Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

wordpress wordpress 1.2 vulnerabilities and exploits

(subscribe to this query)
4.3
CVSSv2

CVE-2004-1559

Multiple cross-site scripting (XSS) vulnerabilities in Wordpress 1.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) redirect_to, text, popupurl, or popuptitle parameters to wp-login.php, (2) redirect_url parameter to admin-header.php, (3) popuptit...
Wordpress Wordpress 1.2
5
CVSSv2

CVE-2004-1584

CRLF injection vulnerability in wp-login.php in WordPress 1.2 allows remote malicious users to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the text parameter.
Wordpress Wordpress 1.2
4.3
CVSSv2

CVE-2005-2107

Multiple cross-site scripting (XSS) vulnerabilities in post.php in WordPress 1.5.1.2 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) p or (2) comment parameter.
Wordpress Wordpress 1.0Wordpress Wordpress 1.0.1Wordpress Wordpress 1.0.2Wordpress Wordpress 1.2Wordpress Wordpress 1.5Wordpress Wordpress 1.5.1Wordpress Wordpress 1.5.1.2
7.5
CVSSv2

CVE-2005-2108

SQL injection vulnerability in XMLRPC server in WordPress 1.5.1.2 and previous versions allows remote malicious users to execute arbitrary SQL commands via input that is not filtered in the HTTP_RAW_POST_DATA variable, which stores the data in an XML file.
Wordpress Wordpress 1.0Wordpress Wordpress 1.0.1Wordpress Wordpress 1.0.2Wordpress Wordpress 1.2Wordpress Wordpress 1.5Wordpress Wordpress 1.5.1Wordpress Wordpress 1.5.1.2
5
CVSSv2

CVE-2005-2109

wp-login.php in WordPress 1.5.1.2 and previous versions allows remote malicious users to change the content of the forgotten password e-mail message via the message variable, which is not initialized before use.
Wordpress Wordpress 1.0Wordpress Wordpress 1.0.1Wordpress Wordpress 1.0.2Wordpress Wordpress 1.2Wordpress Wordpress 1.5Wordpress Wordpress 1.5.1Wordpress Wordpress 1.5.1.2
5
CVSSv2

CVE-2005-2110

WordPress 1.5.1.2 and previous versions allows remote malicious users to obtain sensitive information via (1) a direct request to menu-header.php or a "1" value in the feed parameter to (2) wp-atom.php, (3) wp-rss.php, or (4) wp-rss2.php, which reveal the path in an err...
Wordpress Wordpress 1.0Wordpress Wordpress 1.0.1Wordpress Wordpress 1.0.2Wordpress Wordpress 1.2Wordpress Wordpress 1.5Wordpress Wordpress 1.5.1Wordpress Wordpress 1.5.1.2
7.5
CVSSv2

CVE-2005-2612

Direct code injection vulnerability in WordPress 1.5.1.3 and previous versions allows remote malicious users to execute arbitrary PHP code via the cache_lastpostdate[server] cookie.
Wordpress Wordpress 1.0Wordpress Wordpress 1.0.1Wordpress Wordpress 1.0.2Wordpress Wordpress 1.2Wordpress Wordpress 1.5Wordpress Wordpress 1.5.1Wordpress Wordpress 1.5.1.2Wordpress Wordpress 1.5.1.3
7.5
CVSSv2

CVE-2011-4669

SQL injection vulnerability in wp-users.php in WordPress Users plugin 1.3 and possibly earlier for WordPress allows remote malicious users to execute arbitrary SQL commands via the uid parameter to index.php.
Wordpress Wordpress-usersWordpress Wordpress-users 0.2Wordpress Wordpress-users 0.9Wordpress Wordpress-users 1.0Wordpress Wordpress-users 1.1Wordpress Wordpress-users 1.2
5
CVSSv2

CVE-2005-4463

WordPress prior to 1.5.2 allows remote malicious users to obtain sensitive information via a direct request to (1) wp-includes/vars.php, (2) wp-content/plugins/hello.php, (3) wp-admin/upgrade-functions.php, (4) wp-admin/edit-form.php, (5) wp-settings.php, and (6) wp-admin/edit-fo...
Wordpress Wordpress 1.0Wordpress Wordpress 1.0.1Wordpress Wordpress 1.0.2Wordpress Wordpress 1.2Wordpress Wordpress 1.5Wordpress Wordpress 1.5.1Wordpress Wordpress 1.5.1.2Wordpress Wordpress 1.5.1.3Wordpress Wordpress 2.0.1
5
CVSSv2

CVE-2013-7240

Directory traversal vulnerability in download-file.php in the Advanced Dewplayer plugin 1.2 for WordPress allows remote malicious users to read arbitrary files via a .. (dot dot) in the dew_file parameter.
Westerndeal Advanced Dewplayer 1.2Wordpress Wordpress -
Preferred Score:
CVSSv4
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2025-2308typo3CVE-2025-29387CVE-2024-12019cache poisoningCVE-2025-24472fortinacunspecifiedspringboot-openai-chatgptbypassCVE-2024-55591CVE-2025-1624tianocore
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook