Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 2.0.6 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2018-21002
The js-support-ticket plugin prior to 2.0.6 for WordPress has CSRF.
Joomsky Js Help Desk
4.3
CVSSv2
CVE-2013-6280
Cross-site scripting (XSS) vulnerability in Social Sharing Toolkit plugin prior to 2.1.2 for WordPress allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Linksalpha Social Sharing Toolkit Plugin
Linksalpha Social Sharing Toolkit Plugin 1.3.1
Linksalpha Social Sharing Toolkit Plugin 1.3.0
Linksalpha Social Sharing Toolkit Plugin 1.2.5
Linksalpha Social Sharing Toolkit Plugin 1.2.0
Linksalpha Social Sharing Toolkit Plugin 1.0.1
Linksalpha Social Sharing Toolkit Plugin 2.0.6
Linksalpha Social Sharing Toolkit Plugin 2.0.5
Linksalpha Social Sharing Toolkit Plugin 2.0.4
Linksalpha Social Sharing Toolkit Plugin 2.0.3
Linksalpha Social Sharing Toolkit Plugin 2.0.9
Linksalpha Social Sharing Toolkit Plugin 2.0.7
Linksalpha Social Sharing Toolkit Plugin 2.0.2
Linksalpha Social Sharing Toolkit Plugin 2.0.0
Linksalpha Social Sharing Toolkit Plugin 1.0.0
Linksalpha Social Sharing Toolkit Plugin 2.1.0
Linksalpha Social Sharing Toolkit Plugin 2.0.8
Linksalpha Social Sharing Toolkit Plugin 2.0.1
Linksalpha Social Sharing Toolkit Plugin 1.3.2
4.3
CVSSv2
CVE-2021-26256
Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability discovered in Survey Maker WordPress plugin (versions <= 2.0.6).
Ays-pro Survey Maker
4.3
CVSSv2
CVE-2016-10952
The quotes-collection plugin prior to 2.0.6 for WordPress has XSS via the wp-admin/admin.php?page=quotes-collection page parameter.
Quotes Collection Project Quotes Collection
4.3
CVSSv2
CVE-2019-14327
A CSRF vulnerability in Settings form in the Custom Simple Rss plugin 2.0.6 for WordPress allows malicious users to change the plugin settings.
Custom Simple Rss Project Custom Simple Rss
NA
CVE-2023-5325
The Woocommerce Vietnam Checkout WordPress plugin prior to 2.0.6 does not escape the custom shipping phone field no the checkout form leading to XSS
Levantoan Woocommerce Vietnam Checkout
5
CVSSv2
CVE-2014-4942
The EasyCart (wp-easycart) plugin prior to 2.0.6 for WordPress allows remote malicious users to obtain configuration information via a direct request to inc/admin/phpinfo.php, which calls the phpinfo function.
Levelfourdevelopment Wp-easycart 2.0.1
Levelfourdevelopment Wp-easycart 2.0.4
Levelfourdevelopment Wp-easycart 2.0.2
Levelfourdevelopment Wp-easycart
Levelfourdevelopment Wp-easycart 2.0.3
NA
CVE-2023-4490
The WP Job Portal WordPress plugin prior to 2.0.6 does not sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users
Wpjobportal Wp Job Portal
NA
CVE-2023-4970
The PubyDoc WordPress plugin up to and including 2.0.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed
Pubydoc Pubydoc
3.5
CVSSv2
CVE-2021-24266
The “The Plus Addons for Elementor Page Builder Lite” WordPress Plugin prior to 2.0.6 has four widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »