Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.1.1 vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2017-15811
The Pootle Button plugin prior to 1.2.0 for WordPress has XSS via the assets_url parameter in assets/dialog.php, exploitable via wp-admin/admin-ajax.php.
Pootlepress Pootle Button 1.0.0
Pootlepress Pootle Button 1.1.0
Pootlepress Pootle Button 1.1.1
4.3
CVSSv2
CVE-2011-3852
Cross-site scripting (XSS) vulnerability in the EvoLve theme prior to 1.2.6 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the s parameter.
Theme4press Evolve
Theme4press Evolve 1.0
Theme4press Evolve 1.0.0
Theme4press Evolve 1.0.1
Theme4press Evolve 1.0.2
Theme4press Evolve 1.0.3
Theme4press Evolve 1.0.4
Theme4press Evolve 1.0.5
Theme4press Evolve 1.0.6
Theme4press Evolve 1.0.7
Theme4press Evolve 1.0.8
Theme4press Evolve 1.0.9
1 EDB exploit
5
CVSSv2
CVE-2018-20782
The GloBee plugin prior to 1.1.2 for WooCommerce mishandles IPN messages.
Globee Woocommerce
1 EDB exploit
4
CVSSv2
CVE-2021-24966
The Error Log Viewer WordPress plugin up to and including 1.1.1 does not validate the path of the log file to clear, allowing high privilege users to clear arbitrary files on the web server, including those outside of the blog folder
Bestwebsoft Error Log Viewer
2.6
CVSSv2
CVE-2013-4954
Multiple cross-site scripting (XSS) vulnerabilities in wp-login.php in the Genetech Solutions Pie-Register plugin prior to 1.31 for WordPress, when "Allow New Registrations to set their own Password" is enabled, allow remote malicious users to inject arbitrary web scrip...
Genetechsolutions Pie-register
Genetechsolutions Pie-register 1.0.1
Genetechsolutions Pie-register 1.1.1
Genetechsolutions Pie-register 1.1.2
Genetechsolutions Pie-register 1.1.3
Genetechsolutions Pie-register 1.1.5
Genetechsolutions Pie-register 1.1.6
Genetechsolutions Pie-register 1.1.7
Genetechsolutions Pie-register 1.1.8
Genetechsolutions Pie-register 1.1.9
Genetechsolutions Pie-register 1.2.0
Genetechsolutions Pie-register 1.2.1
1 EDB exploit
7.5
CVSSv2
CVE-2012-1010
Unrestricted file upload vulnerability in actions.php in the AllWebMenus plugin prior to 1.1.8 for WordPress allows remote malicious users to execute arbitrary PHP code by uploading a ZIP file containing a PHP file, then accessing it via a direct request to the file in an unspeci...
Likno Allwebmenus Plugin
Likno Allwebmenus Plugin 1.0.1
Likno Allwebmenus Plugin 1.0.3
Likno Allwebmenus Plugin 1.0.4
Likno Allwebmenus Plugin 1.0.9
Likno Allwebmenus Plugin 1.0.10
Likno Allwebmenus Plugin 1.0.11
Likno Allwebmenus Plugin 1.0.12
Likno Allwebmenus Plugin 1.0.17
Likno Allwebmenus Plugin 1.0.18
Likno Allwebmenus Plugin 1.0.19
Likno Allwebmenus Plugin 1.0.20
1 EDB exploit
6.8
CVSSv2
CVE-2013-5977
Cross-site request forgery (CSRF) vulnerability in Cart66Product.php in the Cart66 Lite plugin prior to 1.5.1.15 for WordPress allows remote malicious users to hijack the authentication of administrators for requests that (1) create or modify products or conduct cross-site script...
Cart66 Cart66 Lite Plugin
Cart66 Cart66 Lite Plugin 1.0.7
Cart66 Cart66 Lite Plugin 1.0.8
Cart66 Cart66 Lite Plugin 1.1
Cart66 Cart66 Lite Plugin 1.1.1
Cart66 Cart66 Lite Plugin 1.1.2
Cart66 Cart66 Lite Plugin 1.1.3
Cart66 Cart66 Lite Plugin 1.1.4
Cart66 Cart66 Lite Plugin 1.1.5
Cart66 Cart66 Lite Plugin 1.1.6
Cart66 Cart66 Lite Plugin 1.3.0
Cart66 Cart66 Lite Plugin 1.4.0
1 EDB exploit
4.3
CVSSv2
CVE-2013-3526
Cross-site scripting (XSS) vulnerability in js/ta_loaded.js.php in the Traffic Analyzer plugin, possibly 3.3.2 and previous versions, for WordPress allows remote malicious users to inject arbitrary web script or HTML via the aoid parameter.
Wptrafficanalyzer Trafficanalyzer 1.0.0
Wptrafficanalyzer Trafficanalyzer 1.1.0
Wptrafficanalyzer Trafficanalyzer 1.1.1
Wptrafficanalyzer Trafficanalyzer 1.1.2
Wptrafficanalyzer Trafficanalyzer 1.1.3
Wptrafficanalyzer Trafficanalyzer 1.2.0
Wptrafficanalyzer Trafficanalyzer 1.3.0
Wptrafficanalyzer Trafficanalyzer 1.4.0
Wptrafficanalyzer Trafficanalyzer 1.5.0
Wptrafficanalyzer Trafficanalyzer 1.6.0
Wptrafficanalyzer Trafficanalyzer 1.6.1
Wptrafficanalyzer Trafficanalyzer 1.7.0
1 EDB exploit
6.8
CVSSv2
CVE-2014-3882
Cross-site request forgery (CSRF) vulnerability in the Login rebuilder plugin prior to 1.2.0 for WordPress allows remote malicious users to hijack the authentication of arbitrary users.
12net Login Rebuilder
12net Login Rebuilder 1.0.0
12net Login Rebuilder 1.0.1
12net Login Rebuilder 1.0.2
12net Login Rebuilder 1.0.3
12net Login Rebuilder 1.1.0
12net Login Rebuilder 1.1.1
12net Login Rebuilder 1.1.2
4.3
CVSSv2
CVE-2008-1502
The _bad_protocol_once function in phpgwapi/inc/class.kses.inc.php in KSES, as used in eGroupWare prior to 1.4.003, Moodle prior to 1.8.5, and other products, allows remote malicious users to bypass HTML filtering and conduct cross-site scripting (XSS) attacks via a string contai...
Egroupware Egroupware
Egroupware Egroupware 1.0
Egroupware Egroupware 1.0.1
Egroupware Egroupware 1.0.3
Egroupware Egroupware 1.0.6
Egroupware Egroupware 1.2.106-2
Egroupware Egroupware 1.4.001
Moodle Moodle
Moodle Moodle 1.1.1
Moodle Moodle 1.2.0
Moodle Moodle 1.2.1
Moodle Moodle 1.3.0
Preferred Score:
CVSSv2
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
desktop browser
urbancode velocity
CVE-2024-57932
CVE-2025-21655
CVE-2024-12084
CVE-2023-34960
unauthorized
CSRF
CVE-2024-57913
privilege
CVE-2025-21649
itsourcecode
cp-xr-de21-s router
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »