Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.1.1 vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2015-4070
Open redirect vulnerability in the proxyimages function in wowproxy.php in the Wow Moodboard Lite plugin 1.1.1.1 for WordPress allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter.
Wow New Media Wow Moodboard Lite 1.1.1
3.5
CVSSv2
CVE-2017-15811
The Pootle Button plugin prior to 1.2.0 for WordPress has XSS via the assets_url parameter in assets/dialog.php, exploitable via wp-admin/admin-ajax.php.
Pootlepress Pootle Button 1.1.1
Pootlepress Pootle Button 1.1.0
Pootlepress Pootle Button 1.0.0
4.3
CVSSv2
CVE-2011-3852
Cross-site scripting (XSS) vulnerability in the EvoLve theme prior to 1.2.6 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the s parameter.
Theme4press Evolve
Theme4press Evolve 1.0
Theme4press Evolve 1.0.0
Theme4press Evolve 1.0.1
Theme4press Evolve 1.0.2
Theme4press Evolve 1.0.3
Theme4press Evolve 1.0.4
Theme4press Evolve 1.0.5
Theme4press Evolve 1.0.6
Theme4press Evolve 1.0.7
Theme4press Evolve 1.0.8
Theme4press Evolve 1.0.9
Theme4press Evolve 1.1.0
Theme4press Evolve 1.1.1
Theme4press Evolve 1.1.2
Theme4press Evolve 1.1.3
Theme4press Evolve 1.1.4
Theme4press Evolve 1.1.5
Theme4press Evolve 1.1.6
Theme4press Evolve 1.1.7
Theme4press Evolve 1.1.8
Theme4press Evolve 1.1.9
1 EDB exploit
6.8
CVSSv2
CVE-2013-5977
Cross-site request forgery (CSRF) vulnerability in Cart66Product.php in the Cart66 Lite plugin prior to 1.5.1.15 for WordPress allows remote malicious users to hijack the authentication of administrators for requests that (1) create or modify products or conduct cross-site script...
Cart66 Cart66 Lite Plugin 1.1.3
Cart66 Cart66 Lite Plugin 1.4.0
Cart66 Cart66 Lite Plugin 1.5.0.1
Cart66 Cart66 Lite Plugin 1.0.7
Cart66 Cart66 Lite Plugin 1.4.9
Cart66 Cart66 Lite Plugin 1.4.7
Cart66 Cart66 Lite Plugin 1.5.0
Cart66 Cart66 Lite Plugin 1.5.1.8
Cart66 Cart66 Lite Plugin 1.0.8
Cart66 Cart66 Lite Plugin 1.5.1.2
Cart66 Cart66 Lite Plugin 1.1.5
Cart66 Cart66 Lite Plugin 1.1.4
Cart66 Cart66 Lite Plugin 1.4.1
Cart66 Cart66 Lite Plugin 1.4.8
Cart66 Cart66 Lite Plugin 1.1
Cart66 Cart66 Lite Plugin
Cart66 Cart66 Lite Plugin 1.1.2
Cart66 Cart66 Lite Plugin 1.4.4
Cart66 Cart66 Lite Plugin 1.5.0.2
Cart66 Cart66 Lite Plugin 1.5.1.1
Cart66 Cart66 Lite Plugin 1.1.1
Cart66 Cart66 Lite Plugin 1.3.0
1 EDB exploit
2.6
CVSSv2
CVE-2013-4954
Multiple cross-site scripting (XSS) vulnerabilities in wp-login.php in the Genetech Solutions Pie-Register plugin prior to 1.31 for WordPress, when "Allow New Registrations to set their own Password" is enabled, allow remote malicious users to inject arbitrary web scrip...
Genetechsolutions Pie-register
Genetechsolutions Pie-register 1.0.1
Genetechsolutions Pie-register 1.1.1
Genetechsolutions Pie-register 1.1.2
Genetechsolutions Pie-register 1.1.3
Genetechsolutions Pie-register 1.1.5
Genetechsolutions Pie-register 1.1.6
Genetechsolutions Pie-register 1.1.7
Genetechsolutions Pie-register 1.1.8
Genetechsolutions Pie-register 1.1.9
Genetechsolutions Pie-register 1.2.0
Genetechsolutions Pie-register 1.2.1
Genetechsolutions Pie-register 1.2.2
Genetechsolutions Pie-register 1.2.3
Genetechsolutions Pie-register 1.2.4
Genetechsolutions Pie-register 1.2.6
Genetechsolutions Pie-register 1.2.7
Genetechsolutions Pie-register 1.2.8
Genetechsolutions Pie-register 1.2.9
Genetechsolutions Pie-register 1.2.91
1 EDB exploit
7.5
CVSSv2
CVE-2012-1010
Unrestricted file upload vulnerability in actions.php in the AllWebMenus plugin prior to 1.1.8 for WordPress allows remote malicious users to execute arbitrary PHP code by uploading a ZIP file containing a PHP file, then accessing it via a direct request to the file in an unspeci...
Likno Allwebmenus Plugin
Likno Allwebmenus Plugin 1.0.1
Likno Allwebmenus Plugin 1.0.3
Likno Allwebmenus Plugin 1.0.4
Likno Allwebmenus Plugin 1.0.9
Likno Allwebmenus Plugin 1.0.10
Likno Allwebmenus Plugin 1.0.11
Likno Allwebmenus Plugin 1.0.12
Likno Allwebmenus Plugin 1.0.17
Likno Allwebmenus Plugin 1.0.18
Likno Allwebmenus Plugin 1.0.19
Likno Allwebmenus Plugin 1.0.20
Likno Allwebmenus Plugin 1.0.21
Likno Allwebmenus Plugin 1.0.22
Likno Allwebmenus Plugin 1.0.23
Likno Allwebmenus Plugin 1.0.24
Likno Allwebmenus Plugin 1.1.1
Likno Allwebmenus Plugin 1.1.2
Likno Allwebmenus Plugin 1.1.3
Likno Allwebmenus Plugin 1.1.4
Likno Allwebmenus Plugin 1.1.5
Likno Allwebmenus Plugin 1.1.6
1 EDB exploit
4.3
CVSSv2
CVE-2013-3526
Cross-site scripting (XSS) vulnerability in js/ta_loaded.js.php in the Traffic Analyzer plugin, possibly 3.3.2 and previous versions, for WordPress allows remote malicious users to inject arbitrary web script or HTML via the aoid parameter.
Wptrafficanalyzer Trafficanalyzer 1.0.0
Wptrafficanalyzer Trafficanalyzer 1.1.0
Wptrafficanalyzer Trafficanalyzer 1.1.1
Wptrafficanalyzer Trafficanalyzer 1.1.2
Wptrafficanalyzer Trafficanalyzer 1.1.3
Wptrafficanalyzer Trafficanalyzer 1.2.0
Wptrafficanalyzer Trafficanalyzer 1.3.0
Wptrafficanalyzer Trafficanalyzer 1.4.0
Wptrafficanalyzer Trafficanalyzer 1.5.0
Wptrafficanalyzer Trafficanalyzer 1.6.0
Wptrafficanalyzer Trafficanalyzer 1.6.1
Wptrafficanalyzer Trafficanalyzer 1.7.0
Wptrafficanalyzer Trafficanalyzer 1.8.0
Wptrafficanalyzer Trafficanalyzer 1.9.0
Wptrafficanalyzer Trafficanalyzer 2.0.0
Wptrafficanalyzer Trafficanalyzer 2.1.0
Wptrafficanalyzer Trafficanalyzer 2.2.0
Wptrafficanalyzer Trafficanalyzer 2.2.1
Wptrafficanalyzer Trafficanalyzer 2.3.0
Wptrafficanalyzer Trafficanalyzer 2.4.0
Wptrafficanalyzer Trafficanalyzer 2.4.1
Wptrafficanalyzer Trafficanalyzer 2.5.0
1 EDB exploit
4.3
CVSSv2
CVE-2008-1502
The _bad_protocol_once function in phpgwapi/inc/class.kses.inc.php in KSES, as used in eGroupWare prior to 1.4.003, Moodle prior to 1.8.5, and other products, allows remote malicious users to bypass HTML filtering and conduct cross-site scripting (XSS) attacks via a string contai...
Egroupware Egroupware 1.0
Moodle Moodle 1.5.2
Moodle Moodle 1.6.1
Moodle Moodle 1.8.2
Egroupware Egroupware
Moodle Moodle 1.2.1
Moodle Moodle 1.4.2
Moodle Moodle 1.6.5
Moodle Moodle 1.3.3
Moodle Moodle 1.4.3
Egroupware Egroupware 1.0.6
Moodle Moodle 1.4.5
Moodle Moodle 1.7.6
Moodle Moodle 1.6.2
Moodle Moodle 1.7.1
Moodle Moodle
Egroupware Egroupware 1.2.106-2
Moodle Moodle 1.8.3
Moodle Moodle 1.3.2
Egroupware Egroupware 1.0.3
Moodle Moodle 1.6.4
Moodle Moodle 1.1.1
4.3
CVSSv2
CVE-2011-3858
Cross-site scripting (XSS) vulnerability in the Pixiv Custom theme prior to 2.1.6 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the s parameter.
Zespia Pixiv Custom
Zespia Pixiv Custom 1.0
Zespia Pixiv Custom 1.0.1
Zespia Pixiv Custom 1.0.2
Zespia Pixiv Custom 1.1
Zespia Pixiv Custom 1.1.1
Zespia Pixiv Custom 1.1.2
Zespia Pixiv Custom 1.1.3
Zespia Pixiv Custom 1.1.4
Zespia Pixiv Custom 1.1.5
Zespia Pixiv Custom 1.1.6
Zespia Pixiv Custom 1.1.7
Zespia Pixiv Custom 1.1.9
Zespia Pixiv Custom 1.1.10
Zespia Pixiv Custom 1.1.11
Zespia Pixiv Custom 1.1.12
Zespia Pixiv Custom 1.1.13
Zespia Pixiv Custom 1.1.14
Zespia Pixiv Custom 1.2.0
Zespia Pixiv Custom 1.2.1
Zespia Pixiv Custom 1.3.0
Zespia Pixiv Custom 1.3.1
1 EDB exploit
6.8
CVSSv2
CVE-2014-3882
Cross-site request forgery (CSRF) vulnerability in the Login rebuilder plugin prior to 1.2.0 for WordPress allows remote malicious users to hijack the authentication of arbitrary users.
12net Login Rebuilder 1.0.2
12net Login Rebuilder 1.1.1
12net Login Rebuilder 1.1.0
12net Login Rebuilder 1.0.3
12net Login Rebuilder
12net Login Rebuilder 1.1.2
12net Login Rebuilder 1.0.1
12net Login Rebuilder 1.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »