022-4208
The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'datef' parameter on the 'chainedquiz_list' page in versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it pos...
Kibokolabs Chained Quiz
NA
CVE-2022-4209
The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'pointsf' parameter on the 'chainedquiz_list' page in versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it p...
Kibokolabs Chained Quiz
NA
CVE-2022-4210
The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'dnf' parameter on the 'chainedquiz_list' page in versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possi...
Kibokolabs Chained Quiz
NA
CVE-2022-4211
The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'emailf' parameter on the 'chainedquiz_list' page in versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it po...
Kibokolabs Chained Quiz
NA
CVE-2022-4212
The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'ipf' parameter on the 'chainedquiz_list' page in versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possi...
Kibokolabs Chained Quiz
6.5
CVSSv2
CVE-2021-39317
A WordPress plugin and several WordPress themes developed by AccessPress Themes are vulnerable to malicious file uploads via the plugin_offline_installer AJAX action due to a missing capability check in the plugin_offline_installer_callback function found in the /demo-functions.p...
Accesspressthemes Access Demo Importer
Accesspressthemes Eightstore-lite
Accesspressthemes Enlighten
Accesspressthemes Fotography
Accesspressthemes Opstore
Accesspressthemes Parallaxsome
Accesspressthemes Punte
Accesspressthemes Revolve
Accesspressthemes Ripple
Accesspressthemes Sakala
Accesspressthemes Scrollme
Accesspressthemes Storevilla
Accesspressthemes Swing-lite
Accesspressthemes The100
Accesspressthemes Accesspress-lite
Accesspressthemes The-launcher
Accesspressthemes The-monday
Accesspressthemes Ultra-seven
Accesspressthemes Uncode-lite
Accesspressthemes Vmag
Accesspressthemes Vmagazine-lite
Accesspressthemes Vmagazine-news
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
NEXT »