Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2017-1002001
Vulnerability in wordpress plugin mobile-app-builder-by-wappress v1.05, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com.
Mobile-app-builder-by-wappress Project Mobile-app-builder-by-wappress 1.05
1 EDB exploit
755
VMScore
CVE-2017-1002002
Vulnerability in wordpress plugin webapp-builder v2.0, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com/
Webapp-builder Project Webapp-builder 2.0
1 EDB exploit
755
VMScore
CVE-2017-1002003
Vulnerability in wordpress plugin wp2android-turn-wp-site-into-android-app v1.1.4, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com.
Wp2android-turn-wp-site-into-android-app Project Wp2android-turn-wp-site-into-android-app 1.1.4
1 EDB exploit
755
VMScore
CVE-2017-1002008
Vulnerability in wordpress plugin membership-simplified-for-oap-members-only v1.58, The file download code located membership-simplified-for-oap-members-only/download.php does not check whether a user is logged in and has download privileges.
Membership Simplified Project Membership Simplified 1.58
1 EDB exploit
755
VMScore
CVE-2015-3313
SQL injection vulnerability in WordPress Community Events plugin prior to 1.4.
Community Events Project Community Events
1 EDB exploit
755
VMScore
CVE-2017-9834
SQL injection vulnerability in the WatuPRO plugin prior to 5.5.3.7 for WordPress allows remote malicious users to execute arbitrary SQL commands via the watupro_questions parameter in a watupro_submit action to wp-admin/admin-ajax.php.
Calendarscripts Watupro
1 EDB exploit
1 Github repository
755
VMScore
CVE-2015-4455
Unrestricted file upload vulnerability in includes/upload.php in the Aviary Image Editor Add-on For Gravity Forms plugin 3.0 beta for WordPress allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct...
Aviary Image Editor Add-on For Gravity Forms Project Aviary Image Editor Add-on For Gravity Forms
1 EDB exploit
755
VMScore
CVE-2017-6095
A SQL injection issue exists in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/lists/csvexport.php (Unauthenticated) with the GET Parameter: list_id.
Mail-masta Project Mail-masta 1.0
1 EDB exploit
755
VMScore
CVE-2015-7235
Multiple SQL injection vulnerabilities in dex_reservations.php in the CP Reservation Calendar plugin prior to 1.1.7 for WordPress allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter in a dex_reservations_calendar_load2 action or (2) dex_item pa...
Cp Reservation Calender Project Cp Reservation Calender
1 EDB exploit
755
VMScore
CVE-2015-6522
SQL injection vulnerability in the WP Symposium plugin prior to 15.8 for WordPress allows remote malicious users to execute arbitrary SQL commands via the size parameter to get_album_item.php.
Wpsymposium Wp Symposium
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »