Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 0.711 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-3747
The (1) get_edit_post_link and (2) get_edit_comment_link functions in wp-includes/link-template.php in WordPress prior to 2.6.1 do not force SSL communication in the intended situations, which might allow remote malicious users to gain administrative access by sniffing the networ...
Wordpress Wordpress 0.6.2
Wordpress Wordpress 0.6.2.1
Wordpress Wordpress 0.7
Wordpress Wordpress 0.71
Wordpress Wordpress 0.72
Wordpress Wordpress 0.711
Wordpress Wordpress 1.0
Wordpress Wordpress 1.0.1
Wordpress Wordpress 1.2
Wordpress Wordpress 1.2.1
Wordpress Wordpress 1.2.2
Wordpress Wordpress 1.5
10
CVSSv2
CVE-2009-2853
Wordpress prior to 2.8.3 allows remote malicious users to gain privileges via a direct request to (1) admin-footer.php, (2) edit-category-form.php, (3) edit-form-advanced.php, (4) edit-form-comment.php, (5) edit-link-category-form.php, (6) edit-link-form.php, (7) edit-page-form.p...
Wordpress Wordpress 0.71
Wordpress Wordpress 0.72
Wordpress Wordpress 0.711
Wordpress Wordpress 1.0
Wordpress Wordpress 1.0.1
Wordpress Wordpress 1.2
Wordpress Wordpress 1.2.1
Wordpress Wordpress 1.2.2
Wordpress Wordpress 1.5
Wordpress Wordpress 1.5.1
Wordpress Wordpress 1.5.1.3
Wordpress Wordpress 1.5.2
7.5
CVSSv2
CVE-2008-2146
wp-includes/vars.php in Wordpress prior to 2.2.3 does not properly extract the current path from the PATH_INFO ($PHP_SELF), which allows remote malicious users to bypass intended access restrictions for certain pages.
Wordpress Wordpress
Wordpress Wordpress 0.6.2
Wordpress Wordpress 0.6.2.1
Wordpress Wordpress 0.7
Wordpress Wordpress 0.71
Wordpress Wordpress 0.711
Wordpress Wordpress 1.0
Wordpress Wordpress 1.0.1
Wordpress Wordpress 1.0.2
Wordpress Wordpress 1.2
Wordpress Wordpress 1.2.1
Wordpress Wordpress 1.2.2
4.3
CVSSv2
CVE-2008-3233
Cross-site scripting (XSS) vulnerability in WordPress prior to 2.6, SVN development versions only, allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Wordpress Wordpress
Wordpress Wordpress 0.6.2
Wordpress Wordpress 0.6.2.1
Wordpress Wordpress 0.7
Wordpress Wordpress 0.71
Wordpress Wordpress 0.711
Wordpress Wordpress 1.0
Wordpress Wordpress 1.0.1
Wordpress Wordpress 1.0.2
Wordpress Wordpress 1.2
Wordpress Wordpress 1.2.1
Wordpress Wordpress 1.2.2
1 EDB exploit
9.3
CVSSv2
CVE-2008-4769
Directory traversal vulnerability in the get_category_template function in wp-includes/theme.php in WordPress 2.3.3 and previous versions, and 2.5, allows remote malicious users to include and possibly execute arbitrary PHP files via the cat parameter in index.php. NOTE: some of ...
Wordpress Wordpress
Wordpress Wordpress 0.6.2
Wordpress Wordpress 0.6.2.1
Wordpress Wordpress 0.7
Wordpress Wordpress 0.71
Wordpress Wordpress 0.71-gold
Wordpress Wordpress 0.72
Wordpress Wordpress 0.711
Wordpress Wordpress 1.0
Wordpress Wordpress 1.0-platinum
Wordpress Wordpress 1.0.1
Wordpress Wordpress 1.0.1-miles
1 EDB exploit
5
CVSSv2
CVE-2011-4898
wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and previous versions generates different error messages for requests lacking a dbname parameter depending on whether the MySQL credentials are valid, which makes it easier for remote malicious users to co...
Wordpress Wordpress
Wordpress Wordpress 0.7
Wordpress Wordpress 0.71
Wordpress Wordpress 0.72
Wordpress Wordpress 0.711
Wordpress Wordpress 1.0
Wordpress Wordpress 1.0.1
Wordpress Wordpress 1.0.2
Wordpress Wordpress 1.2
Wordpress Wordpress 1.2.1
Wordpress Wordpress 1.2.2
Wordpress Wordpress 1.5
1 EDB exploit
7.5
CVSSv2
CVE-2011-4899
wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and previous versions does not ensure that the specified MySQL database service is appropriate, which allows remote malicious users to configure an arbitrary database via the dbhost and dbname parameters, ...
Wordpress Wordpress
Wordpress Wordpress 0.7
Wordpress Wordpress 0.71
Wordpress Wordpress 0.72
Wordpress Wordpress 0.711
Wordpress Wordpress 1.0
Wordpress Wordpress 1.0.1
Wordpress Wordpress 1.0.2
Wordpress Wordpress 1.2
Wordpress Wordpress 1.2.1
Wordpress Wordpress 1.2.2
Wordpress Wordpress 1.5
1 EDB exploit
4.3
CVSSv2
CVE-2012-0782
Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) dbhost, (2) dbname, or (3) uname parameter. NOTE...
Wordpress Wordpress
Wordpress Wordpress 0.7
Wordpress Wordpress 0.71
Wordpress Wordpress 0.72
Wordpress Wordpress 0.711
Wordpress Wordpress 1.0
Wordpress Wordpress 1.0.1
Wordpress Wordpress 1.0.2
Wordpress Wordpress 1.2
Wordpress Wordpress 1.2.1
Wordpress Wordpress 1.2.2
Wordpress Wordpress 1.5
1 EDB exploit
5
CVSSv2
CVE-2012-0937
wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and previous versions does not limit the number of MySQL queries sent to external MySQL database servers, which allows remote malicious users to use WordPress as a proxy for brute-force attacks or denial o...
Wordpress Wordpress
Wordpress Wordpress 0.7
Wordpress Wordpress 0.71
Wordpress Wordpress 0.72
Wordpress Wordpress 0.711
Wordpress Wordpress 1.0
Wordpress Wordpress 1.0.1
Wordpress Wordpress 1.0.2
Wordpress Wordpress 1.2
Wordpress Wordpress 1.2.1
Wordpress Wordpress 1.2.2
Wordpress Wordpress 1.5
1 EDB exploit
4.3
CVSSv2
CVE-2008-5278
Cross-site scripting (XSS) vulnerability in the self_link function in in the RSS Feed Generator (wp-includes/feed.php) for WordPress prior to 2.6.5 allows remote malicious users to inject arbitrary web script or HTML via the Host header (HTTP_HOST variable).
Wordpress Wordpress
Wordpress Wordpress 0.6.2
Wordpress Wordpress 0.6.2.1
Wordpress Wordpress 0.7
Wordpress Wordpress 0.71
Wordpress Wordpress 0.71-gold
Wordpress Wordpress 0.72
Wordpress Wordpress 0.711
Wordpress Wordpress 1.0
Wordpress Wordpress 1.0-platinum
Wordpress Wordpress 1.0.1
Wordpress Wordpress 1.0.1-miles
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-54130
firmware
CVE-2024-42327
CVE-2024-42448
CVE-2024-54126
CVE-2024-53846
CVE-2024-38920
XPath injection
HTML injection
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »