Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 2.0 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-9403
The neuvoo-jobroll plugin 2.0 for WordPress has neuvoo_location XSS.
Neuvoo Neuvoo-jobroll 2.0
4.3
CVSSv2
CVE-2015-9404
The neuvoo-jobroll plugin 2.0 for WordPress has neuvoo_keywords XSS.
Neuvoo Neuvoo-jobroll 2.0
6.4
CVSSv2
CVE-2014-1907
Multiple directory traversal vulnerabilities in the VideoWhisper Live Streaming Integration plugin prior to 4.29.5 for WordPress allow remote malicious users to (1) read arbitrary files via a .. (dot dot) in the s parameter to ls/rtmp_login.php or (2) delete arbitrary files via a...
Videowhisper Live Streaming Integration Plugin 4.27
Videowhisper Live Streaming Integration Plugin 4.27.3
Videowhisper Live Streaming Integration Plugin 2.1
Videowhisper Live Streaming Integration Plugin 2.0
Videowhisper Live Streaming Integration Plugin
Videowhisper Live Streaming Integration Plugin 4.25.3
Videowhisper Live Streaming Integration Plugin 1.0.2
Videowhisper Live Streaming Integration Plugin 4.05
Videowhisper Live Streaming Integration Plugin 2.2
Videowhisper Live Streaming Integration Plugin 4.25
Videowhisper Live Streaming Integration Plugin 4.07
1 EDB exploit
4.3
CVSSv2
CVE-2019-20141
An XSS issue exists in the Laborator Neon theme 2.0 for WordPress via the data/autosuggest-remote.php q parameter.
Laborator Neon 2.0
4.3
CVSSv2
CVE-2013-6281
Cross-site scripting (XSS) vulnerability in codebase/spreadsheet.php in the Spreadsheet (dhtmlxSpreadsheet) plugin 2.0 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the "page" parameter.
Dhtmlx Dhtmlxspreadsheet 2.0
4.3
CVSSv2
CVE-2011-4618
Cross-site scripting (XSS) vulnerability in advancedtext.php in Advanced Text Widget plugin prior to 2.0.2 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the page parameter.
Simplerealtytheme Advanced Text Widget Plugin
1 EDB exploit
7.5
CVSSv2
CVE-2011-4671
SQL injection vulnerability in adrotate/adrotate-out.php in the AdRotate plugin 3.6.6, and other versions prior to 3.6.8, for WordPress allows remote malicious users to execute arbitrary SQL commands via the track parameter (aka redirect URL).
Adrotateplugin Adrotate 3.6.3
Adrotateplugin Adrotate 3.6.2
Adrotateplugin Adrotate 3.3
Adrotateplugin Adrotate 3.2.2
Adrotateplugin Adrotate 3.0.1
Adrotateplugin Adrotate 3.0
Adrotateplugin Adrotate 2.4.1
Adrotateplugin Adrotate 2.4
Adrotateplugin Adrotate 1.0
Adrotateplugin Adrotate 0.8
Adrotateplugin Adrotate 0.2
Adrotateplugin Adrotate 0.1
Adrotateplugin Adrotate
Adrotateplugin Adrotate 3.6.6
Adrotateplugin Adrotate 3.5.1
Adrotateplugin Adrotate 3.5
Adrotateplugin Adrotate 3.1.1
Adrotateplugin Adrotate 3.1
Adrotateplugin Adrotate 2.5
Adrotateplugin Adrotate 2.4.4
Adrotateplugin Adrotate 2.2
Adrotateplugin Adrotate 2.1
2 EDB exploits
6.5
CVSSv2
CVE-2013-1408
Multiple SQL injection vulnerabilities in the Wysija Newsletters plugin prior to 2.2.1 for WordPress allow remote authenticated administrators to execute arbitrary SQL commands via the (1) search or (2) orderby parameter to wp-admin/admin.php. NOTE: this can be leveraged using CS...
Wysija Newsletters Project Wysija Newsletters 2.1.4
Wysija Newsletters Project Wysija Newsletters 2.1.3
Wysija Newsletters Project Wysija Newsletters 2.0.7
Wysija Newsletters Project Wysija Newsletters 2.0.6
Wysija Newsletters Project Wysija Newsletters 2.1.8
Wysija Newsletters Project Wysija Newsletters 2.1.7
Wysija Newsletters Project Wysija Newsletters 2.1
Wysija Newsletters Project Wysija Newsletters 2.1.6
Wysija Newsletters Project Wysija Newsletters 2.1.5
Wysija Newsletters Project Wysija Newsletters 2.0.9
Wysija Newsletters Project Wysija Newsletters 2.0.8
Wysija Newsletters Project Wysija Newsletters 2.0
Wysija Newsletters Project Wysija Newsletters 2.0.9.5
Wysija Newsletters Project Wysija Newsletters 2.0.3
Wysija Newsletters Project Wysija Newsletters 2.0.2
Wysija Newsletters Project Wysija Newsletters 2.0.1
Wysija Newsletters Project Wysija Newsletters
Wysija Newsletters Project Wysija Newsletters 2.1.9
Wysija Newsletters Project Wysija Newsletters 2.1.2
Wysija Newsletters Project Wysija Newsletters 2.1.1
Wysija Newsletters Project Wysija Newsletters 2.0.5
Wysija Newsletters Project Wysija Newsletters 2.0.4
1 EDB exploit
NA
CVE-2022-34858
Authentication Bypass vulnerability in miniOrange OAuth 2.0 client for SSO plugin <= 1.11.3 at WordPress.
Miniorange Oauth 2.0 Client For Sso
7.5
CVSSv2
CVE-2009-3703
Multiple SQL injection vulnerabilities in the WP-Forum plugin prior to 2.4 for WordPress allow remote malicious users to execute arbitrary SQL commands via (1) the search_max parameter in a search action to the default URI, related to wpf.class.php; (2) the forum parameter to an ...
Fahlstad Wp-forum 1.7.4
Fahlstad Wp-forum 2.1
Fahlstad Wp-forum 1.6
Fahlstad Wp-forum 1.5
Fahlstad Wp-forum 1.8
Fahlstad Wp-forum
Fahlstad Wp-forum 1.7.3
Fahlstad Wp-forum 1.7
Fahlstad Wp-forum 1.7.8
Fahlstad Wp-forum 2.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »