Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.3.2 vulnerabilities and exploits
(subscribe to this query)
655
VMScore
CVE-2014-4944
Multiple SQL injection vulnerabilities in inc/bsk-pdf-dashboard.php in the BSK PDF Manager plugin 1.3.2 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) categoryid or (2) pdfid parameter to wp-admin/admin.php.
Bannersky Bsk Pdf Manager 1.3.2
1 EDB exploit
755
VMScore
CVE-2013-7187
SQL injection vulnerability in form.php in the FormCraft plugin 1.3.7 and previous versions for WordPress allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Ncrafts Formcraft 1.3.1
Ncrafts Formcraft 1.3
Ncrafts Formcraft
Ncrafts Formcraft 1.3.6
Ncrafts Formcraft 1.2.1
Ncrafts Formcraft 1.2
Ncrafts Formcraft 1.3.3
Ncrafts Formcraft 1.3.2
Ncrafts Formcraft 1.3.5
Ncrafts Formcraft 1.3.4
Ncrafts Formcraft 1.1
1 EDB exploit
578
VMScore
CVE-2015-9474
The Simpolio theme 1.3.2 for WordPress has insufficient restrictions on option updates.
Simpolio Project Simpolio 1.3.2
445
VMScore
CVE-2019-14936
Easy!Appointments 1.3.2 plugin for WordPress allows Sensitive Information Disclosure (Username and Password Hash).
Easyappointments Easy\\!appointments 1.3.2
383
VMScore
CVE-2021-24563
The Frontend Uploader WordPress plugin up to and including 1.3.2 does not prevent HTML files from being uploaded via its form, allowing unauthenticated user to upload a malicious HTML file containing JavaScript for example, which will be triggered when someone access the file dir...
Frontend Uploader Project Frontend Uploader
1 Github repository
668
VMScore
CVE-2017-1002023
Vulnerability in wordpress plugin Easy Team Manager v1.3.2, The code does not sanitize id before making it part of an SQL statement in file ./easy-team-manager/inc/easy_team_manager_desc_edit.php
Daisythemes Easy Team Manager 1.3.2
383
VMScore
CVE-2008-1502
The _bad_protocol_once function in phpgwapi/inc/class.kses.inc.php in KSES, as used in eGroupWare prior to 1.4.003, Moodle prior to 1.8.5, and other products, allows remote malicious users to bypass HTML filtering and conduct cross-site scripting (XSS) attacks via a string contai...
Moodle Moodle 1.8.1
Moodle Moodle 1.6.7
Moodle Moodle 1.5.0
Moodle Moodle 1.5.3
Moodle Moodle 1.4.2
Moodle Moodle 1.4.1
Moodle Moodle 1.2.0
Moodle Moodle 1.1.1
Moodle Moodle
Moodle Moodle 1.7.4
Moodle Moodle 1.7.3
Moodle Moodle 1.6.4
Moodle Moodle 1.6.3
Moodle Moodle 1.6.2
Moodle Moodle 1.5
Moodle Moodle 1.4.5
Moodle Moodle 1.3.2
Moodle Moodle 1.3.1
Egroupware Egroupware 1.0.3
Egroupware Egroupware 1.0.1
Moodle Moodle 1.7.6
Moodle Moodle 1.7.5
435
VMScore
CVE-2010-1186
Cross-site scripting (XSS) vulnerability in xml/media-rss.php in the NextGEN Gallery plugin prior to 1.5.2 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the mode parameter.
Alex Rabe Nextgen Gallery 0.35
Alex Rabe Nextgen Gallery 0.34
Alex Rabe Nextgen Gallery 1.2.0
Alex Rabe Nextgen Gallery 1.2.1
Alex Rabe Nextgen Gallery 1.3.6
Alex Rabe Nextgen Gallery 1.4.0
Alex Rabe Nextgen Gallery 0.97
Alex Rabe Nextgen Gallery 1.4.3
Alex Rabe Nextgen Gallery 0.61
Alex Rabe Nextgen Gallery 0.41
Alex Rabe Nextgen Gallery 0.74
Alex Rabe Nextgen Gallery 0.62
Alex Rabe Nextgen Gallery 0.92
Alex Rabe Nextgen Gallery 0.94
Alex Rabe Nextgen Gallery 0.95
Alex Rabe Nextgen Gallery 1.5.0
Alex Rabe Nextgen Gallery
Alex Rabe Nextgen Gallery 1.3.0
Alex Rabe Nextgen Gallery 1.3.1
Alex Rabe Nextgen Gallery 1.4.1
Alex Rabe Nextgen Gallery 1.4.2
Alex Rabe Nextgen Gallery 0.99
1 EDB exploit
605
VMScore
CVE-2013-3476
Cross-site request forgery (CSRF) vulnerability in the WordPress Related Posts plugin prior to 2.6.2 for WordPress allows remote malicious users to hijack the authentication of users for requests that change settings via unspecified vectors.
Zemanta Related Posts 1.8.1
Zemanta Related Posts 1.3.2
Zemanta Related Posts 1.3.1
Zemanta Related Posts 2.3
Zemanta Related Posts 1.8
Zemanta Related Posts 1.7
Zemanta Related Posts 1.3
Zemanta Related Posts 1.2
Zemanta Related Posts 1.4
Zemanta Related Posts 1.3.3
Zemanta Related Posts 2.5.1
Zemanta Related Posts 2.4.1
Zemanta Related Posts 1.6
Zemanta Related Posts 1.5
Zemanta Related Posts 1.1
Zemanta Related Posts 1.0
Zemanta Related Posts
383
VMScore
CVE-2013-5918
Cross-site scripting (XSS) vulnerability in platinum_seo_pack.php in the Platinum SEO plugin prior to 1.3.8 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the s parameter.
Platinum Seo Project Platinum Seo Plugin 1.3.6
Platinum Seo Project Platinum Seo Plugin 1.3.5
Platinum Seo Project Platinum Seo Plugin 1.3.4
Platinum Seo Project Platinum Seo Plugin 1.3.3
Platinum Seo Project Platinum Seo Plugin 1.2
Platinum Seo Project Platinum Seo Plugin 1.1
Platinum Seo Project Platinum Seo Plugin 1.0
Platinum Seo Project Platinum Seo Plugin 1.2.8
Platinum Seo Project Platinum Seo Plugin 1.2.7
Platinum Seo Project Platinum Seo Plugin 1.2.6
Platinum Seo Project Platinum Seo Plugin 1.2.5
Platinum Seo Project Platinum Seo Plugin
Platinum Seo Project Platinum Seo Plugin 1.3.2
Platinum Seo Project Platinum Seo Plugin 1.3
Platinum Seo Project Platinum Seo Plugin 1.2.3
Platinum Seo Project Platinum Seo Plugin 1.2.1
Platinum Seo Project Platinum Seo Plugin 1.3.1
Platinum Seo Project Platinum Seo Plugin 1.2.9
Platinum Seo Project Platinum Seo Plugin 1.2.4
Platinum Seo Project Platinum Seo Plugin 1.2.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-25525
CVE-2024-4652
CVE-2024-1438
CVE-2024-4671
CVE-2024-34351
arbitrary
CVE-2024-4650
SQL injection
overflow
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »