Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 2.0.6 vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2018-21002
The js-support-ticket plugin prior to 2.0.6 for WordPress has CSRF.
Joomsky Js Help Desk
383
VMScore
CVE-2013-6280
Cross-site scripting (XSS) vulnerability in Social Sharing Toolkit plugin prior to 2.1.2 for WordPress allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Linksalpha Social Sharing Toolkit Plugin
Linksalpha Social Sharing Toolkit Plugin 1.3.1
Linksalpha Social Sharing Toolkit Plugin 1.3.0
Linksalpha Social Sharing Toolkit Plugin 1.2.5
Linksalpha Social Sharing Toolkit Plugin 1.2.0
Linksalpha Social Sharing Toolkit Plugin 1.0.1
Linksalpha Social Sharing Toolkit Plugin 2.0.6
Linksalpha Social Sharing Toolkit Plugin 2.0.5
Linksalpha Social Sharing Toolkit Plugin 2.0.4
Linksalpha Social Sharing Toolkit Plugin 2.0.3
Linksalpha Social Sharing Toolkit Plugin 2.0.9
Linksalpha Social Sharing Toolkit Plugin 2.0.7
Linksalpha Social Sharing Toolkit Plugin 2.0.2
Linksalpha Social Sharing Toolkit Plugin 2.0.0
Linksalpha Social Sharing Toolkit Plugin 1.0.0
Linksalpha Social Sharing Toolkit Plugin 2.1.0
Linksalpha Social Sharing Toolkit Plugin 2.0.8
Linksalpha Social Sharing Toolkit Plugin 2.0.1
Linksalpha Social Sharing Toolkit Plugin 1.3.2
383
VMScore
CVE-2021-26256
Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability discovered in Survey Maker WordPress plugin (versions <= 2.0.6).
Ays-pro Survey Maker
383
VMScore
CVE-2016-10952
The quotes-collection plugin prior to 2.0.6 for WordPress has XSS via the wp-admin/admin.php?page=quotes-collection page parameter.
Quotes Collection Project Quotes Collection
383
VMScore
CVE-2019-14327
A CSRF vulnerability in Settings form in the Custom Simple Rss plugin 2.0.6 for WordPress allows malicious users to change the plugin settings.
Custom Simple Rss Project Custom Simple Rss
NA
CVE-2023-5325
The Woocommerce Vietnam Checkout WordPress plugin prior to 2.0.6 does not escape the custom shipping phone field no the checkout form leading to XSS
Levantoan Woocommerce Vietnam Checkout
445
VMScore
CVE-2014-4942
The EasyCart (wp-easycart) plugin prior to 2.0.6 for WordPress allows remote malicious users to obtain configuration information via a direct request to inc/admin/phpinfo.php, which calls the phpinfo function.
Levelfourdevelopment Wp-easycart 2.0.1
Levelfourdevelopment Wp-easycart 2.0.4
Levelfourdevelopment Wp-easycart 2.0.2
Levelfourdevelopment Wp-easycart
Levelfourdevelopment Wp-easycart 2.0.3
NA
CVE-2023-4490
The WP Job Portal WordPress plugin prior to 2.0.6 does not sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users
Wpjobportal Wp Job Portal
NA
CVE-2023-4970
The PubyDoc WordPress plugin up to and including 2.0.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed
Pubydoc Pubydoc
312
VMScore
CVE-2021-24266
The “The Plus Addons for Elementor Page Builder Lite” WordPress Plugin prior to 2.0.6 has four widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »