Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
6scan vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2012-0896
Absolute path traversal vulnerability in download.php in the Count Per Day module prior to 3.1.1 for WordPress allows remote malicious users to read arbitrary files via the f parameter.
Count Per Day Project Count Per Day 2.16
Count Per Day Project Count Per Day 2.15.1
Count Per Day Project Count Per Day 2.15
Count Per Day Project Count Per Day 2.2
Tom Braider Count Per Day
Tom Braider Count Per Day 1.0
1 EDB exploit
755
VMScore
CVE-2012-1010
Unrestricted file upload vulnerability in actions.php in the AllWebMenus plugin prior to 1.1.8 for WordPress allows remote malicious users to execute arbitrary PHP code by uploading a ZIP file containing a PHP file, then accessing it via a direct request to the file in an unspeci...
Likno Allwebmenus Plugin 1.0.12
Likno Allwebmenus Plugin 1.0.17
Likno Allwebmenus Plugin 1.1.1
Likno Allwebmenus Plugin 1.1.2
Likno Allwebmenus Plugin 1.0.10
Likno Allwebmenus Plugin 1.0.11
Likno Allwebmenus Plugin 1.0.23
Likno Allwebmenus Plugin 1.0.24
Likno Allwebmenus Plugin
Likno Allwebmenus Plugin 1.0.4
Likno Allwebmenus Plugin 1.0.9
Likno Allwebmenus Plugin 1.0.21
Likno Allwebmenus Plugin 1.0.22
Likno Allwebmenus Plugin 1.1.5
Likno Allwebmenus Plugin 1.1.6
Likno Allwebmenus Plugin 1.0.1
Likno Allwebmenus Plugin 1.0.3
Likno Allwebmenus Plugin 1.0.18
Likno Allwebmenus Plugin 1.0.19
Likno Allwebmenus Plugin 1.0.20
Likno Allwebmenus Plugin 1.1.3
Likno Allwebmenus Plugin 1.1.4
1 EDB exploit
435
VMScore
CVE-2012-0895
Cross-site scripting (XSS) vulnerability in map/map.php in the Count Per Day module prior to 3.1.1 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the map parameter.
Tom Braider Count Per Day
Tom Braider Count Per Day 1.0
1 EDB exploit
755
VMScore
CVE-2012-1011
actions.php in the AllWebMenus plugin 1.1.8 for WordPress allows remote malicious users to bypass intended access restrictions to upload and execute arbitrary PHP code by setting the HTTP_REFERER to a certain value, then uploading a ZIP file containing a PHP file, then accessing ...
Likno Allwebmenus Plugin 1.1.8
1 EDB exploit
435
VMScore
CVE-2011-5207
Cross-site scripting (XSS) vulnerability in admin/OptionsPostsList.php in the TheCartPress plugin for WordPress prior to 1.1.6 prior to 2011-12-31 allows remote malicious users to inject arbitrary web script or HTML via the tcp_name_post_XXXXX parameter.
Thecartpress Thecartpress
Thecartpress Thecartpress 1.1.5
Thecartpress Thecartpress 1.0.8
Thecartpress Thecartpress 1.0.7
Thecartpress Thecartpress 1.1.2
Thecartpress Thecartpress 1.1.1
Thecartpress Thecartpress 1.0.4
Thecartpress Thecartpress 1.0.3
Thecartpress Thecartpress 1.1.4
Thecartpress Thecartpress 1.1.3
Thecartpress Thecartpress 1.0.6
Thecartpress Thecartpress 1.0.5
Thecartpress Thecartpress 1.1.0
Thecartpress Thecartpress 1.0.9
Thecartpress Thecartpress 1.0.2
Thecartpress Thecartpress 1.0.1
Thecartpress Thecartpress 1.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started