Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
benjamin lim vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-3810
Authentication Bypass vulnerability in the Oturia Smart Google Code Inserter plugin prior to 3.5 for WordPress allows unauthenticated malicious users to insert arbitrary JavaScript or HTML code (via the sgcgoogleanalytic parameter) that runs on all pages served by WordPress. The ...
Oturia Smart Google Code Inserter
1 EDB exploit
1 Github repository
9.8
CVSSv3
CVE-2018-3811
SQL Injection vulnerability in the Oturia Smart Google Code Inserter plugin prior to 3.5 for WordPress allows unauthenticated malicious users to execute SQL queries in the context of the web server. The saveGoogleAdWords() function in smartgooglecode.php did not use prepared stat...
Oturia Smart Google Code Inserter
1 EDB exploit
1 Github repository
6.1
CVSSv3
CVE-2017-14126
The Participants Database plugin prior to 1.7.5.10 for WordPress has XSS.
Xnau Participants Database 1.7.5.10
1 EDB exploit
5.3
CVSSv3
CVE-2019-13344
An authentication bypass vulnerability in the CRUDLab WP Like Button plugin up to and including 1.6.0 for WordPress allows unauthenticated malicious users to change settings. The contains() function in wp_like_button.php did not check if the current request is made by an authoriz...
Crudlab Wp Like Button
1 EDB exploit
NA
CVE-2019-133441
WordPress Like Button plugin version 1.6.0 suffers from an authentication bypass vulnerability.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started