Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.2 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2014-9395
Multiple cross-site request forgery (CSRF) vulnerabilities in the Simplelife plugin 1.2 and previous versions for WordPress allow remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) simpleh...
Simplelife Project Simplelife
NA
CVE-2023-49161
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Guelben Bravo Translate.This issue affects Bravo Translate: from n/a up to and including 1.2.
Guelbetech Bravo Translate
7.5
CVSSv2
CVE-2012-5469
The Portable phpMyAdmin plugin prior to 1.3.1 for WordPress allows remote malicious users to bypass authentication and obtain phpMyAdmin console access via a direct request to wp-content/plugins/portable-phpmyadmin/wp-pma-mod.
Phpmyadmin Phpmyadmin 1.2.7
Phpmyadmin Phpmyadmin 1.2.6
Phpmyadmin Phpmyadmin 1.2.5
Phpmyadmin Phpmyadmin 1.2.4
Phpmyadmin Phpmyadmin 1.0.1
Phpmyadmin Phpmyadmin 1.0.0
Phpmyadmin Phpmyadmin 1.3
Phpmyadmin Phpmyadmin 1.2.9.5
Phpmyadmin Phpmyadmin 1.2.9.4
Phpmyadmin Phpmyadmin 1.2.9.3
Phpmyadmin Phpmyadmin 1.1
Phpmyadmin Phpmyadmin 1.0.8
Phpmyadmin Phpmyadmin 1.0.7
Phpmyadmin Phpmyadmin 1.0.6
Phpmyadmin Phpmyadmin 1.2.9.1
Phpmyadmin Phpmyadmin 1.2.8
Phpmyadmin Phpmyadmin 1.2.3
Phpmyadmin Phpmyadmin 1.2.1
Phpmyadmin Phpmyadmin 1.0.5
Phpmyadmin Phpmyadmin 1.0.3
Phpmyadmin Phpmyadmin 1.2.9.2
Phpmyadmin Phpmyadmin 1.2.9
1 EDB exploit
6
CVSSv2
CVE-2014-5182
Multiple SQL injection vulnerabilities in the yawpp plugin 1.2 for WordPress allow remote authenticated users with Contributor privileges to execute arbitrary SQL commands via vectors related to (1) admin_functions.php or (2) admin_update.php, as demonstrated by the id parameter ...
Ostenta Yawpp 1.2
6.8
CVSSv2
CVE-2015-1580
Multiple cross-site request forgery (CSRF) vulnerabilities in the Redirection Page plugin 1.2 for WordPress allow remote malicious users to hijack the authentication of administrators for requests that (1) change plugin settings or conduct cross-site scripting (XSS) attacks via t...
Redirection Project Redirection 1.2
7.5
CVSSv2
CVE-2005-3330
The _httpsrequest function in Snoopy 1.2, as used in products such as (1) MagpieRSS, (2) WordPress, (3) Ampache, and (4) Jinzora, allows remote malicious users to execute arbitrary commands via shell metacharacters in an HTTPS URL to an SSL protected web page, which is not proper...
Snoopy Snoopy 1.2
1 EDB exploit
4.3
CVSSv2
CVE-2014-9100
Cross-site scripting (XSS) vulnerability in the WhyDoWork AdSense plugin 1.2 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the idcode parameter in the whydowork_adsense page to wp-admin/options-general.php.
Whydowork Adsense Project Whydowork Adsense 1.2
7.5
CVSSv2
CVE-2012-6625
SQL injection vulnerability in fs-admin/fs-admin.php in the ForumPress WP Forum Server plugin prior to 1.7.4 for WordPress allows remote malicious users to execute arbitrary SQL commands via the groupid parameter in an editgroup action.
Vasthtml Forumpress 1.2
Vasthtml Forumpress 1.3
Vasthtml Forumpress 1.5.1
Vasthtml Forumpress 1.6.4
Vasthtml Forumpress 1.6.5
Vasthtml Forumpress 1.7.2
Vasthtml Forumpress 1.7.3
Vasthtml Forumpress 1.5.2
Vasthtml Forumpress 1.6.8
Vasthtml Forumpress 1.6.9
Vasthtml Forumpress 1.4
Vasthtml Forumpress 1.5
Vasthtml Forumpress 1.6.6
Vasthtml Forumpress 1.6.7
Vasthtml Forumpress
Vasthtml Forumpress 1.0
Vasthtml Forumpress 1.1
Vasthtml Forumpress 1.6
Vasthtml Forumpress 1.6.2
Vasthtml Forumpress 1.6.3
Vasthtml Forumpress 1.7
Vasthtml Forumpress 1.7.1
1 EDB exploit
4.3
CVSSv2
CVE-2011-3860
Cross-site scripting (XSS) vulnerability in the Cover WP theme prior to 1.6.6 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the s parameter.
Onedesigns Cover Wp
Onedesigns Cover Wp 1.1
Onedesigns Cover Wp 1.2
Onedesigns Cover Wp 1.3
Onedesigns Cover Wp 1.4
Onedesigns Cover Wp 1.4.1
Onedesigns Cover Wp 1.5
Onedesigns Cover Wp 1.5.1
Onedesigns Cover Wp 1.5.2
Onedesigns Cover Wp 1.5.3
Onedesigns Cover Wp 1.5.4
Onedesigns Cover Wp 1.5.5
Onedesigns Cover Wp 1.5.6
Onedesigns Cover Wp 1.5.7
Onedesigns Cover Wp 1.5.8
Onedesigns Cover Wp 1.5.9
Onedesigns Cover Wp 1.6
Onedesigns Cover Wp 1.6.1
Onedesigns Cover Wp 1.6.2
Onedesigns Cover Wp 1.6.3
Onedesigns Cover Wp 1.6.4
1 EDB exploit
NA
CVE-2022-242721
WordPress International SMS for Contact Form 7 Integration plugin version 1.2 suffers from a cross site request forgery vulnerability.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »