Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 2.0.6 vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv2
CVE-2007-0262
WordPress 2.0.6, and 2.1Alpha 3 (SVN:4662), does not properly verify that the m parameter value has the string data type, which allows remote malicious users to obtain sensitive information via an invalid m[] parameter, as demonstrated by obtaining the path, and obtaining certain...
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.1
5
CVSSv2
CVE-2007-1409
WordPress allows remote malicious users to obtain sensitive information via a direct request for wp-admin/admin-functions.php, which reveals the path in an error message.
Wordpress Wordpress 2.0
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.0.3
Wordpress Wordpress 2.0.4
Wordpress Wordpress 2.0.5
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.7
Wordpress Wordpress 2.1
Wordpress Wordpress 2.1.1
6.8
CVSSv2
CVE-2013-7233
Cross-site request forgery (CSRF) vulnerability in the retrospam component in wp-admin/options-discussion.php in WordPress 2.0.11 and previous versions allows remote malicious users to hijack the authentication of administrators for requests that move comments to the moderation l...
Wordpress Wordpress
Wordpress Wordpress 2.0
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.0.4
Wordpress Wordpress 2.0.5
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.7
Wordpress Wordpress 2.0.8
Wordpress Wordpress 2.0.9
Wordpress Wordpress 2.0.10
1 EDB exploit
4.3
CVSSv2
CVE-2007-1894
Cross-site scripting (XSS) vulnerability in wp-includes/general-template.php in WordPress prior to 20070309 allows remote malicious users to inject arbitrary web script or HTML via the year parameter in the wp_title function.
Wordpress Wordpress 2.0
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.0.3
Wordpress Wordpress 2.0.4
Wordpress Wordpress 2.0.5
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.7
Wordpress Wordpress 2.1
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.1.2
Wordpress Wordpress 2.2 Revision5002
4.3
CVSSv2
CVE-2007-1622
Cross-site scripting (XSS) vulnerability in wp-admin/vars.php in WordPress prior to 2.0.10 RC2, and prior to 2.1.3 RC2 in the 2.1 series, allows remote authenticated users with theme privileges to inject arbitrary web script or HTML via the PATH_INFO in the administration interfa...
Wordpress Wordpress 2.0
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.0.3
Wordpress Wordpress 2.0.4
Wordpress Wordpress 2.0.5
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.7
Wordpress Wordpress 2.0.10
Wordpress Wordpress 2.0.10 Rc1
Wordpress Wordpress 2.1
Wordpress Wordpress 2.1.1
1 EDB exploit
7.5
CVSSv2
CVE-2007-0233
wp-trackback.php in WordPress 2.0.6 and previous versions does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote malicious users to execute arbitrary SQL commands vi...
Wordpress Wordpress 0.6.2
Wordpress Wordpress 0.6.2.1
Wordpress Wordpress 0.7
Wordpress Wordpress 0.71
Wordpress Wordpress 1.2
Wordpress Wordpress 1.2.1
Wordpress Wordpress 1.2.2
Wordpress Wordpress 1.5
Wordpress Wordpress 1.5.1
Wordpress Wordpress 1.5.1.2
Wordpress Wordpress 1.5.1.3
Wordpress Wordpress 1.5.2
1 EDB exploit
7.5
CVSSv2
CVE-2008-2034
SQL injection vulnerability in wp-download_monitor/download.php in the Download Monitor 2.0.6 plugin for WordPress allows remote malicious users to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained s...
Wordpress Download Monitor Plugin 2.0.6
4.3
CVSSv2
CVE-2007-1049
Cross-site scripting (XSS) vulnerability in the wp_explain_nonce function in the nonce AYS functionality (wp-includes/functions.php) for WordPress 2.0 prior to 2.0.9 and 2.1 prior to 2.1.1 allows remote malicious users to inject arbitrary web script or HTML via the file parameter...
Wordpress Wordpress 0.6.2
Wordpress Wordpress 0.6.2.1
Wordpress Wordpress 0.7
Wordpress Wordpress 0.71
Wordpress Wordpress 1.2.2
Wordpress Wordpress 1.5
Wordpress Wordpress 1.5.1
Wordpress Wordpress 1.5.1.2
Wordpress Wordpress 1.5.1.3
Wordpress Wordpress 1.5.2
Wordpress Wordpress 2.0
Wordpress Wordpress 2.0.1
1 EDB exploit
6.8
CVSSv2
CVE-2007-0106
Cross-site scripting (XSS) vulnerability in the CSRF protection scheme in WordPress prior to 2.0.6 allows remote malicious users to inject arbitrary web script or HTML via a CSRF attack with an invalid token and quote characters or HTML tags in URL variable names, which are not p...
Wordpress Wordpress 2.0
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.0.3
Wordpress Wordpress 2.0.4
Wordpress Wordpress 2.0.5
6.8
CVSSv2
CVE-2007-6318
SQL injection vulnerability in wp-includes/query.php in WordPress 2.3.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the s parameter, when DB_CHARSET is set to (1) Big5, (2) GBK, or possibly other character set encodings that support a...
Wordpress Wordpress 2.0
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.0.3
Wordpress Wordpress 2.0.4
Wordpress Wordpress 2.0.5
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.7
Wordpress Wordpress 2.0.10
Wordpress Wordpress 2.0.10 Rc1
Wordpress Wordpress 2.0.10 Rc2
Wordpress Wordpress 2.1.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-54130
firmware
CVE-2024-42327
CVE-2024-42448
CVE-2024-54126
CVE-2024-53846
CVE-2024-38920
XPath injection
HTML injection
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »