Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 2.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-0733
Cross-site scripting (XSS) vulnerability in WordPress 2.0.0 allows remote malicious users to inject arbitrary web script or HTML via scriptable attributes such as (1) onfocus and (2) onblur in the "author's website" field. NOTE: followup comments to the researcher&...
Wordpress Wordpress 2.0
1 EDB exploit
NA
CVE-2007-1622
Cross-site scripting (XSS) vulnerability in wp-admin/vars.php in WordPress prior to 2.0.10 RC2, and prior to 2.1.3 RC2 in the 2.1 series, allows remote authenticated users with theme privileges to inject arbitrary web script or HTML via the PATH_INFO in the administration interfa...
Wordpress Wordpress 2.0
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.1
Wordpress Wordpress 2.0.10 Rc1
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.0.4
Wordpress Wordpress 2.0.7
Wordpress Wordpress 2.1.2
Wordpress Wordpress 2.0.5
Wordpress Wordpress 2.0.3
Wordpress Wordpress 2.1.3 Rc1
Wordpress Wordpress 2.0.10
1 EDB exploit
NA
CVE-2006-1263
Multiple "unannounced" cross-site scripting (XSS) vulnerabilities in WordPress prior to 2.0.2 allow remote malicious users to inject arbitrary web script or HTML via unknown attack vectors.
Wordpress Wordpress 1.2.1
Wordpress Wordpress 1.5
Wordpress Wordpress 2.0
Wordpress Wordpress 0.6.2.1
Wordpress Wordpress 0.6.2
Wordpress Wordpress 0.7
Wordpress Wordpress 0.71
Wordpress Wordpress 1.5.1
Wordpress Wordpress 1.5.1.2
Wordpress Wordpress 1.5.1.3
Wordpress Wordpress 1.5.2
Wordpress Wordpress 1.2
Wordpress Wordpress 1.2.2
Wordpress Wordpress 2.0.1
NA
CVE-2006-1796
Cross-site scripting (XSS) vulnerability in the paging links functionality in template-functions-links.php in Wordpress 1.5.2, and possibly other versions prior to 2.0.1, allows remote malicious users to inject arbitrary web script or HTML to Internet Explorer users via the reque...
Wordpress Wordpress 1.0.1
Wordpress Wordpress 1.2
Wordpress Wordpress 1.5.1.2
Wordpress Wordpress 1.5.2
Wordpress Wordpress
Wordpress Wordpress 0.6.2.1
Wordpress Wordpress 0.6.2
Wordpress Wordpress 0.7
Wordpress Wordpress 0.71
Wordpress Wordpress 1.2.1
Wordpress Wordpress 1.2.2
Wordpress Wordpress 1.5
Wordpress Wordpress 1.5.1
Wordpress Wordpress 1.0
Wordpress Wordpress 1.0.2
Wordpress Wordpress 1.5.1.3
Wordpress Wordpress 2.0
NA
CVE-2007-1049
Cross-site scripting (XSS) vulnerability in the wp_explain_nonce function in the nonce AYS functionality (wp-includes/functions.php) for WordPress 2.0 prior to 2.0.9 and 2.1 prior to 2.1.1 allows remote malicious users to inject arbitrary web script or HTML via the file parameter...
Wordpress Wordpress 1.5
Wordpress Wordpress 1.5.1
Wordpress Wordpress 2.0.3
Wordpress Wordpress 2.0.4
Wordpress Wordpress 2.0.5
Wordpress Wordpress 0.6.2
Wordpress Wordpress 0.7
Wordpress Wordpress 1.5.2
Wordpress Wordpress 2.0
Wordpress Wordpress 0.6.2.1
Wordpress Wordpress 1.5.1.2
Wordpress Wordpress 1.5.1.3
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.7
Wordpress Wordpress 0.71
Wordpress Wordpress 1.2.2
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.0.2
Wordpress Wordpress 1.2
Wordpress Wordpress 1.2.1
1 EDB exploit
NA
CVE-2006-6808
Cross-site scripting (XSS) vulnerability in wp-admin/templates.php in WordPress 2.0.5 allows remote malicious users to inject arbitrary web script or HTML via the file parameter. NOTE: some sources have reported this as a vulnerability in the get_file_description function in wp-a...
Wordpress Wordpress 0.71
Wordpress Wordpress 1.2
Wordpress Wordpress 1.5.2
Wordpress Wordpress 0.6.2.1
Wordpress Wordpress 1.5
Wordpress Wordpress 1.5.1
Wordpress Wordpress 2.0.4
Wordpress Wordpress
Wordpress Wordpress 0.6.2
Wordpress Wordpress 0.7
Wordpress Wordpress 1.5.1.2
Wordpress Wordpress 1.5.1.3
Wordpress Wordpress 2.0
Wordpress Wordpress 1.2.1
Wordpress Wordpress 1.2.2
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.0.3
1 EDB exploit
NA
CVE-2007-0233
wp-trackback.php in WordPress 2.0.6 and previous versions does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote malicious users to execute arbitrary SQL commands vi...
Wordpress Wordpress 0.6.2
Wordpress Wordpress 0.7
Wordpress Wordpress 1.5.1.3
Wordpress Wordpress 1.5.2
Wordpress Wordpress 2.0.6
Wordpress Wordpress 0.6.2.1
Wordpress Wordpress 1.5.1
Wordpress Wordpress 1.5.1.2
Wordpress Wordpress 2.0.4
Wordpress Wordpress 2.0.5
Wordpress Wordpress 0.71
Wordpress Wordpress 1.2
Wordpress Wordpress 1.2.1
Wordpress Wordpress 2.0
Wordpress Wordpress 2.0.1
Wordpress Wordpress 1.2.2
Wordpress Wordpress 1.5
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.0.3
1 EDB exploit
NA
CVE-2007-6318
SQL injection vulnerability in wp-includes/query.php in WordPress 2.3.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the s parameter, when DB_CHARSET is set to (1) Big5, (2) GBK, or possibly other character set encodings that support a...
Wordpress Wordpress 2.0.10
Wordpress Wordpress 2.0.10 Rc1
Wordpress Wordpress 2.0.7
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.2.3
Wordpress Wordpress 2.2 Revision5002
Wordpress Wordpress 2.0
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.0.5
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.2.1
Wordpress Wordpress 2.2.2
Wordpress Wordpress 2.0.3
Wordpress Wordpress 2.0.4
Wordpress Wordpress 2.1.3 Rc1
Wordpress Wordpress 2.1.3 Rc2
Wordpress Wordpress 2.2
Wordpress Wordpress 2.3.1
Wordpress Wordpress 2.0.10 Rc2
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.1.2
Wordpress Wordpress 2.1.3
1 EDB exploit
NA
CVE-2007-4893
wp-admin/admin-functions.php in Wordpress prior to 2.2.3 and Wordpress multi-user (MU) prior to 1.2.5a does not properly verify the unfiltered_html privilege, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via modified data to (1) post.php or (2...
Wordpress Wordpress 1.2.1
Wordpress Wordpress 1.2.2
Wordpress Wordpress 2.0.10 Rc2
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.1.2
Wordpress Wordpress 2.1.3
Wordpress Wordpress 2.2 Revision5003
Wordpress Wordpress 0.6.2.1
Wordpress Wordpress 0.7
Wordpress Wordpress 1.5.1.3
Wordpress Wordpress 2.0
Wordpress Wordpress 2.0.5
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.2
Wordpress Wordpress 2.2.1
Wordpress Wordpress 0.6.2
Wordpress Wordpress 0.71
Wordpress Wordpress 1.2
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.0.10 Rc1
Wordpress Wordpress 2.0.7
Wordpress Wordpress 2.1.1
NA
CVE-2007-4894
Multiple SQL injection vulnerabilities in Wordpress prior to 2.2.3 and Wordpress multi-user (MU) prior to 1.2.5a allow remote malicious users to execute arbitrary SQL commands via the post_type parameter to the pingback.extensions.getPingbacks method in the XMLRPC interface, and ...
Wordpress Wordpress 0.6.2
Wordpress Wordpress 1.5
Wordpress Wordpress 1.5.1
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.0.3
Wordpress Wordpress 2.1.3 Rc1
Wordpress Wordpress 2.1.3 Rc2
Wordpress Wordpress 1.2.1
Wordpress Wordpress 1.2.2
Wordpress Wordpress 2.0.10 Rc1
Wordpress Wordpress 2.0.10 Rc2
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.1.2
Wordpress Wordpress 2.1.3
Wordpress Wordpress 2.2 Revision5003
Wordpress Wordpress 0.71
Wordpress Wordpress 1.2
Wordpress Wordpress 2.0
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.7
Wordpress Wordpress 2.2.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-25525
CVE-2024-4652
CVE-2024-1438
CVE-2024-4671
CVE-2024-34351
arbitrary
CVE-2024-4650
SQL injection
overflow
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »