Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 3.1 vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2014-5324
Unrestricted file upload vulnerability in the N-Media file uploader plugin prior to 3.4 for WordPress allows remote authenticated users to execute arbitrary PHP code by leveraging Author privileges to store a file.
Najeebmedia N-media File Uploader 3.0
Najeebmedia N-media File Uploader 3.1
Najeebmedia N-media File Uploader
Najeebmedia N-media File Uploader 3.2
685
VMScore
CVE-2014-4717
Multiple cross-site request forgery (CSRF) vulnerabilities in the Simple Share Buttons Adder plugin prior to 4.5 for WordPress allow remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) ssba...
Sharethis Simple Share Buttons Adder 2.2
Sharethis Simple Share Buttons Adder 2.0
Sharethis Simple Share Buttons Adder 1.0
Sharethis Simple Share Buttons Adder 3.2
Sharethis Simple Share Buttons Adder 3.9
Sharethis Simple Share Buttons Adder 3.8
Sharethis Simple Share Buttons Adder 1.5
Sharethis Simple Share Buttons Adder 2.3
Sharethis Simple Share Buttons Adder 1.1
Sharethis Simple Share Buttons Adder 3.1
Sharethis Simple Share Buttons Adder 3.0
Sharethis Simple Share Buttons Adder 2.9
Sharethis Simple Share Buttons Adder 1.3
Sharethis Simple Share Buttons Adder 4.1
Sharethis Simple Share Buttons Adder 4.0
Sharethis Simple Share Buttons Adder 2.4
Sharethis Simple Share Buttons Adder
Sharethis Simple Share Buttons Adder 4.2
Sharethis Simple Share Buttons Adder 3.5
Sharethis Simple Share Buttons Adder 2.8
Sharethis Simple Share Buttons Adder 2.6
Sharethis Simple Share Buttons Adder 1.9
1 EDB exploit
775
VMScore
CVE-2005-1921
Eval injection vulnerability in PEAR XML_RPC 1.3.0 and previous versions (aka XML-RPC or xmlrpc) and PHPXMLRPC (aka XML-RPC For PHP or php-xmlrpc) 1.1 and previous versions, as used in products such as (1) WordPress, (2) Serendipity, (3) Drupal, (4) egroupware, (5) MailWatch, (6)...
Php Xml Rpc
Gggeek Phpxmlrpc
Drupal Drupal
Tiki Tikiwiki Cms\\/groupware
Debian Debian Linux 3.1
5 EDB exploits
605
VMScore
CVE-2013-2707
Cross-site request forgery (CSRF) vulnerability in the Login With Ajax plugin prior to 3.1 for WordPress allows remote malicious users to hijack the authentication of arbitrary users for requests that modify this plugin's settings.
Netweblogic Login With Ajax 2.2
Netweblogic Login With Ajax 2.1.5
Netweblogic Login With Ajax 2.1.4
Netweblogic Login With Ajax 2.1.3
Netweblogic Login With Ajax 3.0
Netweblogic Login With Ajax 3.0.1
Netweblogic Login With Ajax 3.0.2
Netweblogic Login With Ajax 3.0.3
Netweblogic Login With Ajax 3.0.4.1
Netweblogic Login With Ajax 2.1.1
Netweblogic Login With Ajax 2.1
Netweblogic Login With Ajax 3.0b3
Netweblogic Login With Ajax 3.0.4
Netweblogic Login With Ajax 3.1
Netweblogic Login With Ajax 2.21
Netweblogic Login With Ajax 2.1.2
Netweblogic Login With Ajax 3.0b
383
VMScore
CVE-2011-3854
Cross-site scripting (XSS) vulnerability in the ZenLite theme prior to 4.4 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the s parameter.
Quirm Zenlite
Quirm Zenlite 1.0
Quirm Zenlite 1.1
Quirm Zenlite 1.2
Quirm Zenlite 1.3
Quirm Zenlite 2.0
Quirm Zenlite 2.1
Quirm Zenlite 2.2
Quirm Zenlite 2.4
Quirm Zenlite 2.5
Quirm Zenlite 2.6
Quirm Zenlite 2.7
Quirm Zenlite 3.0
Quirm Zenlite 3.1
Quirm Zenlite 3.2
Quirm Zenlite 3.3
Quirm Zenlite 3.4
Quirm Zenlite 3.5
Quirm Zenlite 3.51
Quirm Zenlite 3.52
Quirm Zenlite 3.60
Quirm Zenlite 3.61
445
VMScore
CVE-2010-4403
The Register Plus plugin 3.5.1 and previous versions for WordPress allows remote malicious users to obtain sensitive information via a direct request to (1) dash_widget.php and (2) register-plus.php, which reveals the installation path in an error message.
Devbits Register-plus 3.4
Devbits Register-plus 3.3
Devbits Register-plus 2.7
Devbits Register-plus 2.6
Devbits Register-plus 1.2
Devbits Register-plus 1.1
Devbits Register-plus 3.5
Devbits Register-plus 3.4.1
Devbits Register-plus 3.0
Devbits Register-plus 2.9
Devbits Register-plus 2.8
Devbits Register-plus 2.1
Devbits Register-plus 2.0
Devbits Register-plus 3.2
Devbits Register-plus 3.1
Devbits Register-plus 2.5
Devbits Register-plus 2.4
Devbits Register-plus
Devbits Register-plus 3.0.2
Devbits Register-plus 3.0.1
Devbits Register-plus 2.3
Devbits Register-plus 2.2
383
VMScore
CVE-2010-4402
Multiple cross-site scripting (XSS) vulnerabilities in wp-login.php in the Register Plus plugin 3.5.1 and previous versions for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) firstname, (2) lastname, (3) website, (4) aim, (5) yahoo, (6) ...
Devbits Register-plus 3.4.1
Devbits Register-plus 3.4
Devbits Register-plus 2.8
Devbits Register-plus 2.7
Devbits Register-plus 2.0
Devbits Register-plus 1.2
Devbits Register-plus
Devbits Register-plus 3.5
Devbits Register-plus 3.0.1
Devbits Register-plus 3.0
Devbits Register-plus 2.9
Devbits Register-plus 2.2
Devbits Register-plus 2.1
Devbits Register-plus 3.3
Devbits Register-plus 3.2
Devbits Register-plus 2.6
Devbits Register-plus 2.5
Devbits Register-plus 1.1
Devbits Register-plus 3.1
Devbits Register-plus 3.0.2
Devbits Register-plus 2.4
Devbits Register-plus 2.3
NA
CVE-2024-22150
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PWR Plugins Portfolio & Image Gallery for WordPress | PowerFolio allows Stored XSS.This issue affects Portfolio & Image Gallery for WordPress | PowerFolio: from...
Pwrplugins Powerfolio
NA
CVE-2022-36355
Authenticated (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in PluginlySpeaking Easy Org Chart plugin <= 3.1 at WordPress.
Easy Org Chart Project Easy Org Chart
NA
CVE-2023-2813
All of the above Aapna WordPress theme up to and including 1.3, Anand WordPress theme up to and including 1.2, Anfaust WordPress theme up to and including 1.1, Arendelle WordPress theme prior to 1.1.13, Atlast Business WordPress theme up to and including 1.5.8.5, Bazaar Lite Word...
Saumendra Aapna
Saumendra Anand
Thewebhunter Anfaust
Deothemes Arendelle
Archimidismertzanos Atlast Business
Themeinprogress Bazaar Lite
Arthousewebdesign Brain Power
Yws Bunnypress Lite
Ayecode Cafe Bistro
Ayecode College
Omarfolgheraiter Digitally
Henleythemes Counterpoint
Ajaydsouza Connections Reloaded
Competethemes Drop
Ayecode Directory
Deothemes Everse
Archimidismertzanos Fashionable Store
Marchettidesign Fullbase
Dotecsa Ilex
Jinwen Js O3 Lite
Climaxthemes Kata
Jinwen Js Paper
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgery
CVE-2024-34351
CVE-2024-1076
CVE-2024-25522
CVE-2024-34547
CVE-2024-4644
unauthorized
remote
CVE-2024-4671
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »