Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
textpattern vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2015-8032
In Textpattern 4.5.7, an unprivileged author can change an article's markup setting.
Textpattern Textpattern 4.5.7
5
CVSSv2
CVE-2015-8033
In Textpattern 4.5.7, the password-reset feature does not securely tether a hash to a user account.
Textpattern Textpattern 4.5.7
3.5
CVSSv2
CVE-2021-40658
Textpattern 4.8.7 is affected by a HTML injection vulnerability through “Content>Write>Body”.
Textpattern Textpattern 4.8.7
7.5
CVSSv2
CVE-2020-19510
Textpattern 4.7.3 contains an aribtrary file load via the file_insert function in include/txp_file.php.
Textpattern Textpattern 4.7.3
3.5
CVSSv2
CVE-2020-35854
Textpattern 4.8.4 is affected by cross-site scripting (XSS) in the Body parameter.
Textpattern Textpattern 4.8.4
7.5
CVSSv2
CVE-2006-5615
PHP remote file inclusion vulnerability in publish.php in Textpattern 1.19, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the txpcfg[txpath] parameter.
Textpattern Textpattern 1.19
1 EDB exploit
5.1
CVSSv2
CVE-2021-44082
textpattern 4.8.7 is vulnerable to Cross Site Scripting (XSS) via /textpattern/index.php,Body. A remote and unauthenticated attacker can use XSS to trigger remote code execution by uploading a webshell. To do so they must first steal the CSRF token before submitting a file upload...
Textpattern Textpattern 4.8.7
NA
CVE-2023-50038
There is an arbitrary file upload vulnerability in the background of textpattern cms v4.8.8, which leads to the loss of server permissions.
Textpattern Textpattern 4.8.8
3.5
CVSSv2
CVE-2021-28002
A persistent cross-site scripting vulnerability exists in the Excerpt parameter in Textpattern CMS 4.9.0 which allows remote malicious users to execute arbitrary code via a crafted payload entered into the URL field. The vulnerability is triggered by users visiting the 'Arti...
Textpattern Textpattern 4.9.0
6.8
CVSSv2
CVE-2020-29458
Textpattern CMS 4.6.2 allows CSRF via the prefs subsystem.
Textpattern Textpattern 4.6.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »