Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress wordpress 2.5 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2014-4846
Cross-site scripting (XSS) vulnerability in the Meta Slider (ml-slider) plugin 2.5 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the id parameter to wp-admin/admin.php.
Matchalabs Metaslider 2.5
7.5
CVSSv2
CVE-2020-13693
An unauthenticated privilege-escalation issue exists in the bbPress plugin prior to 2.6.5 for WordPress when New User Registration is enabled.
Bbpress Bbpress
4.3
CVSSv2
CVE-2017-9337
The Markdown on Save Improved plugin 2.5 for WordPress has a stored XSS vulnerability in the content of a post.
Markdown On Save Improved Project Markdown On Save Improved 2.5
3.5
CVSSv2
CVE-2018-1002001
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.
Kibokolabs Arigato Autoresponder And Newsletter 2.5.1.8
1 EDB exploit
3.5
CVSSv2
CVE-2018-1002002
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.
Kibokolabs Arigato Autoresponder And Newsletter 2.5.1.8
1 EDB exploit
3.5
CVSSv2
CVE-2018-1002003
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.
Kibokolabs Arigato Autoresponder And Newsletter 2.5.1.8
1 EDB exploit
3.5
CVSSv2
CVE-2018-1002007
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in integration-contact-form.html.php:15: via POST request variable html_id.
Kibokolabs Arigato Autoresponder And Newsletter 2.5.1.8
1 EDB exploit
3.5
CVSSv2
CVE-2018-1002009
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in unsubscribe.html.php:3: via GET reuqest to the email variable.
Kibokolabs Arigato Autoresponder And Newsletter 2.5.1.8
1 EDB exploit
3.5
CVSSv2
CVE-2018-1002004
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.
Kibokolabs Arigato Autoresponder And Newsletter 2.5.1.8
1 EDB exploit
3.5
CVSSv2
CVE-2018-1002005
These vulnerabilities require administrative privileges to exploit. There is an XSS vulnerability in bft_list.html.php:43: via the filter_signup_date parameter.
Kibokolabs Arigato Autoresponder And Newsletter
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »