Stay up to date with Vulnerability Information for this platform. Click to subscribe to IEAN Exploit Alerts
 


Date Description Status
2013-05-21WordPress ProPlayer Plugin SQL InjectionPublished
2013-05-17WordPress plugin mail-on-update CSRFPublished
2013-05-17WordPress plugin wp-cleanfix CSRFPublished
2013-05-16WordPress wp-FileManager File DownloadPublished
2013-05-15WordPress Video JS Cross Site ScriptingPublished
2013-05-15WordPress Newsletter Plugin 3.2.6 (alert) Reflected XSS VulnerabilityPublished
2013-05-13WordPress Search and Share plugin vulnerabilitiesPublished
2013-05-13WordPress Securimage-WP Plugin v3.2.4 URI-based XSS VulnerabilityPublished
2013-05-07WordPress Advanced XML Reader 0.3.4 Plugin XXE 0day *youtubePublished
2013-05-02Wordpress W3 Total Cache 0.9.2.8 PHP Code Execution exploitPublished
2013-05-02Wordpress W3 Total Cache 0.9.2.8 Remote Code ExecPublished
2013-04-21WordPress theme Colormix Multiple vulnerabilitiesPublished
2013-04-12Wordpress Catalog Plugin Xss VulnerabilityPublished
2013-04-11Wordpress Spider Video Player plugin SQL InjectionPublished
2013-04-11WordPress Spider Video Player 2.1 SQL InjectionPublished
2013-04-09Wordpress plugins fbsurveypro XSS VulnerabilityPublished
2013-04-08Wordpress plugins kioskprox XSS VulnerabilityPublished
2013-04-07WordPress Trafficanalyzer Plugin XSS VulnerabilityPublished
2013-03-27WordPress plugin user-photo file upload arbitrary PHP code executionPublished
2013-03-27Wordpress videowhisper-live-streaming-integration Plugin XSSPublished
2013-03-27Wordpress plugin v3 level four storefront SQL injection VulnerabilityPublished
2013-03-27Wordpress trafficanalyzer Plugin XSSPublished
2013-03-26WordPress Mathjax Latex 1.1 Cross Site Request ForgeryPublished
2013-03-25Wordpress wp-video-commando Plugin XSSPublished
2013-03-23WordPress IndiaNIC FAQS Manager 1.0 XSS & CSRFPublished
2013-03-23WordPress IndiaNIC FAQS Manager 1.0 SQL InjectionPublished
2013-03-22Joomla Component com_wordpress XSS VulnerabilityPublished
2013-03-20WordPress Count Per Day 3.2.5 XSSPublished
2013-03-20WordPress Occasions 1.0.4 Cross Site Request ForgeryPublished
2013-03-19WordPress LeagueManager'league_id'SQLPublished
2013-03-19WordPress Simply Poll Plugin 1.4.1 CSRF and stored XSSPublished
2013-03-17Wordpress WP-e-Commerce plugin 3.8.9.5 Cross Site Scripting VulnerabilityPublished
2013-03-17Wordpress bp-gallery plugin 1.2.5 Cross Site Scripting VulnerabilityPublished
2013-03-17Wordpress o2s-gallery plugin Cross Site Scripting VulnerabilityPublished
2013-03-17WordPress LeagueManager Plugin 3.8 SQL InjectionPublished
2013-03-17Wordpress Image News slider plugin 3.5 Cross Site Scripting VulnerabilityPublished
2013-03-15WordPress LeagueManager 3.8 SQL InjectionPublished
2013-03-15WordPress LeagueManager Plugin 3.8 - SQL InjectionPublished
2013-03-12WordPress Terillion Reviews Cross Site ScriptingPublished
2013-03-11WordPress plugin snazzy-archives XSS vulnerabilityPublished
2013-03-10WordPress plugins vulnerable to CVE-2013-1808Published
2013-03-08WordPress Events Manager 5.3.3 Cross Site ScriptingPublished
2013-03-06WordPress Count-Per-Day 3.2.5 Cross Site ScriptingPublished
2013-03-05WordPress Counter per Day plugin <= 3.2.3. Path Disclosure and Denial-Of-ServicePublished
2013-03-05WordPress Caulk Path DisclosurePublished
2013-02-28WordPress Comment Rating 2.9.32 SQL Injection & BypassPublished
2013-02-27Wordpress Comment Rating Plugin 2.9.32 - Multiple VulnerabilitiesPublished
2013-02-25WordPress plugin smart-flv jwplayer.swf XSSPublished
2013-02-21WordPress Pretty Link 1.6.3 Cross Site ScriptingPublished
2013-02-13WordPress Classipress Theme 3.1.4 Cross Site ScriptingPublished
2013-02-12Wordpress newscast Theme SQL InjectionPublished
2013-02-12Wordpress simple flash video v2 plugin SQL InjectionPublished
2013-02-12Wordpress wp forum server v2 plugin SQL InjectionPublished
2013-02-12Wordpress podpress plugin v2 Plugin SQL InjectionPublished
2013-02-12Wordpress Xhanch My Prayer Time plugin v2 Plugin SQL InjectionPublished
2013-02-12Wordpress image news slider v3 Plugin SQL InjectionPublished
2013-02-11Wordpress smart-map v2 Plugin SQL InjectionPublished
2013-02-11Wordpress post2pdf-converter v2 Plugin SQL InjectionPublished
2013-02-10Wordpress theme pinboard 1.0.6 XSSPublished
2013-02-10Wordpress plugin myftp-ftp-like-plugin-for-wordpress 2 SQL InjectionPublished
2013-02-08WordPress Audio Player SWF Cross Site ScriptingPublished
2013-02-07WordPress Wysija Newsletters 2.2 SQL InjectionPublished
2013-02-07WordPress CommentLuv 2.92.3 Cross Site ScriptingPublished
2013-02-06Wordpress wp-forum plugin SQL InjectionPublished
2013-02-03Wordpress Gallery'load'Published
2013-02-03WordPress theme Flash News Multiple vulnerabilitiesPublished
2013-02-03Wordpress dt-chocolate Theme Image Open redirectPublished
2013-02-02WordPressSearch plugin SQL Injection VulnerabilityPublished
2013-02-01Wordpress simple-shout-box Plugin SQL InjectionPublished
2013-02-01Wordpress wp-table-reloaded plugin cross-site scripting in SWFPublished
2013-02-01Wordpress portfolio-slideshow-pro v3 Plugin SQL InjectionPublished
2013-01-31Wordpress RLSWordPressSearch plugin SQL InjectionPublished
2013-01-26WordPress SolveMedia 1.1.0 Cross Site Request ForgeryPublished
2013-01-25Wordpress Zingiri Web Shop Plugin <= 2.4.0 Multiple XSS VulnerabilitiesPublished
2013-01-25WordPress SolveMedia 1.1.0 CSRF VulnerabilityPublished
2013-01-24WordPress Chocolate Theme XSS & Denial Of Service & Shell UploadPublished
2013-01-23Cardoza WordPress Poll 34.05 SQL InjectionPublished
2013-01-22WordPress Ripe HD FLV Player SQL Injection & Path DisclosurePublished
2013-01-22Wordpress Developer Formatter CSRF VulnerabilityPublished
2013-01-15WordPress Daily Edition Mouss XSS & Disclosure & Shell UploadPublished
2013-01-15WordPress theme Daily Edition Mouss Multiple vulnerabilitiesPublished
2013-01-13WordPress Floating Tweets 1.0.1 XSS and Directory TraversalPublished
2013-01-11Wordpress gallery-3.8.3 plugin Arbitrary File Read VulnerabilityPublished
2013-01-09WordPress Plugin Google Document Embedder Arbitrary File DisclosurePublished
2013-01-08XML Sitemap Generator for Wordpress (Google XML Sitemaps) Code InjectionPublished
2013-01-08WordPress Spam Free 1.9.2 Filter BypassPublished
2013-01-08WordPress OpenInviter Information DisclosurePublished
2013-01-07Wordpress wilderness SQL injectionPublished
2013-01-07Wordpress NextGEN Gallery plugin Cross-Site Scripting VulnerabilityPublished
2013-01-04WordPress Plugin Advanced Custom Fields Remote File InclusionPublished
2013-01-03WordPress Uploader 1.0.4 Shell UploadPublished
2013-01-03WordPress Xerte Online 0.32 Shell UploadPublished
2013-01-03WordPress ReFlex Gallery 1.3 Shell UploadPublished
2013-01-03WordPress Shopping Cart 8.1.14 Shell Upload & SQL InjectionPublished
2013-01-03WordPress Advanced Custom Fields Remote File InclusionPublished
2013-01-02Wordpress Sahifa theme 2.4.0 CSRF and Full Path DisclosurePublished
2013-01-02Wordpress plugins WP PHP widget Full Path Disclosure vulnerabilityPublished
2012-12-31WordPress SB Uploader 3.9 Shell UploadPublished
2012-12-31WordPress Photo Plus & Photo Search XSS & CSRFPublished
2012-12-31Wordpress plugins NextGEN Public Uploader Full Path Disclosure VulnerabilityPublished
2012-12-30WordPress themes RocketTheme Multiple vulnerabilitiesPublished
2012-12-28WordPressW3 Total Published
2012-12-28WordPress Asset-Manager PHP File UploadPublished
2012-12-27WordPress CMSMasters'upload.php'Published
2012-12-26WordPress WP-Property PHP File Upload VulnerabilityPublished
2012-12-26WordPress Asset-Manager PHP File Upload VulnerabilityPublished
2012-12-25WordPress W3 Total Cache Data DisclosurePublished
2012-12-25WordPress Rokbox Themes Content Spoofing and XSSPublished
2012-12-24WordPress 'wp-login.php'(CVE-2012-5868)Published
2012-12-23WordPress BuddyPress Cross Site Scripting & Content SpoofingPublished
2012-12-21WordPress 3.4.2 Sessions Not Terminated Upon Explicit User LogoutPublished
2012-12-21Wordpress plugin sintic_gallery Path Disclosure VulnerabilityPublished
2012-12-21BuddyPress for WordPress XSS and CS vulnerabilitiesPublished
2012-12-18WordPress Rokbox 2.13 Multiple VulnsPublished
2012-12-16WordPress RokBox Multiple VulnerabilitiesPublished
2012-12-14Wordpress Plugin Authentication BypassPublished
2012-12-13WordPress portable-phpMyAdmin 1.3.0 Authentication BypassPublished
2012-12-09WordPress Simple Gmail Login Path DisclosurePublished
2012-12-05WordPress WP-Realty 'language'Published
2012-12-04WordPress Nest SQL InjectionPublished
2012-11-30WordPress Video Lead Form 0.5 Cross Site ScriptingPublished
2012-11-30WordPress Toolbox 1.4 SQL InjectionPublished
2012-11-30WordPress TimelineJS_Nuweb Local File InclusionPublished
2012-11-28WordPress Newstimes Package SQL InjectionPublished
2012-11-28WordPress wp-imagezoon SQL InjectionPublished
2012-11-28WordPress Shai-Saul SQL InjectionPublished
2012-11-28WordPress yaren Tema SQL InjectionPublished
2012-11-28WordPress weddingsatwork SQL InjectionPublished
2012-11-28Wordpress asm theme SQL injectionPublished
2012-11-28WordPress st_newsletter SQL InjectionPublished
2012-11-28WordPress starmark Theme Local File InclusionPublished
2012-11-28WordPress oberliga SQL InjectionPublished
2012-11-28WordPress myflash Local File InclusionPublished
2012-11-28WordPress cstardesign SQL InjectionPublished
2012-11-25Wordpress dailyedition-mouss Theme SQL injectionPublished
2012-11-24WordPress Zarzadzanie Kontem Shell UploadPublished
2012-11-24WordPress Zingiri Web Shop 2.5.0 Shell UploadPublished
2012-11-24WordPress Plg Novana SQL InjectionPublished
2012-11-24WordPress Simple Slider 1.0 Cross Site ScriptingPublished
2012-11-23Wordpress plg_novana plugin Sql InjectionPublished
2012-11-23Wordpress magazine-basic-plugin/ Theme SQL InjectionPublished
2012-11-23Wordpress malmonation theme SQL InjectionPublished
2012-11-22Wordpress hd-webplayer Theme SQL InjectionPublished
2012-11-22Wordpress fs-real-estate-plugin Theme SQL InjectionPublished
2012-11-22Wordpress webplayer-plugin Theme SQL InjectionPublished
2012-11-21WordPress Madebymilk SQL InjectionPublished
2012-11-21WordPress FireStorm Real Estate 2.06.08 SQL InjectionPublished
2012-11-21Wordpress tdo-mini-forms plugin (rfu/rfd) VulnerabilitiesPublished
2012-11-20WordPress ArribaLaEsteban SQL InjectionPublished
2012-11-20WordPress List Communities SQL InjectionPublished
2012-11-20Wordpress Facebook Survey v1 SQL Injection VulnerabilityPublished
2012-11-19Wordpress Plugins Spotlight Your Upload VulnerabilityPublished
2012-11-18WordPress Integrator 1.32 Cross Site ScriptingPublished
2012-11-16WordPress Dailyedition-mouss SQL InjectionPublished
2012-11-16WordPress Tagged Albums SQL InjectionPublished
2012-11-14WordPress WP E-Commerce 3.8.9 SQL Injection / Cross Site ScriptingPublished
2012-11-13WordPress AJAX Post Search'the_search_function()'SQLPublished
2012-11-13WordPress Related Posts Exit Popup SQL InjectionPublished
2012-11-11WordPress Calendar-Script Blind SQL InjectionPublished
2012-11-11WordPress Eco-Annu SQL InjectionPublished
2012-11-10WordPress swfupload XSS vulnerabilityPublished
2012-11-09Wordpress theme wilderness SQL InjectionPublished
2012-11-09Wordpress theme kakao SQL InjectionPublished
2012-11-08WordPress Hitasoft FLV Player 1.1 SQL InjectionPublished
2012-11-08WordPress Cardoza Ajax Search 1.1 SQL InjectionPublished
2012-11-04Wordpress Spider Catalog 1.1 HTML Code Injection and Cross-Site scriptingPublished
2012-10-31Wordpress FoxyPress Plugin 0.4.2.5 Multiple VulnerabilitiesPublished
2012-10-31Wordpress FoxyPress Plugin Multiple VulnerabilitiesPublished
2012-10-28Wordpress Easy Webinar Plugin Blind SQL Injection VulnerabilityPublished
2012-10-27WordPress Easy Webinar Blind SQL InjectionPublished
2012-10-26WordPress GRAND Flash Album Gallery SQL Injection & Disclosure & File OverwritePublished
2012-10-22Wordpress Social Discussions Plugin 6.1.1 Multiple VulnerabilitiesPublished
2012-10-20WordPress Wordfence Security XSS and IAA vulnerabilitiesPublished
2012-10-18Wordpress Social Discussions Plugin Multiple VulnerabilitiesPublished
2012-10-17Wordpress Plugin BackWPup 1.6.1 Remote auth bypassPublished
2012-10-11WordPress Kish Guest Posting 1.0 Shell UploadPublished
2012-10-11WordPress Shortcode Redirect 1.0.01 Stored Cross Site ScriptingPublished
2012-10-11WordPress Mingle Forum 1.0.32.1 Cross Site Scripting / SQL InjectionPublished
2012-10-11WordPress LivePHP Cross Site ScriptingPublished
2012-10-11WordPress Slideshow Gallery 2 Cross SIte ScriptingPublished
2012-10-08Wordpress Remote Command ExecutionPublished
2012-10-06WordPress Shopp v1.0.17 eCommerce Plugin <= XSS & LFIPublished
2012-10-04Wordpress Plugin spider calendar Multiple VulnerabilitiesPublished
2012-10-04WordPress Spider 1.0.1 SQL Injection & XSSPublished
2012-10-01WordPress Theme 3.2 Unauthenticated Configuration AccessPublished
2012-10-01Wordpressthemesbook Cms Cross-Site Scripting VulnerabilityPublished
2012-09-28Wordpress phpBAK Red Config VulnerabilityPublished
2012-09-27WordPress ABC-Test 0.1 Cross Site ScriptingPublished
2012-09-20Wordpress Wp-TopBar 4.02 Multiple VulnerabilitiesPublished
2012-09-20MF Gig Calendar Wordpress Plugin Cross-Site ScriptingPublished
2012-09-19Wordpress Admin name Information DisclosurePublished
2012-09-13WordPress Tierra Audio Path DisclosurePublished
2012-09-13WordPress Krea3AllMedias SQL InjectionPublished
2012-09-10WordPress SEM WYSIWYG Arbitrary File UploadPublished
2012-09-10WordPress HD Webplayer 1.1 SQL InjectionPublished
2012-09-10Wordpress Download Monitor Download Page Cross-Site ScriptingPublished
2012-09-10WordPress Simple Forum Shell UploadPublished
2012-09-10WordPress AdRotate 3.7.3.5 Cross Site ScriptingPublished
2012-09-10ShopperPress WordPress Theme 2.7 Cross Site ScriptingPublished
2012-09-10WordPress Finder Cross Site ScriptingPublished
2012-09-10WordPress NextGEN Gallery 1.9.5 Cross Site ScriptingPublished
2012-09-10WordPress Count Per Day 3.2.3 Cross Site ScriptingPublished
2012-09-10WordPress Google Analytics 4.2.4 Cross Site ScriptingPublished
2012-09-10WordPress Monsters Editor Shell UploadPublished
2012-09-10WordPress TDO Mini Forms Arbitrary File UploadPublished
2012-02-02WordPress <= 3.3.1 Multiple VulnerabilitiesPublished
2012-01-25Wordpress Kish Guest Posting Plugin 1.0 Arbitrary File UploadPublished
2012-01-23Wordpress uCan Post plugin <= 1.0.09 Stored XSSPublished
2012-01-23AllWebMenus < 1.1.9 WordPress Menu Plugin Arbitrary File UploadPublished
2012-01-17Wordpress Age Verification Plugin <= 0.4 Open RedirectPublished
2012-01-17WordPress wp-autoyoutube plugin Blind SQL Injection VulnerabilityPublished
2012-01-17Wordpress Count-per-day plugin Multiple VulnerabilitiesPublished
2012-01-11Wordpress Pay With Tweet Plugin <= 1.1 Multiple VulnerabilitiesPublished
2012-01-04Wordpress Comment Rating plugin Multiple VulnerabilitiesPublished
2011-12-28Wordpress Mailing List Plugin Arbitrary File DownloadPublished
2011-12-15BLIND SQL injection UPM-POLLS wordpress plugin 1.0.4Published
2011-12-08WordPress Pretty Link 1.5.2 Cross Site ScriptingPublished
2011-12-02WordPress Flash Album Gallery Cross Site ScriptingPublished
2011-11-25Wordpress enable-latex plugin Remote File Include VulnerabilitiesPublished
2011-11-23Wordpress meenews 5.1 plugin Cross-Site Scripting VulnerabilitiesPublished
2011-11-22WordPress Adminimize plugin suffers from a cross site scripting vulnerabilityPublished
2011-11-22WordPress Advanced Text Widget plugin suffers from a cross site scripting vulnerabilityPublished
2011-11-19WordPress jetpack plugin SQL Injection VulnerabilityPublished
2011-11-15WordPress AdRotate plugin <= 3.6.6 SQL Injection VulnerabilityPublished
2011-11-14Wordpress Zingiri Plugin <= 2.2.3 (ajax_save_name.php) Remote Code ExecutionPublished
2011-11-01WordPress WP Glossary plugin SQL Injection VulnerabilityPublished
2011-10-31WordPress Classipress Theme <= 3.1.4 Stored XSSPublished
2011-10-31WordPress WP Glossary Plugin SQL InjectionPublished
2011-10-28WordPress wptouch plugin SQL Injection VulnerabilityPublished
2011-10-17Wordpress Mailing List 1.3.2Published
2011-10-17WordPress Photo Album Plus <= 4.1.1 SQLPublished
2011-10-15WordPress Photo Album Plus <= 4.1.1 SQL Injection VulnerabilityPublished
2011-10-13WordPress Pretty Link 1.4.56 Cross Site ScriptingPublished
2011-10-13WordPress GD Star Rating plugin <= 1.9.10 SQL InjectionPublished
2011-10-06Packet storm WordPress Redirection 2.2.9 Persistent Cross Site ScriptingPublished
2011-10-05WordPress Redirection 2.2.9 Persistent Cross Site ScriptingPublished
2011-09-30WordPress WP Bannerize plugin <= 2.8.7 SQL Injection VulnerabilityPublished
2011-09-25WordPress Link Library plugin <= 5.2.1 SQL Injection VulnerabilityPublished
2011-09-21Multiple Wordpress Plugin timthumb.php VulnerabilitesPublished
2011-09-21Wordpress Annonces Plugin 1.2.0.0 Remote File InclusionPublished
2011-09-21Wordpress Mini Mail Dashboard Widget Plugin 1.36 Remote File InclusionPublished
2011-09-21Wordpress WPEasyStats Plugin 1.8 Remote File InclusionPublished
2011-09-21Wordpress Zingiri Web Shop Plugin 2.2.0 Remote File InclusionPublished
2011-09-21Wordpress AllWebMenus Plugin 1.1.3 Remote File InclusionPublished
2011-09-21Wordpress Mailing List Plugin 1.3.2 Remote File InclusionPublished
2011-09-21Wordpress TheCartPress Plugin 1.1.1 Remote File InclusionPublished
2011-09-21WordPress WP e-Commerce"cs1"SQLPublished
2011-09-21Wordpress Disclosure Policy Plugin 1.0 Remote File InclusionPublished
2011-09-21Wordpress Relocate Upload Plugin 0.14 Remote File InclusionPublished
2011-09-21Wordpress Livesig Plugin 0.4 Remote File InclusionPublished
2011-09-21WordPress Filedownload Plugin 0.1 (download.php) Remote File Disclosure VulnerabilityPublished
2011-09-19WordPress Count per Day plugin <= 2.17 SQL Injection VulnerabilityPublished
2011-09-18WordPress Auctions plugin <= 1.8.8 SQL Injection VulnerabilityPublished
2011-09-14WordPress WP e-Commerce plugin <= 3.8.6 SQL Injection VulnerabilityPublished
2011-09-13Wordpress 1 Flash Gallery Plugin Arbiraty File Upload Exploit (MSF)Published
2011-09-10Wordpress grapefile plugin <= 1.1 Arbitrary File UploadPublished
2011-09-10WordPress Facebook Promotions plugin <= 1.3.3 SQL Injection VulnerabilityPublished
2011-09-10WordPress Event Registration plugin <= 5.4.3 SQL InjectionPublished
2011-09-10WordPress Couponer plugin <= 1.2 SQL InjectionPublished
2011-09-10WordPress SendIt plugin <= 1.5.9 Blind SQL Injection VulnerabilityPublished
2011-09-10WordPress Advertizer plugin <= 1.0 SQL Injection VulnerabilityPublished
2011-09-10WordPress WP Bannerize plugin <= 2.8.6 SQL InjectionPublished
2011-09-10WordPress wp audio gallery playlist plugin <= 0.12 SQL InjectionPublished
2011-09-10WordPress iCopyright(R) Article Tools plugin <= 1.1.4 SQL InjectionPublished
2011-09-10WordPress Donation plugin <= 1.0 SQL InjectionPublished
2011-09-10WordPress Crawl Rate Tracker plugin <= 2.0.2 SQL Injection VulnerabilityPublished
2011-09-10WordPress PureHTML plugin <= 1.0.0 SQL InjectionPublished
2011-09-10WordPress Facebook Opengraph Meta Plugin plugin <= 1.0 SQL Injection VulnerabilityPublished
2011-09-10Wordpress Image Gallery with Slideshow plugin <= 1.5 Multiple VulnerabilitiesPublished
2011-09-10WordPress yolink Search plugin <= 1.1.4 SQL InjectionPublished
2011-09-10WordPress VideoWhisper Video Presentation plugin <= 1.1 SQL Injection VulnerabilityPublished
2011-09-10WordPress SH Slideshow plugin <= 3.1.4 SQL Injection VulnerabilityPublished
2011-08-29WordPress Photoracer 1.0 Cross Site Scripting / SQL InjectionPublished
2011-08-29WordPress TimThumb Plugin - Remote Code ExecutionPublished
2011-08-29WordPress mySTAT plugin <= 2.6 SQL Injection VulnerabilityPublished
2011-08-29WordPress Block-Spam-By-Math-Reloaded Plugin BypassPublished
2011-08-29WordPress Evarisk plugin <= 5.1.3.6 SQL Injection VulnerabilityPublished
2011-08-29WordPress MM Duplicate plugin <= 1.2 SQL Injection VulnerabilityPublished
2011-08-29WordPress Profiles plugin <= 2.0 RC1 SQL Injection VulnerabilityPublished
2011-08-28WordPress Photoracer Plugin <= 1.0 Multiple VulnerabilitiesPublished
2011-08-28WordPress MM Forms Community plugin <= 1.2.3 SQL Injection VulnerabilityPublished
2011-08-28WordPress Js-appointment plugin <= 1.5 SQL Injection VulnerabilityPublished
2011-08-28WordPress Super CAPTCHA plugin <= 2.2.4 SQL Injection VulnerabilityPublished
2011-08-28WordPress Collision Testimonials plugin <= 3.0 SQL Injection VulnerabilityPublished
2011-08-28WordPress oQey Headers plugin <= 0.3 SQL Injection VulnerabilityPublished
2011-08-28WordPress Photoracer plugin <= 1.0 SQL Injection VulnerabilityPublished
2011-08-26WordPress Yoast v4.1.3 Local File Disclosure VulnerabilityPublished
2011-08-21WordPress UnGallery plugin <= 1.5.8 Local File Disclosure VulnerabilityPublished
2011-08-18WordPress WP Symposium plugin <= 0.64 SQL Injection VulnerabilityPublished
2011-08-18WordPress Ajax Gallery plugin <= 3.0 SQL Injection VulnerabilityPublished
2011-08-18WordPress Contus HD FLV Player plugin <= 1.3 SQL Injection VulnerabilityPublished
2011-08-18WordPress WP Forum plugin <= 1.7.8 SQL Injection VulnerabilityPublished
2011-08-18WordPress File Groups plugin <= 1.1.2 SQL Injection VulnerabilityPublished
2011-08-18WordPress WP DS FAQ plugin <= 1.3.2 SQL Injection VulnerabilityPublished
2011-08-18WordPress OdiHost Newsletter plugin <= 1.0 SQL Injection VulnerabilityPublished
2011-08-18WordPress Easy Contact Form Lite plugin <= 1.0.7 SQL Injection VulnerabilityPublished
2011-08-18WordPress Global Content Blocks plugin <= 1.2 SQL Injection VulnerabilityPublished
2011-07-04WordPress 3.1.3 SQL Injection VulnerabilitiesPublished
2011-06-27Wordpress core 3.1.3 Persistent XSS VulnerabilityPublished
2011-06-27Wordpress Beer Recipes Plugin v.1.0 XSSPublished
2011-05-24Is-human <=1.4.2 Wordpress Plugin Remote Command Execution VulnerabilityPublished
2011-04-28WordPress SermonBrowser Plugin 0.43 SQL InjectionPublished
2011-04-26Ajax Category Dropdown Wordpress Plugin 0.1.5 Multiple VulnerabilitiesPublished
2011-04-06WordPress WP Custom Pages Plugin 0.5.0.1 LFI VulnerabilityPublished
2011-03-29Wordpress plugin BackWPup Remote and Local Code Execution VulnerabilityPublished
2011-03-10PHP Speedy <= 0.5.2 Wordpress Plugin (admin_container.php) Remote Code Exec ExploitPublished
2011-03-10GRAND Flash Album Gallery 0.55 Wordpress Plugin Multiple VulnerabilitiesPublished
2011-02-27OPS Old Post Spinner 2.2.1 Wordpress Plugin LFI VulnerabilityPublished
2011-02-27JQuery Mega Menu 1.0 Wordpress Plugin Local File InclusionPublished
2011-02-26Z-Vote 1.1 Wordpress Plugin SQL Injection VulnerabilityPublished
2011-02-25GigPress 2.1.10 Wordpress Plugin Stored XSS VulnerabilityPublished
2011-02-25Relevanssi 2.7.2 Wordpress Plugin Stored XSS VulnerabilityPublished
2011-02-25IWantOneButton 3.0.1 Wordpress Plugin Multiple VulnerabilitiesPublished
2011-02-25WP Forum Server 1.6.5 Wordpress Plugin SQL Injection VulnerabilityPublished
2011-02-24Comment Rating 2.9.23 Wordpress Plugin Multiple VulnerabilitiesPublished
2011-02-18WordPress User Photo Component Remote File Upload VulnerabilityPublished
2011-02-11Enable Media Replace WordPress Plugin Multiple VulnerabilitiesPublished
2010-12-07SQL injection vulnerability in do_trackbacks() Wordpress functionPublished
2010-11-14Wordpress Event Registration Plugin 5.32 SQL Injection VulnerabilityPublished
2010-10-20Wordpress plugin mygallerybrowser.php Remote File Upload VulnerabilityPublished
2010-09-07Wordpress Events Manager Extended Plugin Persistent XSS VulnerabilityPublished
2010-08-05WordPress NextGEN Smooth Gallery Blind SQL Injection VulnerabilityPublished
2010-07-23WordPress Plugin myLDlinker SQL Injection VulnerabilityPublished
2010-07-10Wordpress Firestats Remote Configuration File DownloadPublished
2010-06-25Vulnerabilities in Cimy Counter for WordPressPublished
2010-06-08WordPress Gigya Socialize Plugin Cross-Site Scripting VulnerabilitiesPublished
2010-04-06XSS Vulnerability in NextGEN Gallery Wordpress PluginPublished
2010-03-02Wordpress 2.9.1 wp-admin Cross-Site Scripting VulnerabilityPublished
2010-02-23WordPress Copperleaf Photolog SQL Injection VulnerabilityPublished
2010-02-19Wordpress script <== x.x.x (Events Plugins) SQL Injection VulnerabilityPublished
2010-02-19WordPress 2.9 plugin wp-wall (XSS) Cross Site Scripting VulnerabilityPublished
2010-02-19Joomla JD-WordPress Remote File Include ExploitPublished
2010-02-19Wordpress Resource exhaustion ExploitPublished
2010-02-19WordPress Pyrmont V2. SQL Injection VulnerabilityPublished
2010-02-19Wordpress <= 2.9 Denial of ServicePublished
2010-02-15WordPress Copperleaf Photolog SQL injectionPublished
2010-02-13WordPress >= 2.9 Failure to Restrict URL AccessPublished
2010-01-02Wordpress Events Plugin SQL Injection VulnerabilityPublished
2009-12-310day Wordpress DOS <= 2.9Published
2009-12-18WordPress and Pyrmont V2. SQL Injection VulnerabilityPublished
2009-12-07Vulnerabilities in WP-Cumulus for WordPressPublished
2009-12-05Wordpress Image Manager Plugins Shell Upload VulnerabilityPublished
2009-11-25Vulnerabilities in WP-Cumulus <= 1.20 for WordPressPublished
2009-11-13WordPress Arbitrary File Upload and Cross Site Scripting VulnerabilitiesPublished
2009-11-13Wordpress Plugin WP-Syntax <= 0.9.1 Remote Command Execution PoCPublished
2009-11-11WordPress <= 2.8.5 Unrestricted File Upload Arbitrary PHP Code ExecutionPublished
2009-11-11Fedora Security Update Fixes WordPress-MU Denial of Service IssuePublished
2009-11-10WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass VulnerabilityPublished
2009-11-10WordPress 2.8.5 Unrestricted File Upload Arbitrary PHP Code ExecutionPublished
2009-11-10WordPress MU 1.2.2 - 1.3.1 'wp-includes/wpmu-functions.php' Cross-Site Scripting VulnerabilityPublished
2009-10-27Fedora Security Update Fixes WordPress Denial of Service VulnerabilityPublished
2009-10-23DM Albums for WordPress "delete_album" Directory Traversal IssuePublished
2009-10-22WordPress < 2.8.1 Security Bypass 0dayPublished
2009-10-21WordPress Trackback Remote Denial of Service VulnerabilityPublished
2009-10-20JD-WordPress for Joomla "mosConfig_absolute_path" Inclusion IssuePublished
2009-10-19Joomla JD-WordPress 2.0 RC2 remote file icnlusionPublished
2009-09-02WordPress Privileges Unchecked in admin.php and Multiple Information DisclosuresPublished
2009-08-28WP-Syntax for WordPress "test_filter[wp_head]" Code Injection VulnerabilityPublished
2009-08-27Wordpress Plugin WP-Syntax <= 0.9.1 Remote Command ExecutionPublished
2009-08-24Debian Security Update Fixes Wordpress Security Bypass VulnerabilitiesPublished
2009-08-17Fedora Security Update Fixes WordPress-MU Multiple VulnerabilitiesPublished
2009-08-12Fedora Security Update Fixes WordPress Admin Pass Reset VulnerabilityPublished
2009-08-11Wordpress <= 2.8.3 Remote Admin Reset Password VulnerabilityPublished
2009-08-07Fedora Security Update Fixes WordPress Privilege Escalation IssuesPublished
2009-07-30Fedora Security Update Fixes WordPress Cross Site Scripting IssuePublished
2009-07-27WordPress Plugin FireStats <= 1.6.1(fs_javascript) RFI VulnerabilityPublished
2009-07-24Wordpress 2.8.1 (url) Remote Cross Site Scripting ExploitPublished
2009-07-20Fedora Security Update Fixes WordPress Security Bypass VulnerabilitiesPublished
2009-07-15WordPress Plugin My Category Order <= 2.8 SQL Injection VulnerabilityPublished
2009-07-10WordPress Privileges Unchecked in admin.php and Multiple InformationPublished
2009-07-09WordPress Media Holder (mediaHolder.php id) SQL Injection vulnerabilityPublished
2009-07-09WordPress Multiple Security Bypass and Information Disclosure IssuesPublished
2009-07-02Wordpress Plugin st_newsletter (stnl_iframe.php) SQL Injection VulnerabilityPublished
2009-06-30WordPress Plugin DM Albums 1.9.2 Remote File Disclosure VulnerabilityPublished
2009-06-30WordPress Plugin Related Sites 2.1 Blind SQL Injection VulnerabilityPublished
2009-06-29WordPress Plugin DM Albums 1.9.2 Remote File Inclusion VulnPublished
2009-06-15WordPress Plugin Photoracer 1.0 (id) SQL Injection VulnerabilityPublished
2009-05-26Wordpress Plugin Lytebox (wp-lytebox) Local File Inclusion VulnerabilityPublished
2009-04-15Fedora Security Update Fixes Wordpress-mu Cross Site Scripting IssuePublished
2009-03-18FMoblog Plugin for WordPress "id" Remote SQL Injection VulnerabilityPublished
2009-03-17Wordpress Plugin fMoblog 2.1 (id) SQL Injection VulnerabilityPublished
2009-03-10Wordpress MU < 2.7 'HOST' HTTP Header XSS VulnerabilityPublished
2009-01-12Wordpress plugin WP-Forum 1.7.8 Remote SQL Injection VulnerabilityPublished
2008-12-22Wordpress Plugin Page Flip Image Gallery <= 0.2.2 Remote FD VulnPublished
2008-11-07Fedora Security Update Fixes Wordpress Snoopy Code ExecutionPublished
2008-10-29Wordpress Plugin e-Commerce <= 3.4 Arbitrary File Upload ExploitPublished
2008-10-26WordPress Media Holder (mediaHolder.php id) SQL Injection VulnPublished
2008-10-17Wordpress Plugin st_newsletter (stnl_iframe.php) SQL Injection VulnPublished
2008-09-15WordPress "user_login" Column SQL Truncation VulnerabilityPublished
2008-09-10Wordpress 2.6.1 (SQL Column Truncation) Admin Takeover ExploitPublished
2008-09-10Fedora Security Update Fixes WordPress SSL Enforcement WeaknessPublished
2008-09-07Wordpress 2.6.1 SQL Column Truncation VulnerabilityPublished
2008-07-24Wordpress Plugin Download Manager 0.2 Arbitrary File Upload ExploitPublished
2008-07-07Debian Security Update Fixes WordPress Security Bypass IssuesPublished
2008-05-05Fedora Security Update Fixes WordPress Privilege Escalation IssuePublished
2008-04-28WordPress Cookie Integrity Protection Privilege Escalation VulnerabilityPublished
2008-04-24Spreadsheet for WordPress "ss_id" Remote SQL Injection VulnerabilityPublished
2008-04-22Wordpress Plugin Spreadsheet <= 0.6 SQL Injection VulnerabilityPublished
2008-03-31Wordpress Plugin Download (dl_id) SQL Injection VulnerabilityPublished
2008-02-26Wordpress Plugin Sniplets 1.1.2 (RFI/XSS/RCE) Multiple VulnerabilitiesPublished
2008-02-18Photo Album Plugin for WordPress Multiple SQL Injection VulnerabilitiesPublished
2008-02-16Wordpress Photo album Remote SQL Injection VulnerabilityPublished
2008-02-15Wordpress Plugin Simple Forum 2.0-2.1 SQL Injection VulnerabilityPublished
2008-02-15Wordpress Plugin Simple Forum 1.10-1.11 SQL Injection VulnerabilityPublished
2008-02-13Fedora Security Update Fixes WordPress XML-RPC Post Editing IssuePublished
2008-02-07WordPress XML-RPC Implementation Arbitrary Post Editing VulnerabilityPublished
2008-02-05Wordpress MU < 1.3.2 active_plugins option Code Execution ExploitPublished
2008-02-03Wordpress Plugin st_newsletter Remote SQL Injection VulnerabilityPublished
2008-02-02Wordpress Plugin Wordspew Remote SQL Injection VulnerabilityPublished
2008-02-02Wordpress Plugin dmsguestbook 1.7.0 Multiple Remote VulnerabilitiesPublished
2008-01-31AdServe Plugin for WordPress "id" Parameter SQL Injection VulnerabilityPublished
2008-01-31WassUp Plugin for WordPress "to_date" SQL Injection VulnerabilityPublished
2008-01-31WP-Cal Plugin for WordPress "id" SQL Query Injection VulnerabilityPublished
2008-01-31FGallery Plugin for WordPress "album" SQL Query Injection VulnerabilityPublished
2008-01-30Wordpress Plugin Adserve 0.2 adclick.php SQL Injection ExploitPublished
2008-01-30Wordpress Plugin WassUp 1.4.3 (spy.php to_date) SQL Injection ExploitPublished
2008-01-27Wordpress Plugin WP-Cal 0.3 editevent.php SQL Injection VulnerabilityPublished
2008-01-27Wordpress plugin fGallery 2.4.1 fimrss.php SQL Injection VulnerabilityPublished
2008-01-25Permalinks Migration Plugin for WordPress Cross Site Request ForgeryPublished
2008-01-22WP-Forum Plugin for WordPress "user" SQL Query Injection VulnerabilityPublished
2008-01-19Wordpress plugin WP-Forum 1.7.4 Remote SQL Injection VulnerabilityPublished
2008-01-06Wordpress Plugin Wp-FileManager 1.2 Remote Upload VulnerabilityPublished
2008-01-03Fedora Security Update Fixes WordPress Multiple Remote VulnerabilitiesPublished
2007-12-11Wordpress <= 2.3.1 Charset Remote SQL Injection VulnerabilityPublished
2007-12-11WordPress "s" Parameter Handling Remote SQL Injection VulnerabilityPublished
2007-12-05Wordpress Plugin PictPress <= 0.91 Remote File Disclosure VulnerabilityPublished
2007-11-21WordPress Cookies Processing Authentication Bypass WeaknessPublished
2007-11-06BackUpWordPress "bkpwp_plugin_path" PHP File Inclusion VulnerabilitiesPublished
2007-11-01WordPress Plugin BackUpWordPress <= 0.4.2b RFI VulnerabilityPublished
2007-10-29WordPress "posts_columns" Parameter Cross Site Scripting VulnerabilityPublished
2007-09-14Wordpress Multiple Versions Pwnpress Exploitation Tookit (0.2pub)Published
2007-09-13Wordpress Multiple Parameter Cross Site Scripting and SQL Injection IssuesPublished
2007-08-31Fedora Security Update Fixes WordPress Cross Site Scripting VulnerabilityPublished
2007-08-01WordPress "style" Parameter Processing Cross Site Scripting VulnerabilityPublished
2007-06-26WordPress Security Update Fixes Code Execution and SQL Injection VulnerabilitiesPublished
2007-06-26WordPress 2.2 (wp-app.php) Arbitrary File Upload ExploitPublished
2007-06-11OpenPKG Security Update Fixes WordPress XML-RPC SQL Injection VulnerabilityPublished
2007-06-07WordPress XML-RPC Interface "wp_suggestCategories()" SQL Injection VulnerabilityPublished
2007-06-06Wordpress 2.2 (xmlrpc.php) Remote SQL Injection ExploitPublished
2007-05-21WordPress "cookie" Parameter Handling Remote SQL Query Injection VulnerabilityPublished
2007-05-21Wordpress 2.1.3 admin-ajax.php SQL Injection Blind Fishing ExploitPublished
2007-05-02Debian Security Update Fixes WordPress Cross Site Scripting and Security Bypass IssuesPublished
2007-05-02WP-Table Plugin for WordPress "wppath" Parameter Remote File Inclusion VulnerabilityPublished
2007-05-02WordTube Plugin for WordPress "wppath" Parameter Remote File Inclusion VulnerabilityPublished
2007-05-02MyFlash Plugin for WordPress "wppath" Parameter Remote File Inclusion VulnerabilityPublished
2007-05-01Wordpress plugin wordTube <= 1.43 (wpPATH) RFI VulnerabilityPublished
2007-05-01Wordpress plugin myflash <= 1.00 (wppath) RFI VulnerabilityPublished
2007-05-01Wordpress plugin wp-Table <= 1.43 (inc_dir) RFI VulnerabilityPublished
2007-04-30MyGallery Plugin for Wordpress "myPath" Parameter Remote File Inclusion VulnerabilityPublished
2007-04-29Wordpress Plugin myGallery <= 1.4b4 Remote File Inclusion VulnerabilityPublished
2007-04-04WordPress "XML-RPC" Module Remote SQL Injection and Security Bypass VulnerabilitiesPublished
2007-04-03Wordpress 2.1.2 (xmlrpc) Remote SQL Injection ExploitPublished
2007-03-21Gentoo Security Update Fixes Multiple Wordpress Cross Site Scripting VulnerabilitiesPublished
2007-03-19WordPress "PHP_SELF" Variable Handling Client-Side Cross Site Scripting VulnerabilityPublished
2007-03-13WordPress "wp_title()" and "single_month_title()" Cross Site Scripting VulnerabilityPublished
2007-03-05WordPress "comment_text_phpfilter()" and "get_theme_mcommand()" VulnerabilitiesPublished
2007-02-27WordPress "wp-includes/functions.php" Client-Side Cross Site Scripting VulnerabilityPublished
2007-02-26NoMoKeTo Module for phpBB "phpbb_root_path" Remote File Inclusion VulnerabilityPublished
2007-02-26WordPress "wp_explain_nonce()" Function Client-Side Cross Site Scripting VulnerabilityPublished
2007-01-17Gentoo Security Update Fixes WordPress SQL Injection and Cross Site Scripting IssuesPublished
2007-01-10Wordpress <= 2.0.6 wp-trackback.php Remote SQL Injection ExploitPublished
2007-01-09OpenPKG Security Update Fixes WordPress Trackback Charset SQL Injection IssuePublished
2007-01-07Wordpress 2.0.5 Trackback UTF-7 Remote SQL Injection ExploitPublished
2007-01-06WordPress "wp-login.php" Authentication Process Information Disclosure VulnerabilityPublished
2007-01-06WordPress Trackback Charset SQL Injection and Admin Cross Site Scripting VulnerabilitiesPublished
2006-12-30Enigma 2 WordPress Bridge (boarddir) Remote File Include VulnerabilityPublished
2006-12-27WordPress "get_file_description()" Function Client-Side Cross Site Scripting VulnerabilityPublished
2006-11-21Gentoo Security Update Fixes WordPress Directory Traversal and Security BypassPublished
2006-11-03OpenPKG Security Update Fixes WordPress Multiple Security Bypass VulnerabilitiesPublished
2006-11-02WordPress Remote Directory Traversal and Security Bypass VulnerabilitiesPublished
2006-08-16WP-DB Backup Plugin for WordPress "backup" Parameter Directory Traversal VulnerabilityPublished
2006-07-31WordPress Unspecified Parameter Handling Multiple VulnerabilitiesPublished
2006-07-17Rocks "mount-loop" and "umount-loop" Arguments Handling Privilege Escalation VulnerabilityPublished
2006-07-04WordPress "paged" Parameter Table Prefix and Full Path Disclosure VulnerabilitiesPublished
2006-06-12Gentoo Security Update Fixes WordPress Remote Command Injection VulnerabilityPublished
2006-05-26WordPress User Profile Handling Remote PHP Command Injection VulnerabilityPublished
2006-05-25WordPress <= 2.0.2 (cache) Remote Shell Injection ExploitPublished
2006-03-05Gentoo Security Update Fixes WordPress SQL Injection VulnerabilityPublished
2006-03-01WordPress Cross Site Scripting And Full Path Disclosure VulnerabilitiesPublished
2006-01-16WP-Stats WordPress Plug-in "author" Remote SQL Injection VulnerabilityPublished
2005-11-25PhpWordPress Multiple Parameters Remote SQL Injection VulnerabilityPublished
2005-08-10WordPress "cache_lastpostdate" Remote Code Execution IssuePublished
2005-08-10Wordpress <= 1.5.1.3 Remote Code Execution eXploit (metasploit)Published
2005-08-09Wordpress <= 1.5.1.3 Remote Code Execution 0-Day ExploitPublished
2005-07-04Gentoo Security Update Fixes Multiple WordPress VulnerabilitiesPublished
2005-06-30Wordpress <= 1.5.1.2 xmlrpc Interface SQL Injection ExploitPublished
2005-06-30WordPress SQL Injection and Cross Site Scripting VulnerabilitiesPublished
2005-06-22WordPress <= 1.5.1.1 SQL Injection ExploitPublished
2005-06-21WordPress <= 1.5.1.1 "add new admin" SQL Injection ExploitPublished
2005-06-21WordPress <= 1.5.1.1 ""add new admin"" SQL Injection ExploitPublished
2005-05-30WordPress "cat_ID" Remote SQL Injection VulnerabilityPublished
2004-10-10WordPress Blog HTTP Splitting VulnerabilityPublished




Copyright © 2013 WordpressExploit v1 BETA
Member of public Joomla Exploit, Wordpress Exploit, phpBB Exploit, Drupal Exploit, TYPO3 Exploit, Magento Exploit, Virtuemart Exploit, osCommerce Exploit, Windows Exploits, Mac Exploit Intelligent Exploit Aggregation Network.
This information is provided for TESTING and LEGAL RESEARCH purposes only. Vulnerability information source(s): exploit-db.com, sebug.net, cxsecurity.com. Use at your own risk.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.