Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 2.0.4 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2012-1068
Cross-site scripting (XSS) vulnerability in the rc_ajax function in core.php in the WP-RecentComments plugin prior to 2.0.7 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the page parameter, related to AJAX paging.
Mg12 Wp-recentcomments 2.0.4
Mg12 Wp-recentcomments 2.0.3
Mg12 Wp-recentcomments 2.0.6
Mg12 Wp-recentcomments 2.0.5
Mg12 Wp-recentcomments 1.8.1
Mg12 Wp-recentcomments 1.8
Mg12 Wp-recentcomments 2.0.2
Mg12 Wp-recentcomments 2.0.1
Mg12 Wp-recentcomments
Mg12 Wp-recentcomments 2.0
Mg12 Wp-recentcomments 1.8.2
755
VMScore
CVE-2014-4725
The MailPoet Newsletters (wysija-newsletters) plugin prior to 2.6.7 for WordPress allows remote malicious users to bypass authentication and execute arbitrary PHP code by uploading a crafted theme using wp-admin/admin-post.php and accessing the theme in wp-content/uploads/wysija/...
Mailpoet Mailpoet Newsletters 2.6.4
Mailpoet Mailpoet Newsletters 2.6.3
Mailpoet Mailpoet Newsletters 2.6.2
Mailpoet Mailpoet Newsletters 2.6.1
Mailpoet Mailpoet Newsletters 2.5.1
Mailpoet Mailpoet Newsletters 2.5
Mailpoet Mailpoet Newsletters 2.4.4
Mailpoet Mailpoet Newsletters 2.4.3
Mailpoet Mailpoet Newsletters 2.2
Mailpoet Mailpoet Newsletters 2.1.9
Mailpoet Mailpoet Newsletters 2.1.8
Mailpoet Mailpoet Newsletters 2.1.7
Mailpoet Mailpoet Newsletters 2.1.6
Mailpoet Mailpoet Newsletters 2.0.4
Mailpoet Mailpoet Newsletters
Mailpoet Mailpoet Newsletters 2.6
Mailpoet Mailpoet Newsletters 2.5.9.3
Mailpoet Mailpoet Newsletters 2.5.7
Mailpoet Mailpoet Newsletters 2.5.4
Mailpoet Mailpoet Newsletters 2.5.2
Mailpoet Mailpoet Newsletters 2.4.2
Mailpoet Mailpoet Newsletters 2.4
1 EDB exploit
383
VMScore
CVE-2014-3841
Cross-site scripting (XSS) vulnerability in the Contact Bank plugin prior to 2.0.20 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the Label field, related to form layout configuration. NOTE: some of these details are obtained from third pa...
Tech-banker Contact Bank 2.0.16
Tech-banker Contact Bank 2.0.14
Tech-banker Contact Bank 2.0.7
Tech-banker Contact Bank
Tech-banker Contact Bank 2.0.18
Tech-banker Contact Bank 2.0.4
Tech-banker Contact Bank 2.0.3
Tech-banker Contact Bank 2.0.2
Tech-banker Contact Bank 2.0.1
Tech-banker Contact Bank 2.0.12
Tech-banker Contact Bank 2.0.11
Tech-banker Contact Bank 2.0.10
Tech-banker Contact Bank 2.0.9
Tech-banker Contact Bank 2.0.17
Tech-banker Contact Bank 2.0.15
Tech-banker Contact Bank 2.0.13
Tech-banker Contact Bank 2.0.8
Tech-banker Contact Bank 2.0.6
Tech-banker Contact Bank 2.0.5
Tech-banker Contact Bank 2.0.0
383
VMScore
CVE-2018-20965
The ultimate-member plugin prior to 2.0.4 for WordPress has XSS.
Ultimatemember Ultimate Member
312
VMScore
CVE-2021-36848
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Social Media Feather (WordPress plugin) versions <= 2.0.4
Sharethis Social Media Feather
312
VMScore
CVE-2020-20626
lara-google-analytics.php in Lara Google Analytics plugin up to and including 2.0.4 for WordPress allows authenticated stored XSS.
Lara\\'s Google Analytics Project Lara\\'s Google Analytics
445
VMScore
CVE-2022-23982
The vulnerability discovered in WordPress Perfect Brands for WooCommerce plugin (versions <= 2.0.4) allows server information exposure.
Quadlayers Perfect Brands For Woocommerce
356
VMScore
CVE-2022-23981
The vulnerability allows Subscriber+ level users to create brands in WordPress Perfect Brands for WooCommerce plugin (versions <= 2.0.4).
Quadlayers Perfect Brands For Woocommerce
383
VMScore
CVE-2013-6280
Cross-site scripting (XSS) vulnerability in Social Sharing Toolkit plugin prior to 2.1.2 for WordPress allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Linksalpha Social Sharing Toolkit Plugin
Linksalpha Social Sharing Toolkit Plugin 1.3.1
Linksalpha Social Sharing Toolkit Plugin 1.3.0
Linksalpha Social Sharing Toolkit Plugin 1.2.5
Linksalpha Social Sharing Toolkit Plugin 1.2.0
Linksalpha Social Sharing Toolkit Plugin 1.0.1
Linksalpha Social Sharing Toolkit Plugin 2.0.6
Linksalpha Social Sharing Toolkit Plugin 2.0.5
Linksalpha Social Sharing Toolkit Plugin 2.0.4
Linksalpha Social Sharing Toolkit Plugin 2.0.3
Linksalpha Social Sharing Toolkit Plugin 2.0.9
Linksalpha Social Sharing Toolkit Plugin 2.0.7
Linksalpha Social Sharing Toolkit Plugin 2.0.2
Linksalpha Social Sharing Toolkit Plugin 2.0.0
Linksalpha Social Sharing Toolkit Plugin 1.0.0
Linksalpha Social Sharing Toolkit Plugin 2.1.0
Linksalpha Social Sharing Toolkit Plugin 2.0.8
Linksalpha Social Sharing Toolkit Plugin 2.0.1
Linksalpha Social Sharing Toolkit Plugin 1.3.2
356
VMScore
CVE-2018-0587
Unrestricted file upload vulnerability in Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote authenticated users to upload arbitrary image files via unspecified vectors.
Ultimatemember User Profile \\& Membership
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36920
buffer overflow
CVE-2024-36913
CVE-2024-5497
CVE-2024-23917
CVE-2024-4956
server-side request forgery
CVE-2024-35468
SSTI
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »