Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tipsandtricks-hq all in one wp security vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2016-10888
The all-in-one-wp-security-and-firewall plugin prior to 4.0.7 for WordPress has multiple SQL injection issues.
Tipsandtricks-hq All In One Wp Security & Firewall
7.5
CVSSv2
CVE-2016-10887
The all-in-one-wp-security-and-firewall plugin prior to 4.0.9 for WordPress has multiple SQL injection issues.
Tipsandtricks-hq All In One Wp Security & Firewall
7.5
CVSSv2
CVE-2015-9310
The all-in-one-wp-security-and-firewall plugin prior to 3.9.1 for WordPress has multiple SQL injection issues.
Tipsandtricks-hq All In One Wp Security & Firewall
4.3
CVSSv2
CVE-2020-29171
Cross-site scripting (XSS) vulnerability in admin/wp-security-blacklist-menu.php in the Tips and Tricks HQ All In One WP Security & Firewall (all-in-one-wp-security-and-firewall) plugin prior to 4.4.6 for WordPress.
Tipsandtricks-hq Wp Security & Firewall
4.3
CVSSv2
CVE-2016-10867
The all-in-one-wp-security-and-firewall plugin prior to 4.0.6 for WordPress has XSS in settings pages.
Tipsandtricks-hq All In One Wp Security & Firewall
4.3
CVSSv2
CVE-2016-10866
The all-in-one-wp-security-and-firewall plugin prior to 4.2.0 for WordPress has multiple XSS issues.
Tipsandtricks-hq All In One Wp Security & Firewall
4.3
CVSSv2
CVE-2016-10868
The all-in-one-wp-security-and-firewall plugin prior to 4.0.5 for WordPress has XSS in the blacklist, file system, and file change detection settings pages.
Tipsandtricks-hq All In One Wp Security & Firewall
4.3
CVSSv2
CVE-2015-9294
The all-in-one-wp-security-and-firewall plugin prior to 3.9.5 for WordPress has XSS in add_query_arg and remove_query_arg function instances.
Tipsandtricks-hq All In One Wp Security & Firewall
4.3
CVSSv2
CVE-2015-9293
The all-in-one-wp-security-and-firewall plugin prior to 3.9.8 for WordPress has XSS in the unlock request feature.
Tipsandtricks-hq All In One Wp Security & Firewall
2.6
CVSSv2
CVE-2021-25102
The All In One WP Security & Firewall WordPress plugin prior to 4.4.11 does not validate, sanitise and escape the redirect_to parameter before using it to redirect user, either via a Location header, or meta url attribute, when the Rename Login Page is active, which could lea...
Tipsandtricks-hq All In One Wp Security & Firewall
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »