Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

wordpress wordpress 1.2.2 vulnerabilities and exploits

(subscribe to this query)
0.007
EPSS

CVE-2008-4671

Cross-site scripting (XSS) vulnerability in wp-admin/wp-blogs.php in Wordpress MU (WPMU) prior to 2.6 allows remote malicious users to inject arbitrary web script or HTML via the (1) s and (2) ip_address parameters.
Wordpress Wordpress MuWordpress Wordpress Mu 1.0Wordpress Wordpress Mu 1.2.2Wordpress Wordpress Mu 1.2.3Wordpress Wordpress Mu 1.3Wordpress Wordpress Mu 1.3.1
0.001
EPSS

CVE-2008-1059

PHP remote file inclusion vulnerability in modules/syntax_highlight.php in the Sniplets 1.1.2 and 1.2.2 plugin for WordPress allows remote malicious users to execute arbitrary PHP code via a URL in the libpath parameter.
Wordpress Sniplets Plugin 1.1.2Wordpress Sniplets Plugin 1.2.2
0.177
EPSS

CVE-2008-1060

Eval injection vulnerability in modules/execute.php in the Sniplets 1.1.2 and 1.2.2 plugin for WordPress allows remote malicious users to execute arbitrary PHP code via the text parameter.
Wordpress Sniplets Plugin 1.1.2Wordpress Sniplets Plugin 1.2.2
0.000
EPSS

CVE-2008-1061

Multiple cross-site scripting (XSS) vulnerabilities in the Sniplets 1.1.2 and 1.2.2 plugin for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) text parameter to (a) warning.php, (b) notice.php, and (c) inset.php in view/sniplets/, and pos...
Wordpress Sniplets Plugin 1.1.2Wordpress Sniplets Plugin 1.2.2
0.003
EPSS

CVE-2006-1263

Multiple "unannounced" cross-site scripting (XSS) vulnerabilities in WordPress prior to 2.0.2 allow remote malicious users to inject arbitrary web script or HTML via unknown attack vectors.
Wordpress Wordpress 0.6.2Wordpress Wordpress 0.6.2.1Wordpress Wordpress 0.7Wordpress Wordpress 0.71Wordpress Wordpress 1.2Wordpress Wordpress 1.2.1Wordpress Wordpress 1.2.2Wordpress Wordpress 1.5Wordpress Wordpress 1.5.1Wordpress Wordpress 1.5.1.2Wordpress Wordpress 1.5.1.3Wordpress Wordpress 1.5.2
0.004
EPSS

CVE-2006-1796

Cross-site scripting (XSS) vulnerability in the paging links functionality in template-functions-links.php in Wordpress 1.5.2, and possibly other versions prior to 2.0.1, allows remote malicious users to inject arbitrary web script or HTML to Internet Explorer users via the reque...
Wordpress WordpressWordpress Wordpress 0.6.2Wordpress Wordpress 0.6.2.1Wordpress Wordpress 0.7Wordpress Wordpress 0.71Wordpress Wordpress 1.0Wordpress Wordpress 1.0.1Wordpress Wordpress 1.0.2Wordpress Wordpress 1.2Wordpress Wordpress 1.2.1Wordpress Wordpress 1.2.2Wordpress Wordpress 1.5
0.033
EPSS

CVE-2006-6808

Cross-site scripting (XSS) vulnerability in wp-admin/templates.php in WordPress 2.0.5 allows remote malicious users to inject arbitrary web script or HTML via the file parameter. NOTE: some sources have reported this as a vulnerability in the get_file_description function in wp-a...
Wordpress WordpressWordpress Wordpress 0.6.2Wordpress Wordpress 0.6.2.1Wordpress Wordpress 0.7Wordpress Wordpress 0.71Wordpress Wordpress 1.2Wordpress Wordpress 1.2.1Wordpress Wordpress 1.2.2Wordpress Wordpress 1.5Wordpress Wordpress 1.5.1Wordpress Wordpress 1.5.1.2Wordpress Wordpress 1.5.1.3
0.099
EPSS

CVE-2007-0233

wp-trackback.php in WordPress 2.0.6 and previous versions does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote malicious users to execute arbitrary SQL commands vi...
Wordpress Wordpress 0.6.2Wordpress Wordpress 0.6.2.1Wordpress Wordpress 0.7Wordpress Wordpress 0.71Wordpress Wordpress 1.2Wordpress Wordpress 1.2.1Wordpress Wordpress 1.2.2Wordpress Wordpress 1.5Wordpress Wordpress 1.5.1Wordpress Wordpress 1.5.1.2Wordpress Wordpress 1.5.1.3Wordpress Wordpress 1.5.2
0.056
EPSS

CVE-2007-1049

Cross-site scripting (XSS) vulnerability in the wp_explain_nonce function in the nonce AYS functionality (wp-includes/functions.php) for WordPress 2.0 prior to 2.0.9 and 2.1 prior to 2.1.1 allows remote malicious users to inject arbitrary web script or HTML via the file parameter...
Wordpress Wordpress 0.6.2Wordpress Wordpress 0.6.2.1Wordpress Wordpress 0.7Wordpress Wordpress 0.71Wordpress Wordpress 1.2.2Wordpress Wordpress 1.5Wordpress Wordpress 1.5.1Wordpress Wordpress 1.5.1.2Wordpress Wordpress 1.5.1.3Wordpress Wordpress 1.5.2Wordpress Wordpress 2.0Wordpress Wordpress 2.0.1
0.010
EPSS

CVE-2009-1030

Cross-site scripting (XSS) vulnerability in the choose_primary_blog function in wp-includes/wpmu-functions.php in WordPress MU (WPMU) prior to 2.7 allows remote malicious users to inject arbitrary web script or HTML via the HTTP Host header.
Wordpress Wordpress MuWordpress Wordpress Mu 1.0Wordpress Wordpress Mu 1.1Wordpress Wordpress Mu 1.1.1Wordpress Wordpress Mu 1.2Wordpress Wordpress Mu 1.2.1Wordpress Wordpress Mu 1.2.2Wordpress Wordpress Mu 1.2.3Wordpress Wordpress Mu 1.2.4Wordpress Wordpress Mu 1.2.5aWordpress Wordpress Mu 1.3Wordpress Wordpress Mu 1.3.1
Preferred Score:
EPSS
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
physicalpicture galleryCVE-2025-30352administrator privilegesgdpr toolsCVE-2025-26007CVE-2025-24514CVE-2025-26581CVE-2025-1098wp multistore locatorCVE-2025-26986nous ouvert utile et simplecommand injection
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook