Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 4.2.9 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-4061
The Survey Maker WordPress plugin prior to 4.2.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...
NA
CVE-2023-0585
The All in One SEO Pack plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters in versions up to, and including, 4.2.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with Administra...
Aioseo All In One Seo
NA
CVE-2023-0586
The All in One SEO Pack plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters in versions up to, and including, 4.2.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with Contributo...
Aioseo All In One Seo
446
VMScore
CVE-2017-14719
Before version 4.8.2, WordPress was vulnerable to a directory traversal attack during unzip operations in the ZipArchive and PclZip components.
Wordpress Wordpress 3.0.5
Wordpress Wordpress 4.0.1
Wordpress Wordpress 3.6.1
Wordpress Wordpress 4.1.1
Wordpress Wordpress 3.7
Wordpress Wordpress 3.9.3
Wordpress Wordpress 3.0.2
Wordpress Wordpress 3.2.1
Wordpress Wordpress 3.1.4
Wordpress Wordpress 3.0
Wordpress Wordpress 3.8.3
Wordpress Wordpress 3.2
Wordpress Wordpress 3.3.3
Wordpress Wordpress 3.0.1
Wordpress Wordpress 3.9.2
Wordpress Wordpress 3.7.1
Wordpress Wordpress 4.5.3
Wordpress Wordpress 3.1.3
Wordpress Wordpress 3.7.4
Wordpress Wordpress 3.8.2
Wordpress Wordpress 4.7.1
Wordpress Wordpress 3.0.4
2 Github repositories
435
VMScore
CVE-2013-1636
Cross-site scripting (XSS) vulnerability in open-flash-chart.swf in Open Flash Chart (aka Open-Flash Chart), as used in the Pretty Link Lite plugin prior to 1.6.3 for WordPress, JNews (com_jnews) component 8.0.1 for Joomla!, and CiviCRM 3.1.0 up to and including 4.2.9 and 4.3.0 u...
Blair Williams Pretty Link Lite 1.6.1
Blair Williams Pretty Link Lite 1.6.0
Blair Williams Pretty Link Lite
Joobi Com Jnews 8.0.1
Civicrm Civicrm 3.1.3
Civicrm Civicrm 4.2.5
Civicrm Civicrm 3.1.0
Civicrm Civicrm 4.1.2
Civicrm Civicrm 4.3.1
Civicrm Civicrm 4.1.4
Civicrm Civicrm 4.2.8
Civicrm Civicrm 4.1.1
Civicrm Civicrm 4.2.7
Civicrm Civicrm 3.4.0
Civicrm Civicrm 4.3.0
Civicrm Civicrm 3.3.1
Civicrm Civicrm 3.1.1
Civicrm Civicrm 3.3.0
Civicrm Civicrm 3.2.4
Civicrm Civicrm 3.2.1
Civicrm Civicrm 3.2.3
Civicrm Civicrm 3.3.5
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started