Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 1.2.5 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2017-18575
The newstatpress plugin prior to 1.2.5 for WordPress has multiple stored XSS issues.
Newstatpress Project Newstatpress
383
VMScore
CVE-2014-10382
The feature-comments plugin prior to 1.2.5 for WordPress has CSRF for featuring or burying a comment.
Pippinsplugins Featured Comments
383
VMScore
CVE-2017-7723
XSS exists in Easy WP SMTP (prior to 1.2.5), a WordPress Plugin, via the e-mail subject or body.
Wp-ecommerce Easy Wp Smtp
383
VMScore
CVE-2013-5918
Cross-site scripting (XSS) vulnerability in platinum_seo_pack.php in the Platinum SEO plugin prior to 1.3.8 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the s parameter.
Platinum Seo Project Platinum Seo Plugin
Platinum Seo Project Platinum Seo Plugin 1.0
Platinum Seo Project Platinum Seo Plugin 1.1
Platinum Seo Project Platinum Seo Plugin 1.2
Platinum Seo Project Platinum Seo Plugin 1.2.1
Platinum Seo Project Platinum Seo Plugin 1.2.2
Platinum Seo Project Platinum Seo Plugin 1.2.3
Platinum Seo Project Platinum Seo Plugin 1.2.4
Platinum Seo Project Platinum Seo Plugin 1.2.5
Platinum Seo Project Platinum Seo Plugin 1.2.6
Platinum Seo Project Platinum Seo Plugin 1.2.7
Platinum Seo Project Platinum Seo Plugin 1.2.8
Platinum Seo Project Platinum Seo Plugin 1.2.9
Platinum Seo Project Platinum Seo Plugin 1.3
Platinum Seo Project Platinum Seo Plugin 1.3.1
Platinum Seo Project Platinum Seo Plugin 1.3.2
Platinum Seo Project Platinum Seo Plugin 1.3.3
Platinum Seo Project Platinum Seo Plugin 1.3.4
Platinum Seo Project Platinum Seo Plugin 1.3.5
Platinum Seo Project Platinum Seo Plugin 1.3.6
383
VMScore
CVE-2014-5344
Multiple cross-site scripting (XSS) vulnerabilities in the Mobiloud (mobiloud-mobile-app-plugin) plugin prior to 2.3.8 for WordPress allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third pa...
Mobiloud Mobiloud 1.8.9
Mobiloud Mobiloud 1.4.1
Mobiloud Mobiloud 1.9.1
Mobiloud Mobiloud 1.6.2
Mobiloud Mobiloud 1.8.8
Mobiloud Mobiloud 2.1
Mobiloud Mobiloud 1.8.15
Mobiloud Mobiloud 1.8.5
Mobiloud Mobiloud 1.5
Mobiloud Mobiloud 1.7
Mobiloud Mobiloud 1.2.6
Mobiloud Mobiloud
Mobiloud Mobiloud 1.3.8
Mobiloud Mobiloud 1.6
Mobiloud Mobiloud 1.4
Mobiloud Mobiloud 1.3.6
Mobiloud Mobiloud 1.8.2
Mobiloud Mobiloud 1.8.6
Mobiloud Mobiloud 1.6.1
Mobiloud Mobiloud 1.2.4
Mobiloud Mobiloud 1.8.12
Mobiloud Mobiloud 1.7.1
516
VMScore
CVE-2019-15776
The simple-301-redirects-addon-bulk-uploader plugin prior to 1.2.5 for WordPress has no protection against 301 redirect rule injection via a CSV file.
Webcraftic Simple 301 Redirects-addon-bulk Uploader
NA
CVE-2022-4888
The Checkout Fields Manager WordPress plugin prior to 1.0.2, Abandoned Cart Recovery WordPress plugin prior to 1.2.5, Custom Fields for WooCommerce WordPress plugin prior to 1.0.4, Custom Order Number WordPress plugin up to and including 1.0.1, Custom Registration Forms Builder W...
Addify Order Tracking For Woocommerce
Addify Order Approval For Woocommerce
Addify Image Watermark For Woocommerce
Addify Gift Registry For Woocommerce
Addify Advanced Free Gifts
Addify Custom Registration Forms Builder
Addify Custom Order Number
Addify Custom Fields For Woocommerce
Addify Abandoned Cart Recovery
Addify Checkout Fields Manager
605
VMScore
CVE-2014-5072
Cross-site request forgery (CSRF) vulnerability in WP Security Audit Log plugin prior to 1.2.5 for WordPress allows remote malicious users to hijack the authentication of unspecified victims via unknown vectors.
Wpsecurityauditlog Wp Security Audit Log
383
VMScore
CVE-2021-24274
The Ultimate Maps by Supsystic WordPress plugin prior to 1.2.5 did not sanitise the tab parameter of its options page before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue
Supsystic Ultimate Maps
NA
CVE-2023-0557
The ContentStudio plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.2.5. This could allow unauthenticated malicious users to obtain a nonce needed for the creation of posts.
Contentstudio Contentstudio
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »