Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.2.5 vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2017-18575
The newstatpress plugin prior to 1.2.5 for WordPress has multiple stored XSS issues.
Newstatpress Project Newstatpress
4.3
CVSSv3
CVE-2014-10382
The feature-comments plugin prior to 1.2.5 for WordPress has CSRF for featuring or burying a comment.
Pippinsplugins Featured Comments
6.1
CVSSv3
CVE-2017-7723
XSS exists in Easy WP SMTP (prior to 1.2.5), a WordPress Plugin, via the e-mail subject or body.
Wp-ecommerce Easy Wp Smtp
NA
CVE-2013-5918
Cross-site scripting (XSS) vulnerability in platinum_seo_pack.php in the Platinum SEO plugin prior to 1.3.8 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the s parameter.
Platinum Seo Project Platinum Seo Plugin
Platinum Seo Project Platinum Seo Plugin 1.0
Platinum Seo Project Platinum Seo Plugin 1.1
Platinum Seo Project Platinum Seo Plugin 1.2
Platinum Seo Project Platinum Seo Plugin 1.2.1
Platinum Seo Project Platinum Seo Plugin 1.2.2
Platinum Seo Project Platinum Seo Plugin 1.2.3
Platinum Seo Project Platinum Seo Plugin 1.2.4
Platinum Seo Project Platinum Seo Plugin 1.2.5
Platinum Seo Project Platinum Seo Plugin 1.2.6
Platinum Seo Project Platinum Seo Plugin 1.2.7
Platinum Seo Project Platinum Seo Plugin 1.2.8
Platinum Seo Project Platinum Seo Plugin 1.2.9
Platinum Seo Project Platinum Seo Plugin 1.3
Platinum Seo Project Platinum Seo Plugin 1.3.1
Platinum Seo Project Platinum Seo Plugin 1.3.2
Platinum Seo Project Platinum Seo Plugin 1.3.3
Platinum Seo Project Platinum Seo Plugin 1.3.4
Platinum Seo Project Platinum Seo Plugin 1.3.5
Platinum Seo Project Platinum Seo Plugin 1.3.6
NA
CVE-2014-5344
Multiple cross-site scripting (XSS) vulnerabilities in the Mobiloud (mobiloud-mobile-app-plugin) plugin prior to 2.3.8 for WordPress allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third pa...
Mobiloud Mobiloud 1.8.9
Mobiloud Mobiloud 1.4.1
Mobiloud Mobiloud 1.9.1
Mobiloud Mobiloud 1.6.2
Mobiloud Mobiloud 1.8.8
Mobiloud Mobiloud 2.1
Mobiloud Mobiloud 1.8.15
Mobiloud Mobiloud 1.8.5
Mobiloud Mobiloud 1.5
Mobiloud Mobiloud 1.7
Mobiloud Mobiloud 1.2.6
Mobiloud Mobiloud
Mobiloud Mobiloud 1.3.8
Mobiloud Mobiloud 1.6
Mobiloud Mobiloud 1.4
Mobiloud Mobiloud 1.3.6
Mobiloud Mobiloud 1.8.2
Mobiloud Mobiloud 1.8.6
Mobiloud Mobiloud 1.6.1
Mobiloud Mobiloud 1.2.4
Mobiloud Mobiloud 1.8.12
Mobiloud Mobiloud 1.7.1
6.1
CVSSv3
CVE-2019-15776
The simple-301-redirects-addon-bulk-uploader plugin prior to 1.2.5 for WordPress has no protection against 301 redirect rule injection via a CSV file.
Webcraftic Simple 301 Redirects-addon-bulk Uploader
6.5
CVSSv3
CVE-2022-4888
The Checkout Fields Manager WordPress plugin prior to 1.0.2, Abandoned Cart Recovery WordPress plugin prior to 1.2.5, Custom Fields for WooCommerce WordPress plugin prior to 1.0.4, Custom Order Number WordPress plugin up to and including 1.0.1, Custom Registration Forms Builder W...
Addify Order Tracking For Woocommerce
Addify Order Approval For Woocommerce
Addify Image Watermark For Woocommerce
Addify Gift Registry For Woocommerce
Addify Advanced Free Gifts
Addify Custom Registration Forms Builder
Addify Custom Order Number
Addify Custom Fields For Woocommerce
Addify Abandoned Cart Recovery
Addify Checkout Fields Manager
8.8
CVSSv3
CVE-2014-5072
Cross-site request forgery (CSRF) vulnerability in WP Security Audit Log plugin prior to 1.2.5 for WordPress allows remote malicious users to hijack the authentication of unspecified victims via unknown vectors.
Wpsecurityauditlog Wp Security Audit Log
6.1
CVSSv3
CVE-2021-24274
The Ultimate Maps by Supsystic WordPress plugin prior to 1.2.5 did not sanitise the tab parameter of its options page before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue
Supsystic Ultimate Maps
5.3
CVSSv3
CVE-2023-0557
The ContentStudio plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.2.5. This could allow unauthenticated malicious users to obtain a nonce needed for the creation of posts.
Contentstudio Contentstudio
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »