Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.3 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-2709
Cross-site request forgery (CSRF) vulnerability in the FourSquare Checkins plugin prior to 1.3 for WordPress allows remote malicious users to hijack the authentication of arbitrary users for requests that insert XSS sequences.
Crunchify Foursquare-checkins
Crunchify Foursquare-checkins 1.0
Crunchify Foursquare-checkins 1.1
NA
CVE-2011-5128
Multiple cross-site scripting (XSS) vulnerabilities in the Adminimize plugin prior to 1.7.22 for WordPress allow remote malicious users to inject arbitrary web script or HTML via the page parameter to (1) inc-options/deinstall_options.php, (2) inc-options/theme_options.php, or (3...
Bueltge Adminimize
Bueltge Adminimize 0.6.9
Bueltge Adminimize 0.7
Bueltge Adminimize 0.7.1
Bueltge Adminimize 0.7.2
Bueltge Adminimize 0.7.3
Bueltge Adminimize 0.7.5
Bueltge Adminimize 0.7.6
Bueltge Adminimize 0.7.7
Bueltge Adminimize 0.7.8
Bueltge Adminimize 0.7.9
Bueltge Adminimize 0.8
Bueltge Adminimize 0.8.1
Bueltge Adminimize 1.0
Bueltge Adminimize 1.1
Bueltge Adminimize 1.2
Bueltge Adminimize 1.3
Bueltge Adminimize 1.4
Bueltge Adminimize 1.4.1
Bueltge Adminimize 1.4.2
Bueltge Adminimize 1.4.3-6
Bueltge Adminimize 1.4.7
4.3
CVSSv3
CVE-2022-1956
The Shortcut Macros WordPress plugin up to and including 1.3 does not have authorisation and CSRF checks in place when updating its settings, which could allow any authenticated users, such as subscriber, to update them.
Shortcut Macros Project Shortcut Macros
4.8
CVSSv3
CVE-2023-0422
The Article Directory WordPress plugin up to and including 1.3 does not properly sanitize the `publish_terms_text` setting before displaying it in the administration panel, which may enable administrators to conduct Stored XSS attacks in multisite contexts.
Article Directory Project Article Directory
6.5
CVSSv3
CVE-2020-36505
The Delete All Comments Easily WordPress plugin up to and including 1.3 is lacking Cross-Site Request Forgery (CSRF) checks, which could result in an unauthenticated attacker making a logged in admin delete all comments from the blog.
Delete All Comments Easily Project Delete All Comments Easily
6.1
CVSSv3
CVE-2022-2311
The Find and Replace All WordPress plugin prior to 1.3 does not sanitize and escape some parameters from its setting page before outputting them back to the user, leading to a Reflected Cross-Site Scripting issue.
Find And Replace All Project Find And Replace All
4.8
CVSSv3
CVE-2017-16758
Cross-site scripting (XSS) vulnerability in admin/partials/uif-access-token-display.php in the Ultimate Instagram Feed plugin prior to 1.3 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the "access_token" parameter.
Ultimate Instagram Feed Project Ultimate Instagram Feed
4.3
CVSSv3
CVE-2022-3850
The Find and Replace All WordPress plugin prior to 1.3 does not have CSRF check when replacing string, which could allow malicious users to make a logged admin replace arbitrary string in database tables via a CSRF attack
Find And Replace All Project Find And Replace All
4.8
CVSSv3
CVE-2022-2093
The WP Duplicate Page WordPress plugin prior to 1.3 does not sanitize and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed.
Ninjateam Wp Duplicate Page
7.2
CVSSv3
CVE-2021-24777
The view submission functionality in the Hotscot Contact Form WordPress plugin prior to 1.3 makes a get request with the sub_id parameter which not sanitised, escaped or validated before inserting to a SQL statement, leading to an SQL injection.
Hotscot Contact Form
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »