Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.3.3 vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2015-9500
The Exquisite Ultimate Newspaper theme 1.3.3 for WordPress has XSS via the anchor identifier to assets/js/jquery.foundation.plugins.js.
Exquisite Ultimate Newspaper Project Exquisite Ultimate Newspaper 1.3.3
NA
CVE-2008-1502
The _bad_protocol_once function in phpgwapi/inc/class.kses.inc.php in KSES, as used in eGroupWare prior to 1.4.003, Moodle prior to 1.8.5, and other products, allows remote malicious users to bypass HTML filtering and conduct cross-site scripting (XSS) attacks via a string contai...
Moodle Moodle 1.8.1
Moodle Moodle 1.6.7
Moodle Moodle 1.5.0
Moodle Moodle 1.5.3
Moodle Moodle 1.4.2
Moodle Moodle 1.4.1
Moodle Moodle 1.2.0
Moodle Moodle 1.1.1
Moodle Moodle
Moodle Moodle 1.7.4
Moodle Moodle 1.7.3
Moodle Moodle 1.6.4
Moodle Moodle 1.6.3
Moodle Moodle 1.6.2
Moodle Moodle 1.5
Moodle Moodle 1.4.5
Moodle Moodle 1.3.2
Moodle Moodle 1.3.1
Egroupware Egroupware 1.0.3
Egroupware Egroupware 1.0.1
Moodle Moodle 1.7.6
Moodle Moodle 1.7.5
NA
CVE-2010-1186
Cross-site scripting (XSS) vulnerability in xml/media-rss.php in the NextGEN Gallery plugin prior to 1.5.2 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the mode parameter.
Alex Rabe Nextgen Gallery 0.35
Alex Rabe Nextgen Gallery 0.34
Alex Rabe Nextgen Gallery 1.2.0
Alex Rabe Nextgen Gallery 1.2.1
Alex Rabe Nextgen Gallery 1.3.6
Alex Rabe Nextgen Gallery 1.4.0
Alex Rabe Nextgen Gallery 0.97
Alex Rabe Nextgen Gallery 1.4.3
Alex Rabe Nextgen Gallery 0.61
Alex Rabe Nextgen Gallery 0.41
Alex Rabe Nextgen Gallery 0.74
Alex Rabe Nextgen Gallery 0.62
Alex Rabe Nextgen Gallery 0.92
Alex Rabe Nextgen Gallery 0.94
Alex Rabe Nextgen Gallery 0.95
Alex Rabe Nextgen Gallery 1.5.0
Alex Rabe Nextgen Gallery
Alex Rabe Nextgen Gallery 1.3.0
Alex Rabe Nextgen Gallery 1.3.1
Alex Rabe Nextgen Gallery 1.4.1
Alex Rabe Nextgen Gallery 1.4.2
Alex Rabe Nextgen Gallery 0.99
1 EDB exploit
NA
CVE-2013-3476
Cross-site request forgery (CSRF) vulnerability in the WordPress Related Posts plugin prior to 2.6.2 for WordPress allows remote malicious users to hijack the authentication of users for requests that change settings via unspecified vectors.
Zemanta Related Posts 1.8.1
Zemanta Related Posts 1.3.2
Zemanta Related Posts 1.3.1
Zemanta Related Posts 2.3
Zemanta Related Posts 1.8
Zemanta Related Posts 1.7
Zemanta Related Posts 1.3
Zemanta Related Posts 1.2
Zemanta Related Posts 1.4
Zemanta Related Posts 1.3.3
Zemanta Related Posts 2.5.1
Zemanta Related Posts 2.4.1
Zemanta Related Posts 1.6
Zemanta Related Posts 1.5
Zemanta Related Posts 1.1
Zemanta Related Posts 1.0
Zemanta Related Posts
NA
CVE-2013-5918
Cross-site scripting (XSS) vulnerability in platinum_seo_pack.php in the Platinum SEO plugin prior to 1.3.8 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the s parameter.
Platinum Seo Project Platinum Seo Plugin 1.3.6
Platinum Seo Project Platinum Seo Plugin 1.3.5
Platinum Seo Project Platinum Seo Plugin 1.3.4
Platinum Seo Project Platinum Seo Plugin 1.3.3
Platinum Seo Project Platinum Seo Plugin 1.2
Platinum Seo Project Platinum Seo Plugin 1.1
Platinum Seo Project Platinum Seo Plugin 1.0
Platinum Seo Project Platinum Seo Plugin 1.2.8
Platinum Seo Project Platinum Seo Plugin 1.2.7
Platinum Seo Project Platinum Seo Plugin 1.2.6
Platinum Seo Project Platinum Seo Plugin 1.2.5
Platinum Seo Project Platinum Seo Plugin
Platinum Seo Project Platinum Seo Plugin 1.3.2
Platinum Seo Project Platinum Seo Plugin 1.3
Platinum Seo Project Platinum Seo Plugin 1.2.3
Platinum Seo Project Platinum Seo Plugin 1.2.1
Platinum Seo Project Platinum Seo Plugin 1.3.1
Platinum Seo Project Platinum Seo Plugin 1.2.9
Platinum Seo Project Platinum Seo Plugin 1.2.4
Platinum Seo Project Platinum Seo Plugin 1.2.2
NA
CVE-2014-6445
Multiple cross-site scripting (XSS) vulnerabilities in includes/toAdmin.php in Contact Form 7 Integrations plugin 1.0 up to and including 1.3.10 for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) uE or (2) uC parameter.
Contactus Contact Form 7 Integrations 1.3.9
Contactus Contact Form 7 Integrations 1.3.10
Contactus Contact Form 7 Integrations 1.3.6
Contactus Contact Form 7 Integrations 1.3.8
Contactus Contact Form 7 Integrations 1.3
Contactus Contact Form 7 Integrations 1.3.1
Contactus Contact Form 7 Integrations 1.3.2
Contactus Contact Form 7 Integrations 1.3.3
Contactus Contact Form 7 Integrations 1.3.4
Contactus Contact Form 7 Integrations 1.3.5
Contactus Contact Form 7 Integrations 1.3.7
NA
CVE-2013-3257
Cross-site request forgery (CSRF) vulnerability in the Related Posts plugin prior to 2.7.2 for WordPress allows remote malicious users to hijack the authentication of users for requests that modify settings via unspecified vectors.
Zemanta Related Posts 1.7
Zemanta Related Posts 1.6
Zemanta Related Posts 1.1
Zemanta Related Posts 1.0
Zemanta Related Posts 1.5
Zemanta Related Posts 1.4
Zemanta Related Posts
Zemanta Related Posts 2.7
Zemanta Related Posts 1.8.1
Zemanta Related Posts 1.8
Zemanta Related Posts 1.3.1
Zemanta Related Posts 1.3
Zemanta Related Posts 1.2
Zemanta Related Posts 2.4.1
Zemanta Related Posts 2.3
Zemanta Related Posts 1.3.3
Zemanta Related Posts 1.3.2
Zemanta Related Posts 2.6
Zemanta Related Posts 2.5.1
NA
CVE-2024-29763
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter (MDTF) allows Reflected XSS.This issue affects WordPress Meta Data and Taxonomies Filter (MDTF): from n/a up to and...
4.8
CVSSv3
CVE-2023-49841
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FancyThemes Optin Forms – Simple List Building Plugin for WordPress allows Stored XSS.This issue affects Optin Forms – Simple List Building Plugin for WordP...
Fancythemes Optin Forms
7.5
CVSSv3
CVE-2022-2544
The Ninja Job Board WordPress plugin prior to 1.3.3 does not protect the directory where it stores uploaded resumes, making it vulnerable to unauthenticated Directory Listing which allows the download of uploaded resumes.
Wpmanageninja Ninja Job Board
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886
insecure direct object reference
CVE-2024-34342
file inclusion
CVE-2024-34562
CVE-2024-34347
CVE-2024-26026
CVE-2024-4647
unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »