Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 3.2 vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2023-7151
The Product Enquiry for WooCommerce WordPress plugin prior to 3.2 does not sanitise and escape the page parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
Piwebsolution Product Enquiry For Woocommerce
5.4
CVSSv3
CVE-2022-4749
The Posts List Designer by Category WordPress plugin prior to 3.2 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which ...
Infornweb Posts List Designer
5.4
CVSSv3
CVE-2023-5565
The Shortcode Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'shortmenu' shortcode in versions up to, and including, 3.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authen...
Shortcode Menu Project Shortcod Menu
4.3
CVSSv3
CVE-2021-4390
The Contact Form 7 Style plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.2. This is due to missing or incorrect nonce validation on the manage_wp_posts_be_qe_save_post() function. This makes it possible for unauthenticated mali...
Cf7style Contact Form 7 Style
NA
CVE-2012-4263
Cross-site scripting (XSS) vulnerability in inc/admin/content.php in the Better WP Security (better_wp_security) plugin prior to 3.2.5 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the HTTP_USER_AGENT header.
Bit51 Better-wp-security
Bit51 Better-wp-security -
Bit51 Better-wp-security 0.1
Bit51 Better-wp-security 0.2
Bit51 Better-wp-security 0.3
Bit51 Better-wp-security 0.4
Bit51 Better-wp-security 0.5
Bit51 Better-wp-security 0.6
Bit51 Better-wp-security 0.7
Bit51 Better-wp-security 0.8
Bit51 Better-wp-security 0.9
Bit51 Better-wp-security 0.10
Bit51 Better-wp-security 0.11
Bit51 Better-wp-security 0.13
Bit51 Better-wp-security 0.14
Bit51 Better-wp-security 0.15
Bit51 Better-wp-security 0.16
Bit51 Better-wp-security 1.0
Bit51 Better-wp-security 1.1
Bit51 Better-wp-security 1.2
Bit51 Better-wp-security 1.3
Bit51 Better-wp-security 1.4
NA
CVE-2012-4264
Multiple cross-site scripting (XSS) vulnerabilities in the Better WP Security (better_wp_security) plugin prior to 3.2.5 for WordPress allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors related to "server variables," a different ...
Bit51 Better-wp-security
Bit51 Better-wp-security -
Bit51 Better-wp-security 0.1
Bit51 Better-wp-security 0.2
Bit51 Better-wp-security 0.3
Bit51 Better-wp-security 0.4
Bit51 Better-wp-security 0.5
Bit51 Better-wp-security 0.6
Bit51 Better-wp-security 0.7
Bit51 Better-wp-security 0.8
Bit51 Better-wp-security 0.9
Bit51 Better-wp-security 0.10
Bit51 Better-wp-security 0.11
Bit51 Better-wp-security 0.13
Bit51 Better-wp-security 0.14
Bit51 Better-wp-security 0.15
Bit51 Better-wp-security 0.16
Bit51 Better-wp-security 1.0
Bit51 Better-wp-security 1.1
Bit51 Better-wp-security 1.2
Bit51 Better-wp-security 1.3
Bit51 Better-wp-security 1.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5