Home +Articles +Discuss +Twitter +Facebook

Wordpress Exploits aggregator v1 BETA (RSS)[+]

Send your submissions to info *at* wordpressexploit.com

Sponsored links
Wordpress Scanner
Wordpress-scanner.com   Scan your Wordpress blog or website for security vulnerabilities
 


Date Description
2010-08-05WordPress NextGEN Smooth Gallery Blind SQL Injection Vulnerability
2010-07-23WordPress Plugin myLDlinker SQL Injection Vulnerability
2010-07-10Wordpress Firestats Remote Configuration File Download
2010-06-25Vulnerabilities in Cimy Counter for WordPress
2010-06-08WordPress Gigya Socialize Plugin Cross-Site Scripting Vulnerabilities
2010-04-06XSS Vulnerability in NextGEN Gallery Wordpress Plugin
2010-03-02Wordpress 2.9.1 wp-admin Cross-Site Scripting Vulnerability
2010-02-23WordPress Copperleaf Photolog SQL Injection Vulnerability
2010-02-19Wordpress <= 2.9 Denial of Service
2010-02-19Wordpress script <== x.x.x (Events Plugins) SQL Injection Vulnerability
2010-02-19WordPress 2.9 plugin wp-wall (XSS) Cross Site Scripting Vulnerability
2010-02-19Joomla JD-WordPress Remote File Include Exploit
2010-02-19Wordpress Resource exhaustion Exploit
2010-02-19WordPress Pyrmont V2. SQL Injection Vulnerability
2010-02-15WordPress Copperleaf Photolog SQL injection
2010-02-13WordPress >= 2.9 Failure to Restrict URL Access
2010-01-02Wordpress Events Plugin SQL Injection Vulnerability
2009-12-310day Wordpress DOS <= 2.9
2009-12-18WordPress and Pyrmont V2. SQL Injection Vulnerability
2009-12-07Vulnerabilities in WP-Cumulus for WordPress
2009-12-05Wordpress Image Manager Plugins Shell Upload Vulnerability
2009-11-25Vulnerabilities in WP-Cumulus <= 1.20 for WordPress
2009-11-13WordPress Arbitrary File Upload and Cross Site Scripting Vulnerabilities
2009-11-13Wordpress Plugin WP-Syntax <= 0.9.1 Remote Command Execution PoC
2009-11-11WordPress <= 2.8.5 Unrestricted File Upload Arbitrary PHP Code Execution
2009-11-11Fedora Security Update Fixes WordPress-MU Denial of Service Issue
2009-11-10WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability
2009-11-10WordPress 2.8.5 Unrestricted File Upload Arbitrary PHP Code Execution
2009-11-10WordPress MU 1.2.2 - 1.3.1 'wp-includes/wpmu-functions.php' Cross-Site Scripting Vulnerability
2009-10-27Fedora Security Update Fixes WordPress Denial of Service Vulnerability
2009-10-23DM Albums for WordPress "delete_album" Directory Traversal Issue
2009-10-22WordPress < 2.8.1 Security Bypass 0day
2009-10-21WordPress Trackback Remote Denial of Service Vulnerability
2009-10-20JD-WordPress for Joomla "mosConfig_absolute_path" Inclusion Issue
2009-10-19Joomla JD-WordPress 2.0 RC2 remote file icnlusion
2009-09-02WordPress Privileges Unchecked in admin.php and Multiple Information Disclosures
2009-08-28WP-Syntax for WordPress "test_filter[wp_head]" Code Injection Vulnerability
2009-08-27Wordpress Plugin WP-Syntax <= 0.9.1 Remote Command Execution
2009-08-24Debian Security Update Fixes Wordpress Security Bypass Vulnerabilities
2009-08-17Fedora Security Update Fixes WordPress-MU Multiple Vulnerabilities
2009-08-12Fedora Security Update Fixes WordPress Admin Pass Reset Vulnerability
2009-08-11Wordpress <= 2.8.3 Remote Admin Reset Password Vulnerability
2009-08-07Fedora Security Update Fixes WordPress Privilege Escalation Issues
2009-07-30Fedora Security Update Fixes WordPress Cross Site Scripting Issue
2009-07-27WordPress Plugin FireStats <= 1.6.1(fs_javascript) RFI Vulnerability
2009-07-24Wordpress 2.8.1 (url) Remote Cross Site Scripting Exploit
2009-07-20Fedora Security Update Fixes WordPress Security Bypass Vulnerabilities
2009-07-15WordPress Plugin My Category Order <= 2.8 SQL Injection Vulnerability
2009-07-10WordPress Privileges Unchecked in admin.php and Multiple Information
2009-07-09WordPress Media Holder (mediaHolder.php id) SQL Injection vulnerability
2009-07-09WordPress Multiple Security Bypass and Information Disclosure Issues
2009-07-02Wordpress Plugin st_newsletter (stnl_iframe.php) SQL Injection Vulnerability
2009-06-30WordPress Plugin DM Albums 1.9.2 Remote File Disclosure Vulnerability
2009-06-30WordPress Plugin Related Sites 2.1 Blind SQL Injection Vulnerability
2009-06-29WordPress Plugin DM Albums 1.9.2 Remote File Inclusion Vuln
2009-06-15WordPress Plugin Photoracer 1.0 (id) SQL Injection Vulnerability
2009-05-26Wordpress Plugin Lytebox (wp-lytebox) Local File Inclusion Vulnerability
2009-04-15Fedora Security Update Fixes Wordpress-mu Cross Site Scripting Issue
2009-03-18FMoblog Plugin for WordPress "id" Remote SQL Injection Vulnerability
2009-03-17Wordpress Plugin fMoblog 2.1 (id) SQL Injection Vulnerability
2009-03-10Wordpress MU < 2.7 'HOST' HTTP Header XSS Vulnerability
2009-01-12Wordpress plugin WP-Forum 1.7.8 Remote SQL Injection Vulnerability
2008-12-22Wordpress Plugin Page Flip Image Gallery <= 0.2.2 Remote FD Vuln
2008-11-07Fedora Security Update Fixes Wordpress Snoopy Code Execution
2008-10-29Wordpress Plugin e-Commerce <= 3.4 Arbitrary File Upload Exploit
2008-10-26WordPress Media Holder (mediaHolder.php id) SQL Injection Vuln
2008-10-17Wordpress Plugin st_newsletter (stnl_iframe.php) SQL Injection Vuln
2008-09-15WordPress "user_login" Column SQL Truncation Vulnerability
2008-09-10Wordpress 2.6.1 (SQL Column Truncation) Admin Takeover Exploit
2008-09-10Fedora Security Update Fixes WordPress SSL Enforcement Weakness
2008-09-07Wordpress 2.6.1 SQL Column Truncation Vulnerability
2008-07-24Wordpress Plugin Download Manager 0.2 Arbitrary File Upload Exploit
2008-07-07Debian Security Update Fixes WordPress Security Bypass Issues
2008-05-05Fedora Security Update Fixes WordPress Privilege Escalation Issue
2008-04-28WordPress Cookie Integrity Protection Privilege Escalation Vulnerability
2008-04-24Spreadsheet for WordPress "ss_id" Remote SQL Injection Vulnerability
2008-04-22Wordpress Plugin Spreadsheet <= 0.6 SQL Injection Vulnerability
2008-03-31Wordpress Plugin Download (dl_id) SQL Injection Vulnerability
2008-02-26Wordpress Plugin Sniplets 1.1.2 (RFI/XSS/RCE) Multiple Vulnerabilities
2008-02-18Photo Album Plugin for WordPress Multiple SQL Injection Vulnerabilities
2008-02-16Wordpress Photo album Remote SQL Injection Vulnerability
2008-02-15Wordpress Plugin Simple Forum 1.10-1.11 SQL Injection Vulnerability
2008-02-15Wordpress Plugin Simple Forum 2.0-2.1 SQL Injection Vulnerability
2008-02-13Fedora Security Update Fixes WordPress XML-RPC Post Editing Issue
2008-02-07WordPress XML-RPC Implementation Arbitrary Post Editing Vulnerability
2008-02-05Wordpress MU < 1.3.2 active_plugins option Code Execution Exploit
2008-02-03Wordpress Plugin st_newsletter Remote SQL Injection Vulnerability
2008-02-02Wordpress Plugin dmsguestbook 1.7.0 Multiple Remote Vulnerabilities
2008-02-02Wordpress Plugin Wordspew Remote SQL Injection Vulnerability
2008-01-31FGallery Plugin for WordPress "album" SQL Query Injection Vulnerability
2008-01-31AdServe Plugin for WordPress "id" Parameter SQL Injection Vulnerability
2008-01-31WassUp Plugin for WordPress "to_date" SQL Injection Vulnerability
2008-01-31WP-Cal Plugin for WordPress "id" SQL Query Injection Vulnerability
2008-01-30Wordpress Plugin Adserve 0.2 adclick.php SQL Injection Exploit
2008-01-30Wordpress Plugin WassUp 1.4.3 (spy.php to_date) SQL Injection Exploit
2008-01-27Wordpress Plugin WP-Cal 0.3 editevent.php SQL Injection Vulnerability
2008-01-27Wordpress plugin fGallery 2.4.1 fimrss.php SQL Injection Vulnerability
2008-01-25Permalinks Migration Plugin for WordPress Cross Site Request Forgery
2008-01-22WP-Forum Plugin for WordPress "user" SQL Query Injection Vulnerability
2008-01-19Wordpress plugin WP-Forum 1.7.4 Remote SQL Injection Vulnerability
2008-01-06Wordpress Plugin Wp-FileManager 1.2 Remote Upload Vulnerability
2008-01-03Fedora Security Update Fixes WordPress Multiple Remote Vulnerabilities
2007-12-11WordPress "s" Parameter Handling Remote SQL Injection Vulnerability
2007-12-11Wordpress <= 2.3.1 Charset Remote SQL Injection Vulnerability
2007-12-05Wordpress Plugin PictPress <= 0.91 Remote File Disclosure Vulnerability
2007-11-21WordPress Cookies Processing Authentication Bypass Weakness
2007-11-06BackUpWordPress "bkpwp_plugin_path" PHP File Inclusion Vulnerabilities
2007-11-01WordPress Plugin BackUpWordPress <= 0.4.2b RFI Vulnerability
2007-10-29WordPress "posts_columns" Parameter Cross Site Scripting Vulnerability
2007-09-14Wordpress Multiple Versions Pwnpress Exploitation Tookit (0.2pub)
2007-09-13Wordpress Multiple Parameter Cross Site Scripting and SQL Injection Issues
2007-08-31Fedora Security Update Fixes WordPress Cross Site Scripting Vulnerability
2007-08-01WordPress "style" Parameter Processing Cross Site Scripting Vulnerability
2007-06-26WordPress 2.2 (wp-app.php) Arbitrary File Upload Exploit
2007-06-26WordPress Security Update Fixes Code Execution and SQL Injection Vulnerabilities
2007-06-11OpenPKG Security Update Fixes WordPress XML-RPC SQL Injection Vulnerability
2007-06-07WordPress XML-RPC Interface "wp_suggestCategories()" SQL Injection Vulnerability
2007-06-06Wordpress 2.2 (xmlrpc.php) Remote SQL Injection Exploit
2007-05-21WordPress "cookie" Parameter Handling Remote SQL Query Injection Vulnerability
2007-05-21Wordpress 2.1.3 admin-ajax.php SQL Injection Blind Fishing Exploit
2007-05-02MyFlash Plugin for WordPress "wppath" Parameter Remote File Inclusion Vulnerability
2007-05-02Debian Security Update Fixes WordPress Cross Site Scripting and Security Bypass Issues
2007-05-02WP-Table Plugin for WordPress "wppath" Parameter Remote File Inclusion Vulnerability
2007-05-02WordTube Plugin for WordPress "wppath" Parameter Remote File Inclusion Vulnerability
2007-05-01Wordpress plugin wp-Table <= 1.43 (inc_dir) RFI Vulnerability
2007-05-01Wordpress plugin wordTube <= 1.43 (wpPATH) RFI Vulnerability
2007-05-01Wordpress plugin myflash <= 1.00 (wppath) RFI Vulnerability
2007-04-30MyGallery Plugin for Wordpress "myPath" Parameter Remote File Inclusion Vulnerability
2007-04-29Wordpress Plugin myGallery <= 1.4b4 Remote File Inclusion Vulnerability
2007-04-04WordPress "XML-RPC" Module Remote SQL Injection and Security Bypass Vulnerabilities
2007-04-03Wordpress 2.1.2 (xmlrpc) Remote SQL Injection Exploit
2007-03-21Gentoo Security Update Fixes Multiple Wordpress Cross Site Scripting Vulnerabilities
2007-03-19WordPress "PHP_SELF" Variable Handling Client-Side Cross Site Scripting Vulnerability
2007-03-13WordPress "wp_title()" and "single_month_title()" Cross Site Scripting Vulnerability
2007-03-05WordPress "comment_text_phpfilter()" and "get_theme_mcommand()" Vulnerabilities
2007-02-27WordPress "wp-includes/functions.php" Client-Side Cross Site Scripting Vulnerability
2007-02-26NoMoKeTo Module for phpBB "phpbb_root_path" Remote File Inclusion Vulnerability
2007-02-26WordPress "wp_explain_nonce()" Function Client-Side Cross Site Scripting Vulnerability
2007-01-17Gentoo Security Update Fixes WordPress SQL Injection and Cross Site Scripting Issues
2007-01-10Wordpress <= 2.0.6 wp-trackback.php Remote SQL Injection Exploit
2007-01-09OpenPKG Security Update Fixes WordPress Trackback Charset SQL Injection Issue
2007-01-07Wordpress 2.0.5 Trackback UTF-7 Remote SQL Injection Exploit
2007-01-06WordPress Trackback Charset SQL Injection and Admin Cross Site Scripting Vulnerabilities
2007-01-06WordPress "wp-login.php" Authentication Process Information Disclosure Vulnerability
2006-12-30Enigma 2 WordPress Bridge (boarddir) Remote File Include Vulnerability
2006-12-27WordPress "get_file_description()" Function Client-Side Cross Site Scripting Vulnerability
2006-11-21Gentoo Security Update Fixes WordPress Directory Traversal and Security Bypass
2006-11-03OpenPKG Security Update Fixes WordPress Multiple Security Bypass Vulnerabilities
2006-11-02WordPress Remote Directory Traversal and Security Bypass Vulnerabilities
2006-08-16WP-DB Backup Plugin for WordPress "backup" Parameter Directory Traversal Vulnerability
2006-07-31WordPress Unspecified Parameter Handling Multiple Vulnerabilities
2006-07-17Rocks "mount-loop" and "umount-loop" Arguments Handling Privilege Escalation Vulnerability
2006-07-04WordPress "paged" Parameter Table Prefix and Full Path Disclosure Vulnerabilities
2006-06-12Gentoo Security Update Fixes WordPress Remote Command Injection Vulnerability
2006-05-26WordPress User Profile Handling Remote PHP Command Injection Vulnerability
2006-05-25WordPress <= 2.0.2 (cache) Remote Shell Injection Exploit
2006-03-05Gentoo Security Update Fixes WordPress SQL Injection Vulnerability
2006-03-01WordPress Cross Site Scripting And Full Path Disclosure Vulnerabilities
2006-01-16WP-Stats WordPress Plug-in "author" Remote SQL Injection Vulnerability
2005-11-25PhpWordPress Multiple Parameters Remote SQL Injection Vulnerability
2005-08-10WordPress "cache_lastpostdate" Remote Code Execution Issue
2005-08-10Wordpress <= 1.5.1.3 Remote Code Execution eXploit (metasploit)
2005-08-09Wordpress <= 1.5.1.3 Remote Code Execution 0-Day Exploit
2005-07-04Gentoo Security Update Fixes Multiple WordPress Vulnerabilities
2005-06-30Wordpress <= 1.5.1.2 xmlrpc Interface SQL Injection Exploit
2005-06-30WordPress SQL Injection and Cross Site Scripting Vulnerabilities
2005-06-22WordPress <= 1.5.1.1 SQL Injection Exploit
2005-06-21WordPress <= 1.5.1.1 "add new admin" SQL Injection Exploit
2005-06-21WordPress <= 1.5.1.1 ""add new admin"" SQL Injection Exploit
2005-05-30WordPress "cat_ID" Remote SQL Injection Vulnerability
2004-10-10WordPress Blog HTTP Splitting Vulnerability




Copyright © 2010 WordpressExploit v1 BETA
Member of public Joomla Exploit, Wordpress Exploit, phpBB Exploit, Drupal Exploit, TYPO3 Exploit, Magento Exploit, Virtuemart Exploit, osCommerce Exploit, Windows Exploits, Mac Exploit Intelligent Exploit Aggregation Network.
This information is provided for TESTING and LEGAL RESEARCH purposes only. Use at your own risk.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.