Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.2.2 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2008-4671
Cross-site scripting (XSS) vulnerability in wp-admin/wp-blogs.php in Wordpress MU (WPMU) prior to 2.6 allows remote malicious users to inject arbitrary web script or HTML via the (1) s and (2) ip_address parameters.
Wordpress Wordpress Mu
Wordpress Wordpress Mu 1.0
Wordpress Wordpress Mu 1.2.2
Wordpress Wordpress Mu 1.2.3
Wordpress Wordpress Mu 1.3
Wordpress Wordpress Mu 1.3.1
1 EDB exploit
7.5
CVSSv2
CVE-2008-1059
PHP remote file inclusion vulnerability in modules/syntax_highlight.php in the Sniplets 1.1.2 and 1.2.2 plugin for WordPress allows remote malicious users to execute arbitrary PHP code via a URL in the libpath parameter.
Wordpress Sniplets Plugin 1.1.2
Wordpress Sniplets Plugin 1.2.2
1 EDB exploit
7.5
CVSSv2
CVE-2008-1060
Eval injection vulnerability in modules/execute.php in the Sniplets 1.1.2 and 1.2.2 plugin for WordPress allows remote malicious users to execute arbitrary PHP code via the text parameter.
Wordpress Sniplets Plugin 1.1.2
Wordpress Sniplets Plugin 1.2.2
1 EDB exploit
4.3
CVSSv2
CVE-2008-1061
Multiple cross-site scripting (XSS) vulnerabilities in the Sniplets 1.1.2 and 1.2.2 plugin for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) text parameter to (a) warning.php, (b) notice.php, and (c) inset.php in view/sniplets/, and pos...
Wordpress Sniplets Plugin 1.1.2
Wordpress Sniplets Plugin 1.2.2
1 EDB exploit
4.3
CVSSv2
CVE-2006-1263
Multiple "unannounced" cross-site scripting (XSS) vulnerabilities in WordPress prior to 2.0.2 allow remote malicious users to inject arbitrary web script or HTML via unknown attack vectors.
Wordpress Wordpress 0.6.2
Wordpress Wordpress 0.6.2.1
Wordpress Wordpress 0.7
Wordpress Wordpress 0.71
Wordpress Wordpress 1.2
Wordpress Wordpress 1.2.1
Wordpress Wordpress 1.2.2
Wordpress Wordpress 1.5
Wordpress Wordpress 1.5.1
Wordpress Wordpress 1.5.1.2
Wordpress Wordpress 1.5.1.3
Wordpress Wordpress 1.5.2
6.8
CVSSv2
CVE-2006-1796
Cross-site scripting (XSS) vulnerability in the paging links functionality in template-functions-links.php in Wordpress 1.5.2, and possibly other versions prior to 2.0.1, allows remote malicious users to inject arbitrary web script or HTML to Internet Explorer users via the reque...
Wordpress Wordpress
Wordpress Wordpress 0.6.2
Wordpress Wordpress 0.6.2.1
Wordpress Wordpress 0.7
Wordpress Wordpress 0.71
Wordpress Wordpress 1.0
Wordpress Wordpress 1.0.1
Wordpress Wordpress 1.0.2
Wordpress Wordpress 1.2
Wordpress Wordpress 1.2.1
Wordpress Wordpress 1.2.2
Wordpress Wordpress 1.5
6.8
CVSSv2
CVE-2006-6808
Cross-site scripting (XSS) vulnerability in wp-admin/templates.php in WordPress 2.0.5 allows remote malicious users to inject arbitrary web script or HTML via the file parameter. NOTE: some sources have reported this as a vulnerability in the get_file_description function in wp-a...
Wordpress Wordpress
Wordpress Wordpress 0.6.2
Wordpress Wordpress 0.6.2.1
Wordpress Wordpress 0.7
Wordpress Wordpress 0.71
Wordpress Wordpress 1.2
Wordpress Wordpress 1.2.1
Wordpress Wordpress 1.2.2
Wordpress Wordpress 1.5
Wordpress Wordpress 1.5.1
Wordpress Wordpress 1.5.1.2
Wordpress Wordpress 1.5.1.3
1 EDB exploit
7.5
CVSSv2
CVE-2007-0233
wp-trackback.php in WordPress 2.0.6 and previous versions does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote malicious users to execute arbitrary SQL commands vi...
Wordpress Wordpress 0.6.2
Wordpress Wordpress 0.6.2.1
Wordpress Wordpress 0.7
Wordpress Wordpress 0.71
Wordpress Wordpress 1.2
Wordpress Wordpress 1.2.1
Wordpress Wordpress 1.2.2
Wordpress Wordpress 1.5
Wordpress Wordpress 1.5.1
Wordpress Wordpress 1.5.1.2
Wordpress Wordpress 1.5.1.3
Wordpress Wordpress 1.5.2
1 EDB exploit
4.3
CVSSv2
CVE-2007-1049
Cross-site scripting (XSS) vulnerability in the wp_explain_nonce function in the nonce AYS functionality (wp-includes/functions.php) for WordPress 2.0 prior to 2.0.9 and 2.1 prior to 2.1.1 allows remote malicious users to inject arbitrary web script or HTML via the file parameter...
Wordpress Wordpress 0.6.2
Wordpress Wordpress 0.6.2.1
Wordpress Wordpress 0.7
Wordpress Wordpress 0.71
Wordpress Wordpress 1.2.2
Wordpress Wordpress 1.5
Wordpress Wordpress 1.5.1
Wordpress Wordpress 1.5.1.2
Wordpress Wordpress 1.5.1.3
Wordpress Wordpress 1.5.2
Wordpress Wordpress 2.0
Wordpress Wordpress 2.0.1
1 EDB exploit
4.3
CVSSv2
CVE-2009-1030
Cross-site scripting (XSS) vulnerability in the choose_primary_blog function in wp-includes/wpmu-functions.php in WordPress MU (WPMU) prior to 2.7 allows remote malicious users to inject arbitrary web script or HTML via the HTTP Host header.
Wordpress Wordpress Mu
Wordpress Wordpress Mu 1.0
Wordpress Wordpress Mu 1.1
Wordpress Wordpress Mu 1.1.1
Wordpress Wordpress Mu 1.2
Wordpress Wordpress Mu 1.2.1
Wordpress Wordpress Mu 1.2.2
Wordpress Wordpress Mu 1.2.3
Wordpress Wordpress Mu 1.2.4
Wordpress Wordpress Mu 1.2.5a
Wordpress Wordpress Mu 1.3
Wordpress Wordpress Mu 1.3.1
1 EDB exploit
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2025-21317
CVE-2025-23940
buffer overflow
CVE-2025-21335
CVE-2025-23860
CVE-2024-57704
SSTI
wireless
CVE-2019-3309
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »