Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 2.0.4 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2012-1068
Cross-site scripting (XSS) vulnerability in the rc_ajax function in core.php in the WP-RecentComments plugin prior to 2.0.7 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the page parameter, related to AJAX paging.
Mg12 Wp-recentcomments 2.0.4
Mg12 Wp-recentcomments 2.0.3
Mg12 Wp-recentcomments 2.0.6
Mg12 Wp-recentcomments 2.0.5
Mg12 Wp-recentcomments 1.8.1
Mg12 Wp-recentcomments 1.8
Mg12 Wp-recentcomments 2.0.2
Mg12 Wp-recentcomments 2.0.1
Mg12 Wp-recentcomments
Mg12 Wp-recentcomments 2.0
Mg12 Wp-recentcomments 1.8.2
7.5
CVSSv2
CVE-2014-4725
The MailPoet Newsletters (wysija-newsletters) plugin prior to 2.6.7 for WordPress allows remote malicious users to bypass authentication and execute arbitrary PHP code by uploading a crafted theme using wp-admin/admin-post.php and accessing the theme in wp-content/uploads/wysija/...
Mailpoet Mailpoet Newsletters 2.6.4
Mailpoet Mailpoet Newsletters 2.6.3
Mailpoet Mailpoet Newsletters 2.6.2
Mailpoet Mailpoet Newsletters 2.6.1
Mailpoet Mailpoet Newsletters 2.5.1
Mailpoet Mailpoet Newsletters 2.5
Mailpoet Mailpoet Newsletters 2.4.4
Mailpoet Mailpoet Newsletters 2.4.3
Mailpoet Mailpoet Newsletters 2.2
Mailpoet Mailpoet Newsletters 2.1.9
Mailpoet Mailpoet Newsletters 2.1.8
Mailpoet Mailpoet Newsletters 2.1.7
Mailpoet Mailpoet Newsletters 2.1.6
Mailpoet Mailpoet Newsletters 2.0.4
Mailpoet Mailpoet Newsletters
Mailpoet Mailpoet Newsletters 2.6
Mailpoet Mailpoet Newsletters 2.5.9.3
Mailpoet Mailpoet Newsletters 2.5.7
Mailpoet Mailpoet Newsletters 2.5.4
Mailpoet Mailpoet Newsletters 2.5.2
Mailpoet Mailpoet Newsletters 2.4.2
Mailpoet Mailpoet Newsletters 2.4
1 EDB exploit
4.3
CVSSv2
CVE-2014-3841
Cross-site scripting (XSS) vulnerability in the Contact Bank plugin prior to 2.0.20 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the Label field, related to form layout configuration. NOTE: some of these details are obtained from third pa...
Tech-banker Contact Bank 2.0.16
Tech-banker Contact Bank 2.0.14
Tech-banker Contact Bank 2.0.7
Tech-banker Contact Bank
Tech-banker Contact Bank 2.0.18
Tech-banker Contact Bank 2.0.4
Tech-banker Contact Bank 2.0.3
Tech-banker Contact Bank 2.0.2
Tech-banker Contact Bank 2.0.1
Tech-banker Contact Bank 2.0.12
Tech-banker Contact Bank 2.0.11
Tech-banker Contact Bank 2.0.10
Tech-banker Contact Bank 2.0.9
Tech-banker Contact Bank 2.0.17
Tech-banker Contact Bank 2.0.15
Tech-banker Contact Bank 2.0.13
Tech-banker Contact Bank 2.0.8
Tech-banker Contact Bank 2.0.6
Tech-banker Contact Bank 2.0.5
Tech-banker Contact Bank 2.0.0
4.3
CVSSv2
CVE-2018-20965
The ultimate-member plugin prior to 2.0.4 for WordPress has XSS.
Ultimatemember Ultimate Member
3.5
CVSSv2
CVE-2020-20626
lara-google-analytics.php in Lara Google Analytics plugin up to and including 2.0.4 for WordPress allows authenticated stored XSS.
Lara\\'s Google Analytics Project Lara\\'s Google Analytics
5
CVSSv2
CVE-2022-23982
The vulnerability discovered in WordPress Perfect Brands for WooCommerce plugin (versions <= 2.0.4) allows server information exposure.
Quadlayers Perfect Brands For Woocommerce
3.5
CVSSv2
CVE-2021-36848
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Social Media Feather (WordPress plugin) versions <= 2.0.4
Sharethis Social Media Feather
4
CVSSv2
CVE-2022-23981
The vulnerability allows Subscriber+ level users to create brands in WordPress Perfect Brands for WooCommerce plugin (versions <= 2.0.4).
Quadlayers Perfect Brands For Woocommerce
4.3
CVSSv2
CVE-2013-6280
Cross-site scripting (XSS) vulnerability in Social Sharing Toolkit plugin prior to 2.1.2 for WordPress allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Linksalpha Social Sharing Toolkit Plugin
Linksalpha Social Sharing Toolkit Plugin 1.3.1
Linksalpha Social Sharing Toolkit Plugin 1.3.0
Linksalpha Social Sharing Toolkit Plugin 1.2.5
Linksalpha Social Sharing Toolkit Plugin 1.2.0
Linksalpha Social Sharing Toolkit Plugin 1.0.1
Linksalpha Social Sharing Toolkit Plugin 2.0.6
Linksalpha Social Sharing Toolkit Plugin 2.0.5
Linksalpha Social Sharing Toolkit Plugin 2.0.4
Linksalpha Social Sharing Toolkit Plugin 2.0.3
Linksalpha Social Sharing Toolkit Plugin 2.0.9
Linksalpha Social Sharing Toolkit Plugin 2.0.7
Linksalpha Social Sharing Toolkit Plugin 2.0.2
Linksalpha Social Sharing Toolkit Plugin 2.0.0
Linksalpha Social Sharing Toolkit Plugin 1.0.0
Linksalpha Social Sharing Toolkit Plugin 2.1.0
Linksalpha Social Sharing Toolkit Plugin 2.0.8
Linksalpha Social Sharing Toolkit Plugin 2.0.1
Linksalpha Social Sharing Toolkit Plugin 1.3.2
4
CVSSv2
CVE-2018-0587
Unrestricted file upload vulnerability in Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote authenticated users to upload arbitrary image files via unspecified vectors.
Ultimatemember User Profile \\& Membership
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »