Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

wordpress vulnerabilities and exploits

(subscribe to this query)

5
CVSSv2
CVE-2011-4957
The make_clickable function in wp-includes/formatting.php in WordPress before 3.1.1 does not properly check URLs before passing them to the PCRE library, which allows remote attackers to cause a denial of service (crash) via a comment with a crafted URL that triggers many...
Wordpress Wordpress 2.2.3Wordpress Wordpress 2.1.3Wordpress Wordpress 2.0.8Wordpress Wordpress 2.8Wordpress Wordpress 2.1Wordpress Wordpress 2.1.1Wordpress Wordpress 2.1.2Wordpress Wordpress 2.7Wordpress Wordpress 2.2.2Wordpress Wordpress 2.9.2Wordpress Wordpress 2.9Wordpress Wordpress 2.9.1Wordpress Wordpress 2.0.11Wordpress Wordpress 2.0.2Wordpress Wordpress 2.8.4Wordpress Wordpress 1.2.1Wordpress Wordpress 3.0Wordpress Wordpress 2.0.7Wordpress Wordpress 1.2.5Wordpress Wordpress 2.7.1Wordpress Wordpress 0.71Wordpress Wordpress 2.0.5Wordpress Wordpress 2.8.3Wordpress Wordpress 2.6.5Wordpress Wordpress 2.0.9Wordpress Wordpress 2.8.1Wordpress Wordpress 1.0.1Wordpress Wordpress 2.3.1Wordpress Wordpress 1.0.2Wordpress Wordpress 1.2Wordpress Wordpress 2.8.5.1Wordpress Wordpress 1.2.2Wordpress Wordpress 1.5Wordpress Wordpress 1.5.1.3Wordpress Wordpress 1.3Wordpress Wordpress 2.6Wordpress Wordpress 3.0.5Wordpress Wordpress 2.8.5.2Wordpress Wordpress 1.2.3Wordpress Wordpress 1.3.3Wordpress Wordpress 2.8.6Wordpress Wordpress 2.0Wordpress Wordpress 1.1.1Wordpress Wordpress 1.2.4Wordpress Wordpress 2.0.6Wordpress Wordpress 2.0.1Wordpress Wordpress 2.0.4Wordpress Wordpress 3.0.2Wordpress Wordpress 2.2Wordpress Wordpress 1.3.2Wordpress Wordpress 3.0.1Wordpress Wordpress 2.6.3Wordpress Wordpress 2.3.3Wordpress Wordpress 1.5.1.1Wordpress Wordpress 2.2.1Wordpress Wordpress 1.5.2Wordpress Wordpress 3.0.4Wordpress Wordpress 2.6.2Wordpress WordpressWordpress Wordpress 2.5.1Wordpress Wordpress 2.6.1Wordpress Wordpress 1.5.1.2Wordpress Wordpress 3.0.6Wordpress Wordpress 2.5Wordpress Wordpress 2.0.10Wordpress Wordpress 1.0Wordpress Wordpress 2.8.2Wordpress Wordpress 1.5.1Wordpress Wordpress 3.0.3Wordpress Wordpress 2.9.1.1Wordpress Wordpress 2.3.2Wordpress Wordpress 2.8.5Wordpress Wordpress 2.3
4.3
CVSSv2
CVE-2011-4956
Cross-site scripting (XSS) vulnerability in WordPress before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors....
Wordpress Wordpress 3.0.5Wordpress Wordpress 3.0.6Wordpress Wordpress 3.0.1Wordpress Wordpress 3.0.2Wordpress Wordpress 2.0Wordpress Wordpress 2.0.1Wordpress Wordpress 2.0.10Wordpress Wordpress 2.0.2Wordpress Wordpress 2.3Wordpress Wordpress 2.3.3Wordpress Wordpress 2.8.6Wordpress Wordpress 2.6.3Wordpress Wordpress 2.8.5.2Wordpress Wordpress 1.3.3Wordpress Wordpress 1.1.1Wordpress Wordpress 1.2.4Wordpress Wordpress 2.0.6Wordpress Wordpress 2.0.4Wordpress Wordpress 2.8.4Wordpress Wordpress 2.2.2Wordpress Wordpress 1.5.1.1Wordpress Wordpress 2.2.1Wordpress Wordpress 1.5.2Wordpress Wordpress 3.0.4Wordpress Wordpress 2.6.2Wordpress WordpressWordpress Wordpress 2.6.1Wordpress Wordpress 1.5.1.2Wordpress Wordpress 2.5Wordpress Wordpress 2.8.2Wordpress Wordpress 1.5.1Wordpress Wordpress 1.5.1.3Wordpress Wordpress 2.9.1.1Wordpress Wordpress 2.3.2Wordpress Wordpress 1.3Wordpress Wordpress 2.8.5Wordpress Wordpress 1.2.3Wordpress Wordpress 2.0.11Wordpress Wordpress 2.1.1Wordpress Wordpress 2.2.3Wordpress Wordpress 2.1Wordpress Wordpress 2.2Wordpress Wordpress 1.2.1Wordpress Wordpress 2.1.3Wordpress Wordpress 1.3.2Wordpress Wordpress 3.0Wordpress Wordpress 2.8Wordpress Wordpress 2.0.7Wordpress Wordpress 2.1.2Wordpress Wordpress 1.2.5Wordpress Wordpress 2.7.1Wordpress Wordpress 0.71Wordpress Wordpress 2.0.5Wordpress Wordpress 2.8.3Wordpress Wordpress 2.6.5Wordpress Wordpress 2.0.9Wordpress Wordpress 2.8.1Wordpress Wordpress 2.7Wordpress Wordpress 1.0.1Wordpress Wordpress 2.9Wordpress Wordpress 2.3.1Wordpress Wordpress 1.0.2Wordpress Wordpress 2.5.1Wordpress Wordpress 1.2Wordpress Wordpress 2.8.5.1Wordpress Wordpress 2.9.2Wordpress Wordpress 1.2.2Wordpress Wordpress 2.9.1Wordpress Wordpress 1.0Wordpress Wordpress 1.5Wordpress Wordpress 3.0.3Wordpress Wordpress 2.6Wordpress Wordpress 2.0.8
5.5
CVSSv2
CVE-2012-2402
wp-admin/plugins.php in WordPress before 3.3.2 allows remote authenticated site administrators to bypass intended access restrictions and deactivate network-wide plugins via unspecified vectors....
Wordpress Wordpress 2.2.3Wordpress Wordpress 2.6.2Wordpress Wordpress 2.3.1Wordpress Wordpress 1.5.1.2Wordpress Wordpress 2.0.2Wordpress Wordpress 2.0.4Wordpress Wordpress 2.7Wordpress Wordpress 3.0.3Wordpress Wordpress 2.3.3Wordpress Wordpress 3.0.5Wordpress Wordpress 2.8.6Wordpress Wordpress 2.2.2Wordpress Wordpress 3.0.1Wordpress Wordpress 1.2.2Wordpress Wordpress 1.0.2Wordpress Wordpress 1.2.5Wordpress Wordpress 2.5Wordpress Wordpress 2.7.1Wordpress Wordpress 2.0.11Wordpress Wordpress 2.1.3Wordpress Wordpress 2.2.1Wordpress Wordpress 1.5.1.1Wordpress Wordpress 3.3Wordpress Wordpress 2.0.10Wordpress Wordpress 2.1.1Wordpress Wordpress 2.1.2Wordpress Wordpress 2.5.1Wordpress Wordpress 2.3Wordpress Wordpress 2.6.1Wordpress Wordpress 2.6Wordpress Wordpress 1.5.1Wordpress Wordpress 1.2.1Wordpress Wordpress 1.0.1Wordpress Wordpress 2.6.5Wordpress Wordpress 0.71Wordpress Wordpress 1.1.1Wordpress Wordpress 3.1.1Wordpress Wordpress 1.3.3Wordpress Wordpress 2.8.4Wordpress Wordpress 2.0.8Wordpress Wordpress 2.8Wordpress Wordpress 1.5.1.3Wordpress Wordpress 1.5.2Wordpress Wordpress 2.0Wordpress Wordpress 2.0.5Wordpress Wordpress 2.0.6Wordpress Wordpress 2.8.3Wordpress Wordpress 2.8.5Wordpress Wordpress 2.6.3Wordpress Wordpress 3.1Wordpress Wordpress 3.0.2Wordpress Wordpress 3.0Wordpress Wordpress 2.9Wordpress Wordpress 1.2Wordpress Wordpress 1.2.3Wordpress Wordpress 2.9.1.1Wordpress Wordpress 3.0.4Wordpress Wordpress 3.1.2Wordpress Wordpress 1.3Wordpress Wordpress 1.3.2Wordpress WordpressWordpress Wordpress 2.0.9Wordpress Wordpress 2.2Wordpress Wordpress 2.3.2Wordpress Wordpress 2.0.1Wordpress Wordpress 2.0.7Wordpress Wordpress 2.1Wordpress Wordpress 2.8.1Wordpress Wordpress 2.8.2Wordpress Wordpress 3.0.6Wordpress Wordpress 1.5Wordpress Wordpress 2.9.2Wordpress Wordpress 2.9.1Wordpress Wordpress 1.0Wordpress Wordpress 1.2.4Wordpress Wordpress 3.1.3Wordpress Wordpress 2.8.5.1Wordpress Wordpress 2.8.5.2
6.8
CVSSv2
CVE-2012-3384
Cross-site request forgery (CSRF) vulnerability in the customizer in WordPress before 3.4.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors....
Wordpress WordpressWordpress Wordpress 3.3.3Wordpress Wordpress 3.3.2Wordpress Wordpress 3.3Wordpress Wordpress 3.0.1Wordpress Wordpress 3.0Wordpress Wordpress 2.9.2Wordpress Wordpress 3.1.3Wordpress Wordpress 3.1.1Wordpress Wordpress 3.1.2Wordpress Wordpress 3.0.6Wordpress Wordpress 2.1.3Wordpress Wordpress 2.2.3Wordpress Wordpress 2.3Wordpress Wordpress 2.0.8Wordpress Wordpress 2.2.2Wordpress Wordpress 2.3.2Wordpress Wordpress 2.0.1Wordpress Wordpress 2.0.10Wordpress Wordpress 2.0.2Wordpress Wordpress 2.8.5Wordpress Wordpress 2.8.5.1Wordpress Wordpress 2.8.1Wordpress Wordpress 2.8.5.2Wordpress Wordpress 1.0.1Wordpress Wordpress 1.2.5Wordpress Wordpress 1.2.3Wordpress Wordpress 3.2Wordpress Wordpress 3.1Wordpress Wordpress 3.0.5Wordpress Wordpress 3.0.3Wordpress Wordpress 2.9.1.1Wordpress Wordpress 2.5.1Wordpress Wordpress 2.0.9Wordpress Wordpress 2.2.1Wordpress Wordpress 2.6.1Wordpress Wordpress 2.3.1Wordpress Wordpress 2.0.4Wordpress Wordpress 2.0.6Wordpress Wordpress 2.5Wordpress Wordpress 2.7.1Wordpress Wordpress 2.8.4Wordpress Wordpress 1.5.1.1Wordpress Wordpress 1.2.2Wordpress Wordpress 1.2Wordpress Wordpress 1.1.1Wordpress Wordpress 1.3Wordpress Wordpress 2.9Wordpress Wordpress 2.3.3Wordpress Wordpress 2.8.6Wordpress Wordpress 2.6.3Wordpress Wordpress 2.1Wordpress Wordpress 2.1.1Wordpress Wordpress 2.1.2Wordpress Wordpress 2.7Wordpress Wordpress 1.5.1.3Wordpress Wordpress 1.5.2Wordpress Wordpress 1.5Wordpress Wordpress 1.5.1Wordpress Wordpress 1.2.1Wordpress Wordpress 1.3.2Wordpress Wordpress 0.71Wordpress Wordpress 3.2.1Wordpress Wordpress 3.1.4Wordpress Wordpress 3.0.4Wordpress Wordpress 3.0.2Wordpress Wordpress 2.9.1Wordpress Wordpress 2.0.11Wordpress Wordpress 2.6.2Wordpress Wordpress 2.8Wordpress Wordpress 2.2Wordpress Wordpress 2.6Wordpress Wordpress 2.0Wordpress Wordpress 2.0.5Wordpress Wordpress 2.0.7Wordpress Wordpress 2.6.5Wordpress Wordpress 2.8.3Wordpress Wordpress 2.8.2Wordpress Wordpress 1.5.1.2Wordpress Wordpress 1.0.2Wordpress Wordpress 1.0Wordpress Wordpress 1.2.4Wordpress Wordpress 1.3.3
7.5
CVSSv2
CVE-2008-3747
The (1) get_edit_post_link and (2) get_edit_comment_link functions in wp-includes/link-template.php in WordPress before 2.6.1 do not force SSL communication in the intended situations, which might allow remote attackers to gain administrative access by sniffing the network for a...
Wordpress Wordpress 0.6.2Wordpress Wordpress 0.6.2.1Wordpress Wordpress 0.72Wordpress Wordpress 1.0Wordpress Wordpress 1.5.1.3Wordpress Wordpress 1.5.2Wordpress Wordpress 2.0.6Wordpress Wordpress 2.0.7Wordpress Wordpress 2.2.1Wordpress Wordpress 2.2.2Wordpress Wordpress 2.3Wordpress Wordpress 2.5Wordpress Wordpress 2.0.11Wordpress Wordpress 2.3.1Wordpress Wordpress 2.1.1Wordpress Wordpress 2.0.2Wordpress Wordpress 1.2Wordpress Wordpress 2.0.4Wordpress Wordpress 0.711Wordpress Wordpress 2.2Wordpress Wordpress 1.2.1Wordpress Wordpress 0.7Wordpress Wordpress 2.1.3Wordpress Wordpress 2.1.2Wordpress Wordpress 0.71Wordpress Wordpress 2.0.5Wordpress Wordpress 1.0.1Wordpress Wordpress 1.2.2Wordpress Wordpress 2.0.10Wordpress Wordpress 1.5Wordpress Wordpress 2.3.2Wordpress Wordpress 2.0Wordpress Wordpress 2.2.3Wordpress Wordpress 2.1Wordpress Wordpress 2.0.1Wordpress Wordpress 2.0.9Wordpress Wordpress 2.5.1Wordpress Wordpress 2.6
4.9
CVSSv2
CVE-2009-2334
wp-admin/admin.php in WordPress and WordPress MU before 2.8.1 does not require administrative authentication to access the configuration of a plugin, which allows remote attackers to specify a configuration file in the page parameter to obtain sensitive information or modify...
Wordpress Wordpress 2.3.3Wordpress Wordpress 2.3.2Wordpress Wordpress 2.2.2Wordpress Wordpress 2.2.1Wordpress Wordpress 2.1.1Wordpress Wordpress 2.1Wordpress Wordpress 2.6Wordpress Wordpress 2.3.1Wordpress Wordpress 2.2.0Wordpress Wordpress 2.2Wordpress Wordpress 2.0.9Wordpress Wordpress 2.0.11Wordpress Wordpress 1.2-mingusWordpress Wordpress 2.1.3 Rc2Wordpress Wordpress 2.0.10 Rc1Wordpress Wordpress 1.5-strayhornWordpress Wordpress 1.2-deltaWordpress Wordpress 2.0.6Wordpress Wordpress 2.2 Revision5003Wordpress Wordpress 1.2.1Wordpress Wordpress 2.0.7Wordpress Wordpress 1.5.1.1Wordpress Wordpress 2.0.10 Rc2Wordpress Wordpress 1.0.2Wordpress Wordpress 2.5.1Wordpress Wordpress 1.5.1.2Wordpress Wordpress 2.5Wordpress Wordpress 2.1.3 Rc1Wordpress Wordpress 1.2.2Wordpress Wordpress 2.0.10Wordpress Wordpress 1.5.1Wordpress Wordpress 1.5.1.3Wordpress Wordpress 2.0.8Wordpress Wordpress 2.3Wordpress Wordpress 2.2.3Wordpress Wordpress 2.0.2Wordpress Wordpress Mu 1.5.1Wordpress Wordpress 1.2Wordpress Wordpress Mu 1.3.3Wordpress Wordpress 1.0Wordpress Wordpress 1.3.1Wordpress Wordpress Mu 2.6Wordpress Wordpress 0.6.2.1Wordpress Wordpress 0.71-goldWordpress Wordpress Mu 1.2.3Wordpress Wordpress Mu 2.6.1Wordpress Wordpress 0.711Wordpress Wordpress 2.1.3Wordpress Wordpress 0.72Wordpress Wordpress Mu 1.3.2Wordpress Wordpress 2.1.2Wordpress Wordpress 2.6.3Wordpress Wordpress 2.0.5Wordpress Wordpress Mu 1.2Wordpress Wordpress 2.6.5Wordpress Wordpress 0.6.2Wordpress Wordpress Mu 1.2.2Wordpress Wordpress Mu 1.2.4Wordpress Wordpress 1.5.2Wordpress Wordpress 1.6Wordpress Wordpress Mu 1.3.1Wordpress Wordpress 1.0.2-blakeyWordpress Wordpress 2.0.3Wordpress Wordpress 2.6.1Wordpress WordpressWordpress Wordpress 1.0.1-milesWordpress Wordpress Mu 1.5Wordpress Wordpress Mu 1.2.1Wordpress Wordpress Mu 2.6.5Wordpress Wordpress MuWordpress Wordpress 2.2 Revision5002Wordpress Wordpress 2.0Wordpress Wordpress 2.0.1Wordpress Wordpress 2.0.4Wordpress Wordpress Mu 2.6.3Wordpress Wordpress Mu 1.2.5aWordpress Wordpress 1.4Wordpress Wordpress 0.7Wordpress Wordpress 0.71Wordpress Wordpress Mu 1.1Wordpress Wordpress Mu 1.3Wordpress Wordpress 1.0.1Wordpress Wordpress 1.0-platinumWordpress Wordpress Mu 1.1.1Wordpress Wordpress Mu 2.6.2Wordpress Wordpress 1.5
2.1
CVSSv2
CVE-2014-5240
Cross-site scripting (XSS) vulnerability in wp-includes/pluggable.php in WordPress before 3.9.2, when Multisite is enabled, allows remote authenticated administrators to inject arbitrary web script or HTML, and obtain Super Admin privileges, via a crafted avatar URL....
Wordpress Wordpress 3.0.5Wordpress Wordpress 3.0.6Wordpress Wordpress 3.1Wordpress Wordpress 3.1.1Wordpress Wordpress 3.5.0Wordpress Wordpress 3.5.1Wordpress Wordpress 3.6Wordpress Wordpress 3.6.1Wordpress Wordpress 3.0.1Wordpress Wordpress 3.0.3Wordpress Wordpress 3.1.3Wordpress Wordpress 3.2Wordpress Wordpress 3.4.0Wordpress Wordpress 3.7Wordpress Wordpress 3.0.2Wordpress Wordpress 3.2.1Wordpress Wordpress 3.1.4Wordpress Wordpress 3.0Wordpress Wordpress 3.3.3Wordpress WordpressWordpress Wordpress 3.9.0Wordpress Wordpress 3.7.1Wordpress Wordpress 3.0.4Wordpress Wordpress 3.3.2Wordpress Wordpress 3.1.2Wordpress Wordpress 3.3.1Wordpress Wordpress 3.8Wordpress Wordpress 3.8.1Wordpress Wordpress 3.3Wordpress Wordpress 3.4.2Wordpress Wordpress 3.4.1Debian Debian Linux 7.0
4.3
CVSSv2
CVE-2013-2204
moxieplayer.as in Moxiecode moxieplayer, as used in the TinyMCE Media plugin in WordPress before 3.5.2 and other products, does not consider the presence of a # (pound sign) character during extraction of the QUERY_STRING, which allows remote attackers to pass arbitrary...
Wordpress Wordpress 3.3Wordpress Wordpress 3.3.1Wordpress Wordpress 3.3.3Wordpress Wordpress 2.3Wordpress Wordpress 2.0.8Wordpress Wordpress 2.6.3Wordpress Wordpress 2.8.4Wordpress Wordpress 2.0.1Wordpress Wordpress 2.0.10Wordpress Wordpress 2.0.2Wordpress Wordpress 2.1.2Wordpress Wordpress 2.9.2Wordpress Wordpress 3.4.0Wordpress Wordpress 2.0.11Wordpress Wordpress 1.3.3Wordpress Wordpress 2.0Wordpress Wordpress 2.2.3Wordpress Wordpress 1.1.1Wordpress Wordpress 2.0.6Wordpress Wordpress 2.2Wordpress Wordpress 2.1.3Wordpress Wordpress 2.0.7Wordpress Wordpress 2.7.1Wordpress Wordpress 2.6.5Wordpress Wordpress 2.8.1Wordpress Wordpress 2.2.1Wordpress Wordpress 2.6.2Wordpress Wordpress 2.3.1Wordpress Wordpress 1.0.2Wordpress Wordpress 1.5.1.2Wordpress Wordpress 1.2Wordpress Wordpress 2.9.1Wordpress Wordpress 3.4.2Wordpress Wordpress 3.4.1Wordpress Wordpress 1.5.1.3Wordpress Wordpress 2.8.5Wordpress Wordpress 2.8.5.2Wordpress Wordpress 1.2.3Wordpress Wordpress 2.8.6Wordpress Wordpress 2.1.1Wordpress Wordpress 1.6.2Wordpress Wordpress 3.5.0Wordpress Wordpress 2.1Tinymce Media -Wordpress Wordpress 1.2.4Wordpress Wordpress 2.0.4Wordpress Wordpress 1.2.1Wordpress Wordpress 1.3.2Wordpress Wordpress 2.8Wordpress Wordpress 1.2.5Wordpress Wordpress 0.71Wordpress Wordpress 2.0.5Wordpress Wordpress 2.8.3Wordpress Wordpress 2.2.2Wordpress Wordpress 2.3.3Wordpress Wordpress 1.5.1.1Wordpress Wordpress 2.0.9Wordpress Wordpress 2.7Wordpress Wordpress 1.5.2Wordpress Wordpress 1.0.1Wordpress Wordpress 2.9Wordpress Wordpress 2.5.1Wordpress Wordpress 3.3.2Wordpress Wordpress 2.6.1Wordpress WordpressWordpress Wordpress 2.8.5.1Wordpress Wordpress 2.5Wordpress Wordpress 1.2.2Wordpress Wordpress 1.0Wordpress Wordpress 1.5Wordpress Wordpress 2.8.2Wordpress Wordpress 1.5.1Wordpress Wordpress 2.9.1.1Wordpress Wordpress 2.3.2Wordpress Wordpress 1.3Wordpress Wordpress 2.6
4
CVSSv2
CVE-2013-2200
WordPress before 3.5.2 does not properly check the capabilities of roles, which allows remote authenticated users to bypass intended restrictions on publishing and authorship reassignment via unspecified vectors....
Wordpress Wordpress 3.3.2Wordpress Wordpress 2.5.1Wordpress Wordpress 2.0.9Wordpress Wordpress 2.2Wordpress Wordpress 2.6Wordpress Wordpress 2.3.1Wordpress Wordpress 2.0.4Wordpress Wordpress 2.0.5Wordpress Wordpress 2.9Wordpress Wordpress 2.9.1Wordpress Wordpress 2.8.5.1Wordpress Wordpress 2.8.1Wordpress Wordpress 1.3.3Wordpress Wordpress 2.0.2Wordpress Wordpress 1.6.2Wordpress Wordpress 2.8.4Wordpress Wordpress 1.3.2Wordpress Wordpress 2.8Wordpress Wordpress 3.3.3Wordpress Wordpress 0.71Wordpress Wordpress 2.7Wordpress Wordpress 1.5.2Wordpress Wordpress 1.0.1Wordpress Wordpress 2.6.1Wordpress Wordpress 1.5.1.2Wordpress Wordpress 1.2Wordpress Wordpress 2.9.2Wordpress Wordpress 3.3.1Wordpress Wordpress 2.0.10Wordpress Wordpress 1.0Wordpress Wordpress 1.2.5Wordpress Wordpress 1.5.1.3Wordpress Wordpress 2.9.1.1Wordpress Wordpress 2.8.5Wordpress Wordpress 2.0.8Wordpress Wordpress 2.3Wordpress Wordpress 2.8.5.2Wordpress Wordpress 1.2.3Wordpress Wordpress 3.4.0Wordpress Wordpress 2.0.11Wordpress Wordpress 2.8.6Wordpress Wordpress 2.0Wordpress Wordpress 2.1.1Wordpress Wordpress 2.2.3Wordpress Wordpress 3.5.0Wordpress Wordpress 2.1Wordpress Wordpress 1.1.1Wordpress Wordpress 1.2.4Wordpress Wordpress 2.0.6Wordpress Wordpress 2.0.1Wordpress Wordpress 1.2.1Wordpress Wordpress 2.1.3Wordpress Wordpress 2.0.7Wordpress Wordpress 2.1.2Wordpress Wordpress 2.7.1Wordpress Wordpress 2.6.3Wordpress Wordpress 2.8.3Wordpress Wordpress 2.6.5Wordpress Wordpress 2.2.2Wordpress Wordpress 2.3.3Wordpress Wordpress 1.5.1.1Wordpress Wordpress 2.2.1Wordpress Wordpress 2.6.2Wordpress Wordpress 1.0.2Wordpress WordpressWordpress Wordpress 2.5Wordpress Wordpress 1.2.2Wordpress Wordpress 3.3Wordpress Wordpress 1.5Wordpress Wordpress 2.8.2Wordpress Wordpress 3.4.2Wordpress Wordpress 1.5.1Wordpress Wordpress 3.4.1Wordpress Wordpress 2.3.2Wordpress Wordpress 1.3
4.3
CVSSv2
CVE-2008-5278
Cross-site scripting (XSS) vulnerability in the self_link function in in the RSS Feed Generator (wp-includes/feed.php) for WordPress before 2.6.5 allows remote attackers to inject arbitrary web script or HTML via the Host header (HTTP_HOST variable)....
Wordpress Wordpress 2.3Wordpress Wordpress 2.2 Revision5003Wordpress Wordpress 2.1.3 Rc1Wordpress Wordpress 2.1.3Wordpress Wordpress 2.1Wordpress Wordpress 2.0.8Wordpress Wordpress 2.1.1Wordpress Wordpress 2.0.1Wordpress Wordpress 2.0.10Wordpress Wordpress 1.2.1Wordpress Wordpress 1.2.2Wordpress Wordpress 1.2-mingusWordpress Wordpress 2.3.1Wordpress Wordpress 2.0Wordpress Wordpress 1.2-deltaWordpress Wordpress 2.0.6Wordpress Wordpress 0.6.2.1Wordpress Wordpress 2.0.7Wordpress Wordpress 2.2.0Wordpress Wordpress 0.71Wordpress Wordpress 0.6.2Wordpress Wordpress 2.2.2Wordpress Wordpress 2.2.1Wordpress Wordpress 1.5.2Wordpress Wordpress 1.0.1Wordpress Wordpress 0.72Wordpress Wordpress 1.0.2-blakeyWordpress Wordpress 2.5.1Wordpress Wordpress 1.5.1.2Wordpress Wordpress 2.5Wordpress Wordpress 1.0-platinumWordpress Wordpress 1.5.1Wordpress Wordpress 2.0.11Wordpress Wordpress 2.1.3 Rc2Wordpress Wordpress 2.2.3Wordpress Wordpress 2.0.2Wordpress Wordpress 1.2Wordpress Wordpress 2.0.10 Rc1Wordpress Wordpress 1.5-strayhornWordpress Wordpress 2.0.4Wordpress Wordpress 1.3.1Wordpress Wordpress 0.71-goldWordpress Wordpress 0.711Wordpress Wordpress 1.4Wordpress Wordpress 2.2Wordpress Wordpress 0.7Wordpress WordpressWordpress Wordpress 2.1.2Wordpress Wordpress 2.0.5Wordpress Wordpress 2.3.3Wordpress Wordpress 1.5.1.1Wordpress Wordpress 2.0.9Wordpress Wordpress 1.6Wordpress Wordpress 2.0.10 Rc2Wordpress Wordpress 1.0.2Wordpress Wordpress 2.0.3Wordpress Wordpress 2.6.1Wordpress Wordpress 1.0.1-milesWordpress Wordpress 1.0Wordpress Wordpress 1.5Wordpress Wordpress 1.5.1.3Wordpress Wordpress 2.3.2Wordpress Wordpress 2.6Wordpress Wordpress 2.2 Revision5002
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-36542NULL pointer dereferenceCVE-2021-3490CVE-2021-36934code injectionSSRFCVE-2021-34632CVE-2021-33325CVE-2021-27503
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook