Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.0.2 vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2022-40209
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Xylus Themes WP Smart Import plugin <= 1.0.2 on WordPress.
Xylusthemes Wp Smart Import
6.1
CVSSv3
CVE-2023-2813
All of the above Aapna WordPress theme up to and including 1.3, Anand WordPress theme up to and including 1.2, Anfaust WordPress theme up to and including 1.1, Arendelle WordPress theme prior to 1.1.13, Atlast Business WordPress theme up to and including 1.5.8.5, Bazaar Lite Word...
Saumendra Aapna
Saumendra Anand
Thewebhunter Anfaust
Deothemes Arendelle
Archimidismertzanos Atlast Business
Themeinprogress Bazaar Lite
Arthousewebdesign Brain Power
Yws Bunnypress Lite
Ayecode Cafe Bistro
Ayecode College
Omarfolgheraiter Digitally
Henleythemes Counterpoint
Ajaydsouza Connections Reloaded
Competethemes Drop
Ayecode Directory
Deothemes Everse
Archimidismertzanos Fashionable Store
Marchettidesign Fullbase
Dotecsa Ilex
Jinwen Js O3 Lite
Climaxthemes Kata
Jinwen Js Paper
8.8
CVSSv3
CVE-2023-28661
The WP Popup Banners WordPress Plugin, version <= 1.2.5, is affected by an authenticated SQL injection vulnerability in the 'value' parameter in the get_popup_data action.
Accesspressthemes Wp Popup Banners 1.2.3
Accesspressthemes Wp Popup Banners 1.2.4
Accesspressthemes Wp Popup Banners 1.2.2
Accesspressthemes Wp Popup Banners 1.2.1
Accesspressthemes Wp Popup Banners 1.2.0
Accesspressthemes Wp Popup Banners 1.1.9
Accesspressthemes Wp Popup Banners 1.1.8
Accesspressthemes Wp Popup Banners 1.1.7
Accesspressthemes Wp Popup Banners 1.1.6
Accesspressthemes Wp Popup Banners 1.1.5
Accesspressthemes Wp Popup Banners 1.1.4
Accesspressthemes Wp Popup Banners 1.1.3
Accesspressthemes Wp Popup Banners 1.1.2
Accesspressthemes Wp Popup Banners 1.1.1
Accesspressthemes Wp Popup Banners 1.1.0
Accesspressthemes Wp Popup Banners 1.0.9
Accesspressthemes Wp Popup Banners 1.0.8
Accesspressthemes Wp Popup Banners 1.0.7
Accesspressthemes Wp Popup Banners 1.0.6
Accesspressthemes Wp Popup Banners 1.0.5
Accesspressthemes Wp Popup Banners 1.0.4
Accesspressthemes Wp Popup Banners 1.0.3
8.8
CVSSv3
CVE-2020-6849
The marketo-forms-and-tracking plugin up to and including 1.0.2 for WordPress allows wp-admin/admin.php?page=marketo_fat CSRF with resultant XSS.
Hutchhouse Marketo Forms And Tracking
7.2
CVSSv3
CVE-2023-3664
The FileOrganizer WordPress plugin up to and including 1.0.2 does not restrict functionality on multisite instances, allowing site admins to gain full control over the server.
Fileorganizer Fileorganizer
NA
CVE-2014-4564
Cross-site scripting (XSS) vulnerability in check.php in the Validated plugin 1.0.2 and previous versions for WordPress allows remote malicious users to inject arbitrary web script or HTML via the slug parameter.
Validated Plugin Project Validated Plugin
6.1
CVSSv3
CVE-2022-1673
The WooCommerce Green Wallet Gateway WordPress plugin prior to 1.0.2 does not escape the error_envision query parameter before outputting it to the page, leading to a Reflected Cross-Site Scripting vulnerability.
Greenwallet Woocommerce Green Wallet Gateway
5.4
CVSSv3
CVE-2023-0175
The Responsive Clients Logo Gallery Plugin for WordPress plugin up to and including 1.1.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and a...
Accesspressthemes Smart Logo Showcase Lite 1.1.7
Accesspressthemes Smart Logo Showcase Lite 1.1.9
Accesspressthemes Smart Logo Showcase Lite 1.1.8
Accesspressthemes Smart Logo Showcase Lite 1.1.6
Accesspressthemes Smart Logo Showcase Lite 1.1.5
Accesspressthemes Smart Logo Showcase Lite 1.1.4
Accesspressthemes Smart Logo Showcase Lite 1.1.3
Accesspressthemes Smart Logo Showcase Lite 1.1.2
Accesspressthemes Smart Logo Showcase Lite 1.1.1
Accesspressthemes Smart Logo Showcase Lite 1.1.0
Accesspressthemes Smart Logo Showcase Lite 1.0.9
Accesspressthemes Smart Logo Showcase Lite 1.0.8
Accesspressthemes Smart Logo Showcase Lite 1.0.7
Accesspressthemes Smart Logo Showcase Lite 1.0.6
Accesspressthemes Smart Logo Showcase Lite 1.0.5
Accesspressthemes Smart Logo Showcase Lite 1.0.4
Accesspressthemes Smart Logo Showcase Lite 1.0.3
Accesspressthemes Smart Logo Showcase Lite 1.0.2
Accesspressthemes Smart Logo Showcase Lite 1.0.1
Accesspressthemes Smart Logo Showcase Lite 1.0.0
5.4
CVSSv3
CVE-2023-0589
The WP Image Carousel WordPress plugin up to and including 1.0.2 does not sanitise and escape some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks.
Wp Image Carousel Project Wp Image Carousel
NA
CVE-2012-6627
Cross-site scripting (XSS) vulnerability in admin/test_mail.php in the Newsletter Manager plugin 1.0.2 and previous versions for WordPress allows remote malicious users to inject arbitrary web script or HTML via the id parameter.
Xyzscripts Newsletter Manager
Xyzscripts Newsletter Manager 1.0.1
Xyzscripts Newsletter Manager 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »