Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tipsandtricks-hq all in one wp security vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2015-9294
The all-in-one-wp-security-and-firewall plugin prior to 3.9.5 for WordPress has XSS in add_query_arg and remove_query_arg function instances.
Tipsandtricks-hq All In One Wp Security & Firewall
4.7
CVSSv3
CVE-2021-25102
The All In One WP Security & Firewall WordPress plugin prior to 4.4.11 does not validate, sanitise and escape the redirect_to parameter before using it to redirect user, either via a Location header, or meta url attribute, when the Rename Login Page is active, which could lea...
Tipsandtricks-hq All In One Wp Security & Firewall
6.1
CVSSv3
CVE-2016-10867
The all-in-one-wp-security-and-firewall plugin prior to 4.0.6 for WordPress has XSS in settings pages.
Tipsandtricks-hq All In One Wp Security & Firewall
6.1
CVSSv3
CVE-2016-10868
The all-in-one-wp-security-and-firewall plugin prior to 4.0.5 for WordPress has XSS in the blacklist, file system, and file change detection settings pages.
Tipsandtricks-hq All In One Wp Security & Firewall
9.8
CVSSv3
CVE-2016-10887
The all-in-one-wp-security-and-firewall plugin prior to 4.0.9 for WordPress has multiple SQL injection issues.
Tipsandtricks-hq All In One Wp Security & Firewall
8.8
CVSSv3
CVE-2022-44737
Multiple Cross-Site Request Forgery vulnerabilities in All-In-One Security (AIOS) – Security and Firewall (WordPress plugin) <= 5.1.0 on WordPress.
Tipsandtricks-hq All In One Wp Security & Firewall
6.1
CVSSv3
CVE-2015-9293
The all-in-one-wp-security-and-firewall plugin prior to 3.9.8 for WordPress has XSS in the unlock request feature.
Tipsandtricks-hq All In One Wp Security & Firewall
9.8
CVSSv3
CVE-2015-9310
The all-in-one-wp-security-and-firewall plugin prior to 3.9.1 for WordPress has multiple SQL injection issues.
Tipsandtricks-hq All In One Wp Security & Firewall
6.1
CVSSv3
CVE-2016-10866
The all-in-one-wp-security-and-firewall plugin prior to 4.2.0 for WordPress has multiple XSS issues.
Tipsandtricks-hq All In One Wp Security & Firewall
9.8
CVSSv3
CVE-2016-10888
The all-in-one-wp-security-and-firewall plugin prior to 4.0.7 for WordPress has multiple SQL injection issues.
Tipsandtricks-hq All In One Wp Security & Firewall
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044
client side
CVE-2021-47601
deserialization
CVE-2024-34994
encryption
CVE-2021-47609
CVE-2024-37079
CVE-2024-38608
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »