Date Description Status
2013-05-02 Wordpress W3 Total Cache 0.9.2.8 PHP Code Execution exploit Published
2013-05-02 Wordpress W3 Total Cache 0.9.2.8 Remote Code Exec Published
2013-04-21 WordPress theme Colormix Multiple vulnerabilities Published
2013-04-12 Wordpress Catalog Plugin Xss Vulnerability Published
2013-04-11 Wordpress Spider Video Player plugin SQL Injection Published
2013-04-11 WordPress Spider Video Player 2.1 SQL Injection Published
2013-04-09 Wordpress plugins fbsurveypro XSS Vulnerability Published
2013-04-08 Wordpress plugins kioskprox XSS Vulnerability Published
2013-04-07 WordPress Trafficanalyzer Plugin XSS Vulnerability Published
2013-03-27 WordPress plugin user-photo file upload arbitrary PHP code execution Published
2013-03-27 Wordpress videowhisper-live-streaming-integration Plugin XSS Published
2013-03-27 Wordpress plugin v3 level four storefront SQL injection Vulnerability Published
2013-03-27 Wordpress trafficanalyzer Plugin XSS Published
2013-03-26 WordPress Mathjax Latex 1.1 Cross Site Request Forgery Published
2013-03-25 Wordpress wp-video-commando Plugin XSS Published
2013-03-23 WordPress IndiaNIC FAQS Manager 1.0 XSS & CSRF Published
2013-03-23 WordPress IndiaNIC FAQS Manager 1.0 SQL Injection Published
2013-03-22 Joomla Component com_wordpress XSS Vulnerability Published
2013-03-20 WordPress Count Per Day 3.2.5 XSS Published
2013-03-20 WordPress Occasions 1.0.4 Cross Site Request Forgery Published
2013-03-19 WordPress LeagueManager'league_id'SQL Published
2013-03-19 WordPress Simply Poll Plugin 1.4.1 CSRF and stored XSS Published
2013-03-17 Wordpress WP-e-Commerce plugin 3.8.9.5 Cross Site Scripting Vulnerability Published
2013-03-17 Wordpress bp-gallery plugin 1.2.5 Cross Site Scripting Vulnerability Published
2013-03-17 Wordpress o2s-gallery plugin Cross Site Scripting Vulnerability Published
2013-03-17 WordPress LeagueManager Plugin 3.8 SQL Injection Published
2013-03-17 Wordpress Image News slider plugin 3.5 Cross Site Scripting Vulnerability Published
2013-03-15 WordPress LeagueManager 3.8 SQL Injection Published
2013-03-15 WordPress LeagueManager Plugin 3.8 - SQL Injection Published
2013-03-12 WordPress Terillion Reviews Cross Site Scripting Published
2013-03-11 WordPress plugin snazzy-archives XSS vulnerability Published
2013-03-10 WordPress plugins vulnerable to CVE-2013-1808 Published
2013-03-08 WordPress Events Manager 5.3.3 Cross Site Scripting Published
2013-03-06 WordPress Count-Per-Day 3.2.5 Cross Site Scripting Published
2013-03-05 WordPress Counter per Day plugin <= 3.2.3. Path Disclosure and Denial-Of-Service Published
2013-03-05 WordPress Caulk Path Disclosure Published
2013-02-28 WordPress Comment Rating 2.9.32 SQL Injection & Bypass Published
2013-02-27 Wordpress Comment Rating Plugin 2.9.32 - Multiple Vulnerabilities Published
2013-02-25 WordPress plugin smart-flv jwplayer.swf XSS Published
2013-02-21 WordPress Pretty Link 1.6.3 Cross Site Scripting Published
2013-02-13 WordPress Classipress Theme 3.1.4 Cross Site Scripting Published
2013-02-12 Wordpress newscast Theme SQL Injection Published
2013-02-12 Wordpress simple flash video v2 plugin SQL Injection Published
2013-02-12 Wordpress wp forum server v2 plugin SQL Injection Published
2013-02-12 Wordpress podpress plugin v2 Plugin SQL Injection Published
2013-02-12 Wordpress Xhanch My Prayer Time plugin v2 Plugin SQL Injection Published
2013-02-12 Wordpress image news slider v3 Plugin SQL Injection Published
2013-02-11 Wordpress smart-map v2 Plugin SQL Injection Published
2013-02-11 Wordpress post2pdf-converter v2 Plugin SQL Injection Published
2013-02-10 Wordpress theme pinboard 1.0.6 XSS Published
2013-02-10 Wordpress plugin myftp-ftp-like-plugin-for-wordpress 2 SQL Injection Published
2013-02-08 WordPress Audio Player SWF Cross Site Scripting Published
2013-02-07 WordPress Wysija Newsletters 2.2 SQL Injection Published
2013-02-07 WordPress CommentLuv 2.92.3 Cross Site Scripting Published
2013-02-06 Wordpress wp-forum plugin SQL Injection Published
2013-02-03 Wordpress Gallery'load' Published
2013-02-03 WordPress theme Flash News Multiple vulnerabilities Published
2013-02-03 Wordpress dt-chocolate Theme Image Open redirect Published
2013-02-02 WordPressSearch plugin SQL Injection Vulnerability Published
2013-02-01 Wordpress simple-shout-box Plugin SQL Injection Published
2013-02-01 Wordpress wp-table-reloaded plugin cross-site scripting in SWF Published
2013-02-01 Wordpress portfolio-slideshow-pro v3 Plugin SQL Injection Published
2013-01-31 Wordpress RLSWordPressSearch plugin SQL Injection Published
2013-01-26 WordPress SolveMedia 1.1.0 Cross Site Request Forgery Published
2013-01-25 Wordpress Zingiri Web Shop Plugin <= 2.4.0 Multiple XSS Vulnerabilities Published
2013-01-25 WordPress SolveMedia 1.1.0 CSRF Vulnerability Published
2013-01-24 WordPress Chocolate Theme XSS & Denial Of Service & Shell Upload Published
2013-01-23 Cardoza WordPress Poll 34.05 SQL Injection Published
2013-01-22 WordPress Ripe HD FLV Player SQL Injection & Path Disclosure Published
2013-01-22 Wordpress Developer Formatter CSRF Vulnerability Published
2013-01-15 WordPress Daily Edition Mouss XSS & Disclosure & Shell Upload Published
2013-01-15 WordPress theme Daily Edition Mouss Multiple vulnerabilities Published
2013-01-13 WordPress Floating Tweets 1.0.1 XSS and Directory Traversal Published
2013-01-11 Wordpress gallery-3.8.3 plugin Arbitrary File Read Vulnerability Published
2013-01-09 WordPress Plugin Google Document Embedder Arbitrary File Disclosure Published
2013-01-08 XML Sitemap Generator for Wordpress (Google XML Sitemaps) Code Injection Published
2013-01-08 WordPress Spam Free 1.9.2 Filter Bypass Published
2013-01-08 WordPress OpenInviter Information Disclosure Published
2013-01-07 Wordpress wilderness SQL injection Published
2013-01-07 Wordpress NextGEN Gallery plugin Cross-Site Scripting Vulnerability Published
2013-01-04 WordPress Plugin Advanced Custom Fields Remote File Inclusion Published
2013-01-03 WordPress Uploader 1.0.4 Shell Upload Published
2013-01-03 WordPress Xerte Online 0.32 Shell Upload Published
2013-01-03 WordPress ReFlex Gallery 1.3 Shell Upload Published
2013-01-03 WordPress Shopping Cart 8.1.14 Shell Upload & SQL Injection Published
2013-01-03 WordPress Advanced Custom Fields Remote File Inclusion Published
2013-01-02 Wordpress Sahifa theme 2.4.0 CSRF and Full Path Disclosure Published
2013-01-02 Wordpress plugins WP PHP widget Full Path Disclosure vulnerability Published
2012-12-31 WordPress SB Uploader 3.9 Shell Upload Published
2012-12-31 WordPress Photo Plus & Photo Search XSS & CSRF Published
2012-12-31 Wordpress plugins NextGEN Public Uploader Full Path Disclosure Vulnerability Published
2012-12-30 WordPress themes RocketTheme Multiple vulnerabilities Published
2012-12-28 WordPressW3 Total Published
2012-12-28 WordPress Asset-Manager PHP File Upload Published
2012-12-27 WordPress CMSMasters'upload.php' Published
2012-12-26 WordPress WP-Property PHP File Upload Vulnerability Published
2012-12-26 WordPress Asset-Manager PHP File Upload Vulnerability Published
2012-12-25 WordPress W3 Total Cache Data Disclosure Published
2012-12-25 WordPress Rokbox Themes Content Spoofing and XSS Published
2012-12-24 WordPress 'wp-login.php'(CVE-2012-5868) Published
2012-12-23 WordPress BuddyPress Cross Site Scripting & Content Spoofing Published
2012-12-21 WordPress 3.4.2 Sessions Not Terminated Upon Explicit User Logout Published
2012-12-21 Wordpress plugin sintic_gallery Path Disclosure Vulnerability Published
2012-12-21 BuddyPress for WordPress XSS and CS vulnerabilities Published
2012-12-18 WordPress Rokbox 2.13 Multiple Vulns Published
2012-12-16 WordPress RokBox Multiple Vulnerabilities Published
2012-12-14 Wordpress Plugin Authentication Bypass Published
2012-12-13 WordPress portable-phpMyAdmin 1.3.0 Authentication Bypass Published
2012-12-09 WordPress Simple Gmail Login Path Disclosure Published
2012-12-05 WordPress WP-Realty 'language' Published
2012-12-04 WordPress Nest SQL Injection Published
2012-11-30 WordPress Video Lead Form 0.5 Cross Site Scripting Published
2012-11-30 WordPress Toolbox 1.4 SQL Injection Published
2012-11-30 WordPress TimelineJS_Nuweb Local File Inclusion Published
2012-11-28 WordPress Newstimes Package SQL Injection Published
2012-11-28 WordPress wp-imagezoon SQL Injection Published
2012-11-28 WordPress Shai-Saul SQL Injection Published
2012-11-28 WordPress yaren Tema SQL Injection Published
2012-11-28 WordPress weddingsatwork SQL Injection Published
2012-11-28 Wordpress asm theme SQL injection Published
2012-11-28 WordPress st_newsletter SQL Injection Published
2012-11-28 WordPress starmark Theme Local File Inclusion Published
2012-11-28 WordPress oberliga SQL Injection Published
2012-11-28 WordPress myflash Local File Inclusion Published
2012-11-28 WordPress cstardesign SQL Injection Published
2012-11-25 Wordpress dailyedition-mouss Theme SQL injection Published
2012-11-24 WordPress Zarzadzanie Kontem Shell Upload Published
2012-11-24 WordPress Zingiri Web Shop 2.5.0 Shell Upload Published
2012-11-24 WordPress Plg Novana SQL Injection Published
2012-11-24 WordPress Simple Slider 1.0 Cross Site Scripting Published
2012-11-23 Wordpress plg_novana plugin Sql Injection Published
2012-11-23 Wordpress magazine-basic-plugin/ Theme SQL Injection Published
2012-11-23 Wordpress malmonation theme SQL Injection Published
2012-11-22 Wordpress hd-webplayer Theme SQL Injection Published
2012-11-22 Wordpress fs-real-estate-plugin Theme SQL Injection Published
2012-11-22 Wordpress webplayer-plugin Theme SQL Injection Published
2012-11-21 WordPress Madebymilk SQL Injection Published
2012-11-21 WordPress FireStorm Real Estate 2.06.08 SQL Injection Published
2012-11-21 Wordpress tdo-mini-forms plugin (rfu/rfd) Vulnerabilities Published
2012-11-20 WordPress ArribaLaEsteban SQL Injection Published
2012-11-20 WordPress List Communities SQL Injection Published
2012-11-20 Wordpress Facebook Survey v1 SQL Injection Vulnerability Published
2012-11-19 Wordpress Plugins Spotlight Your Upload Vulnerability Published
2012-11-18 WordPress Integrator 1.32 Cross Site Scripting Published
2012-11-16 WordPress Dailyedition-mouss SQL Injection Published
2012-11-16 WordPress Tagged Albums SQL Injection Published
2012-11-14 WordPress WP E-Commerce 3.8.9 SQL Injection / Cross Site Scripting Published
2012-11-13 WordPress AJAX Post Search'the_search_function()'SQL Published
2012-11-13 WordPress Related Posts Exit Popup SQL Injection Published
2012-11-11 WordPress Calendar-Script Blind SQL Injection Published
2012-11-11 WordPress Eco-Annu SQL Injection Published
2012-11-10 WordPress swfupload XSS vulnerability Published
2012-11-09 Wordpress theme wilderness SQL Injection Published
2012-11-09 Wordpress theme kakao SQL Injection Published
2012-11-08 WordPress Hitasoft FLV Player 1.1 SQL Injection Published
2012-11-08 WordPress Cardoza Ajax Search 1.1 SQL Injection Published
2012-11-04 Wordpress Spider Catalog 1.1 HTML Code Injection and Cross-Site scripting Published
2012-10-31 Wordpress FoxyPress Plugin 0.4.2.5 Multiple Vulnerabilities Published
2012-10-31 Wordpress FoxyPress Plugin Multiple Vulnerabilities Published
2012-10-28 Wordpress Easy Webinar Plugin Blind SQL Injection Vulnerability Published
2012-10-27 WordPress Easy Webinar Blind SQL Injection Published
2012-10-26 WordPress GRAND Flash Album Gallery SQL Injection & Disclosure & File Overwrite Published
2012-10-22 Wordpress Social Discussions Plugin 6.1.1 Multiple Vulnerabilities Published
2012-10-20 WordPress Wordfence Security XSS and IAA vulnerabilities Published
2012-10-18 Wordpress Social Discussions Plugin Multiple Vulnerabilities Published
2012-10-17 Wordpress Plugin BackWPup 1.6.1 Remote auth bypass Published
2012-10-11 WordPress Kish Guest Posting 1.0 Shell Upload Published
2012-10-11 WordPress Shortcode Redirect 1.0.01 Stored Cross Site Scripting Published
2012-10-11 WordPress Mingle Forum 1.0.32.1 Cross Site Scripting / SQL Injection Published
2012-10-11 WordPress LivePHP Cross Site Scripting Published
2012-10-11 WordPress Slideshow Gallery 2 Cross SIte Scripting Published
2012-10-08 Wordpress Remote Command Execution Published
2012-10-06 WordPress Shopp v1.0.17 eCommerce Plugin <= XSS & LFI Published
2012-10-04 Wordpress Plugin spider calendar Multiple Vulnerabilities Published
2012-10-04 WordPress Spider 1.0.1 SQL Injection & XSS Published
2012-10-01 WordPress Theme 3.2 Unauthenticated Configuration Access Published
2012-10-01 Wordpressthemesbook Cms Cross-Site Scripting Vulnerability Published
2012-09-28 Wordpress phpBAK Red Config Vulnerability Published
2012-09-27 WordPress ABC-Test 0.1 Cross Site Scripting Published
2012-09-20 Wordpress Wp-TopBar 4.02 Multiple Vulnerabilities Published
2012-09-20 MF Gig Calendar Wordpress Plugin Cross-Site Scripting Published
2012-09-19 Wordpress Admin name Information Disclosure Published
2012-09-13 WordPress Tierra Audio Path Disclosure Published
2012-09-13 WordPress Krea3AllMedias SQL Injection Published
2012-09-10 WordPress SEM WYSIWYG Arbitrary File Upload Published
2012-09-10 WordPress HD Webplayer 1.1 SQL Injection Published
2012-09-10 Wordpress Download Monitor Download Page Cross-Site Scripting Published
2012-09-10 WordPress Simple Forum Shell Upload Published
2012-09-10 WordPress AdRotate 3.7.3.5 Cross Site Scripting Published
2012-09-10 ShopperPress WordPress Theme 2.7 Cross Site Scripting Published
2012-09-10 WordPress Finder Cross Site Scripting Published
2012-09-10 WordPress NextGEN Gallery 1.9.5 Cross Site Scripting Published
2012-09-10 WordPress Count Per Day 3.2.3 Cross Site Scripting Published
2012-09-10 WordPress Google Analytics 4.2.4 Cross Site Scripting Published
2012-09-10 WordPress Monsters Editor Shell Upload Published
2012-09-10 WordPress TDO Mini Forms Arbitrary File Upload Published
2012-02-02 WordPress <= 3.3.1 Multiple Vulnerabilities Published
2012-01-25 Wordpress Kish Guest Posting Plugin 1.0 Arbitrary File Upload Published
2012-01-23 Wordpress uCan Post plugin <= 1.0.09 Stored XSS Published
2012-01-23 AllWebMenus < 1.1.9 WordPress Menu Plugin Arbitrary File Upload Published
2012-01-17 Wordpress Age Verification Plugin <= 0.4 Open Redirect Published
2012-01-17 WordPress wp-autoyoutube plugin Blind SQL Injection Vulnerability Published
2012-01-17 Wordpress Count-per-day plugin Multiple Vulnerabilities Published
2012-01-11 Wordpress Pay With Tweet Plugin <= 1.1 Multiple Vulnerabilities Published
2012-01-04 Wordpress Comment Rating plugin Multiple Vulnerabilities Published
2011-12-28 Wordpress Mailing List Plugin Arbitrary File Download Published
2011-12-15 BLIND SQL injection UPM-POLLS wordpress plugin 1.0.4 Published
2011-12-08 WordPress Pretty Link 1.5.2 Cross Site Scripting Published
2011-12-02 WordPress Flash Album Gallery Cross Site Scripting Published
2011-11-25 Wordpress enable-latex plugin Remote File Include Vulnerabilities Published
2011-11-23 Wordpress meenews 5.1 plugin Cross-Site Scripting Vulnerabilities Published
2011-11-22 WordPress Adminimize plugin suffers from a cross site scripting vulnerability Published
2011-11-22 WordPress Advanced Text Widget plugin suffers from a cross site scripting vulnerability Published
2011-11-19 WordPress jetpack plugin SQL Injection Vulnerability Published
2011-11-15 WordPress AdRotate plugin <= 3.6.6 SQL Injection Vulnerability Published
2011-11-14 Wordpress Zingiri Plugin <= 2.2.3 (ajax_save_name.php) Remote Code Execution Published
2011-11-01 WordPress WP Glossary plugin SQL Injection Vulnerability Published
2011-10-31 WordPress Classipress Theme <= 3.1.4 Stored XSS Published
2011-10-31 WordPress WP Glossary Plugin SQL Injection Published
2011-10-28 WordPress wptouch plugin SQL Injection Vulnerability Published
2011-10-17 Wordpress Mailing List 1.3.2 Published
2011-10-17 WordPress Photo Album Plus <= 4.1.1 SQL Published
2011-10-15 WordPress Photo Album Plus <= 4.1.1 SQL Injection Vulnerability Published
2011-10-13 WordPress Pretty Link 1.4.56 Cross Site Scripting Published
2011-10-13 WordPress GD Star Rating plugin <= 1.9.10 SQL Injection Published
2011-10-06 Packet storm WordPress Redirection 2.2.9 Persistent Cross Site Scripting Published
2011-10-05 WordPress Redirection 2.2.9 Persistent Cross Site Scripting Published
2011-09-30 WordPress WP Bannerize plugin <= 2.8.7 SQL Injection Vulnerability Published
2011-09-25 WordPress Link Library plugin <= 5.2.1 SQL Injection Vulnerability Published
2011-09-21 Multiple Wordpress Plugin timthumb.php Vulnerabilites Published
2011-09-21 Wordpress Annonces Plugin 1.2.0.0 Remote File Inclusion Published
2011-09-21 Wordpress Mini Mail Dashboard Widget Plugin 1.36 Remote File Inclusion Published
2011-09-21 Wordpress WPEasyStats Plugin 1.8 Remote File Inclusion Published
2011-09-21 Wordpress Zingiri Web Shop Plugin 2.2.0 Remote File Inclusion Published
2011-09-21 Wordpress AllWebMenus Plugin 1.1.3 Remote File Inclusion Published
2011-09-21 Wordpress Mailing List Plugin 1.3.2 Remote File Inclusion Published
2011-09-21 Wordpress TheCartPress Plugin 1.1.1 Remote File Inclusion Published
2011-09-21 WordPress WP e-Commerce"cs1"SQL Published
2011-09-21 Wordpress Disclosure Policy Plugin 1.0 Remote File Inclusion Published
2011-09-21 Wordpress Relocate Upload Plugin 0.14 Remote File Inclusion Published
2011-09-21 Wordpress Livesig Plugin 0.4 Remote File Inclusion Published
2011-09-21 WordPress Filedownload Plugin 0.1 (download.php) Remote File Disclosure Vulnerability Published
2011-09-19 WordPress Count per Day plugin <= 2.17 SQL Injection Vulnerability Published
2011-09-18 WordPress Auctions plugin <= 1.8.8 SQL Injection Vulnerability Published
2011-09-14 WordPress WP e-Commerce plugin <= 3.8.6 SQL Injection Vulnerability Published
2011-09-13 Wordpress 1 Flash Gallery Plugin Arbiraty File Upload Exploit (MSF) Published
2011-09-10 Wordpress grapefile plugin <= 1.1 Arbitrary File Upload Published
2011-09-10 WordPress Facebook Promotions plugin <= 1.3.3 SQL Injection Vulnerability Published
2011-09-10 WordPress Event Registration plugin <= 5.4.3 SQL Injection Published
2011-09-10 WordPress Couponer plugin <= 1.2 SQL Injection Published
2011-09-10 WordPress SendIt plugin <= 1.5.9 Blind SQL Injection Vulnerability Published
2011-09-10 WordPress Advertizer plugin <= 1.0 SQL Injection Vulnerability Published
2011-09-10 WordPress WP Bannerize plugin <= 2.8.6 SQL Injection Published
2011-09-10 WordPress wp audio gallery playlist plugin <= 0.12 SQL Injection Published
2011-09-10 WordPress iCopyright(R) Article Tools plugin <= 1.1.4 SQL Injection Published
2011-09-10 WordPress Donation plugin <= 1.0 SQL Injection Published
2011-09-10 WordPress Crawl Rate Tracker plugin <= 2.0.2 SQL Injection Vulnerability Published
2011-09-10 WordPress PureHTML plugin <= 1.0.0 SQL Injection Published
2011-09-10 WordPress Facebook Opengraph Meta Plugin plugin <= 1.0 SQL Injection Vulnerability Published
2011-09-10 Wordpress Image Gallery with Slideshow plugin <= 1.5 Multiple Vulnerabilities Published
2011-09-10 WordPress yolink Search plugin <= 1.1.4 SQL Injection Published
2011-09-10 WordPress VideoWhisper Video Presentation plugin <= 1.1 SQL Injection Vulnerability Published
2011-09-10 WordPress SH Slideshow plugin <= 3.1.4 SQL Injection Vulnerability Published
2011-08-29 WordPress Photoracer 1.0 Cross Site Scripting / SQL Injection Published
2011-08-29 WordPress TimThumb Plugin - Remote Code Execution Published
2011-08-29 WordPress mySTAT plugin <= 2.6 SQL Injection Vulnerability Published
2011-08-29 WordPress Block-Spam-By-Math-Reloaded Plugin Bypass Published
2011-08-29 WordPress Evarisk plugin <= 5.1.3.6 SQL Injection Vulnerability Published
2011-08-29 WordPress MM Duplicate plugin <= 1.2 SQL Injection Vulnerability Published
2011-08-29 WordPress Profiles plugin <= 2.0 RC1 SQL Injection Vulnerability Published
2011-08-28 WordPress Photoracer Plugin <= 1.0 Multiple Vulnerabilities Published
2011-08-28 WordPress MM Forms Community plugin <= 1.2.3 SQL Injection Vulnerability Published
2011-08-28 WordPress Js-appointment plugin <= 1.5 SQL Injection Vulnerability Published
2011-08-28 WordPress Super CAPTCHA plugin <= 2.2.4 SQL Injection Vulnerability Published
2011-08-28 WordPress Collision Testimonials plugin <= 3.0 SQL Injection Vulnerability Published
2011-08-28 WordPress oQey Headers plugin <= 0.3 SQL Injection Vulnerability Published
2011-08-28 WordPress Photoracer plugin <= 1.0 SQL Injection Vulnerability Published
2011-08-26 WordPress Yoast v4.1.3 Local File Disclosure Vulnerability Published
2011-08-21 WordPress UnGallery plugin <= 1.5.8 Local File Disclosure Vulnerability Published
2011-08-18 WordPress WP Symposium plugin <= 0.64 SQL Injection Vulnerability Published
2011-08-18 WordPress Ajax Gallery plugin <= 3.0 SQL Injection Vulnerability Published
2011-08-18 WordPress Contus HD FLV Player plugin <= 1.3 SQL Injection Vulnerability Published
2011-08-18 WordPress WP Forum plugin <= 1.7.8 SQL Injection Vulnerability Published
2011-08-18 WordPress File Groups plugin <= 1.1.2 SQL Injection Vulnerability Published
2011-08-18 WordPress WP DS FAQ plugin <= 1.3.2 SQL Injection Vulnerability Published
2011-08-18 WordPress OdiHost Newsletter plugin <= 1.0 SQL Injection Vulnerability Published
2011-08-18 WordPress Easy Contact Form Lite plugin <= 1.0.7 SQL Injection Vulnerability Published
2011-08-18 WordPress Global Content Blocks plugin <= 1.2 SQL Injection Vulnerability Published
2011-07-04 WordPress 3.1.3 SQL Injection Vulnerabilities Published
2011-06-27 Wordpress core 3.1.3 Persistent XSS Vulnerability Published
2011-06-27 Wordpress Beer Recipes Plugin v.1.0 XSS Published
2011-05-24 Is-human <=1.4.2 Wordpress Plugin Remote Command Execution Vulnerability Published
2011-04-28 WordPress SermonBrowser Plugin 0.43 SQL Injection Published
2011-04-26 Ajax Category Dropdown Wordpress Plugin 0.1.5 Multiple Vulnerabilities Published
2011-04-06 WordPress WP Custom Pages Plugin 0.5.0.1 LFI Vulnerability Published
2011-03-29 Wordpress plugin BackWPup Remote and Local Code Execution Vulnerability Published
2011-03-10 PHP Speedy <= 0.5.2 Wordpress Plugin (admin_container.php) Remote Code Exec Exploit Published
2011-03-10 GRAND Flash Album Gallery 0.55 Wordpress Plugin Multiple Vulnerabilities Published
2011-02-27 OPS Old Post Spinner 2.2.1 Wordpress Plugin LFI Vulnerability Published
2011-02-27 JQuery Mega Menu 1.0 Wordpress Plugin Local File Inclusion Published
2011-02-26 Z-Vote 1.1 Wordpress Plugin SQL Injection Vulnerability Published
2011-02-25 GigPress 2.1.10 Wordpress Plugin Stored XSS Vulnerability Published
2011-02-25 Relevanssi 2.7.2 Wordpress Plugin Stored XSS Vulnerability Published
2011-02-25 IWantOneButton 3.0.1 Wordpress Plugin Multiple Vulnerabilities Published
2011-02-25 WP Forum Server 1.6.5 Wordpress Plugin SQL Injection Vulnerability Published
2011-02-24 Comment Rating 2.9.23 Wordpress Plugin Multiple Vulnerabilities Published
2011-02-18 WordPress User Photo Component Remote File Upload Vulnerability Published
2011-02-11 Enable Media Replace WordPress Plugin Multiple Vulnerabilities Published
2010-12-07 SQL injection vulnerability in do_trackbacks() Wordpress function Published
2010-11-14 Wordpress Event Registration Plugin 5.32 SQL Injection Vulnerability Published
2010-10-20 Wordpress plugin mygallerybrowser.php Remote File Upload Vulnerability Published
2010-09-07 Wordpress Events Manager Extended Plugin Persistent XSS Vulnerability Published
2010-08-05 WordPress NextGEN Smooth Gallery Blind SQL Injection Vulnerability Published
2010-07-23 WordPress Plugin myLDlinker SQL Injection Vulnerability Published
2010-07-10 Wordpress Firestats Remote Configuration File Download Published
2010-06-25 Vulnerabilities in Cimy Counter for WordPress Published
2010-06-08 WordPress Gigya Socialize Plugin Cross-Site Scripting Vulnerabilities Published
2010-04-06 XSS Vulnerability in NextGEN Gallery Wordpress Plugin Published
2010-03-02 Wordpress 2.9.1 wp-admin Cross-Site Scripting Vulnerability Published
2010-02-23 WordPress Copperleaf Photolog SQL Injection Vulnerability Published
2010-02-19 Wordpress script <== x.x.x (Events Plugins) SQL Injection Vulnerability Published
2010-02-19 WordPress 2.9 plugin wp-wall (XSS) Cross Site Scripting Vulnerability Published
2010-02-19 Joomla JD-WordPress Remote File Include Exploit Published
2010-02-19 Wordpress Resource exhaustion Exploit Published
2010-02-19 WordPress Pyrmont V2. SQL Injection Vulnerability Published
2010-02-19 Wordpress <= 2.9 Denial of Service Published
2010-02-15 WordPress Copperleaf Photolog SQL injection Published
2010-02-13 WordPress >= 2.9 Failure to Restrict URL Access Published
2010-01-02 Wordpress Events Plugin SQL Injection Vulnerability Published
2009-12-31 0day Wordpress DOS <= 2.9 Published
2009-12-18 WordPress and Pyrmont V2. SQL Injection Vulnerability Published
2009-12-07 Vulnerabilities in WP-Cumulus for WordPress Published
2009-12-05 Wordpress Image Manager Plugins Shell Upload Vulnerability Published
2009-11-25 Vulnerabilities in WP-Cumulus <= 1.20 for WordPress Published
2009-11-13 WordPress Arbitrary File Upload and Cross Site Scripting Vulnerabilities Published
2009-11-13 Wordpress Plugin WP-Syntax <= 0.9.1 Remote Command Execution PoC Published
2009-11-11 WordPress <= 2.8.5 Unrestricted File Upload Arbitrary PHP Code Execution Published
2009-11-11 Fedora Security Update Fixes WordPress-MU Denial of Service Issue Published
2009-11-10 WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability Published
2009-11-10 WordPress 2.8.5 Unrestricted File Upload Arbitrary PHP Code Execution Published
2009-11-10 WordPress MU 1.2.2 - 1.3.1 'wp-includes/wpmu-functions.php' Cross-Site Scripting Vulnerability Published
2009-10-27 Fedora Security Update Fixes WordPress Denial of Service Vulnerability Published
2009-10-23 DM Albums for WordPress "delete_album" Directory Traversal Issue Published
2009-10-22 WordPress < 2.8.1 Security Bypass 0day Published
2009-10-21 WordPress Trackback Remote Denial of Service Vulnerability Published
2009-10-20 JD-WordPress for Joomla "mosConfig_absolute_path" Inclusion Issue Published
2009-10-19 Joomla JD-WordPress 2.0 RC2 remote file icnlusion Published
2009-09-02 WordPress Privileges Unchecked in admin.php and Multiple Information Disclosures Published
2009-08-28 WP-Syntax for WordPress "test_filter[wp_head]" Code Injection Vulnerability Published
2009-08-27 Wordpress Plugin WP-Syntax <= 0.9.1 Remote Command Execution Published
2009-08-24 Debian Security Update Fixes Wordpress Security Bypass Vulnerabilities Published
2009-08-17 Fedora Security Update Fixes WordPress-MU Multiple Vulnerabilities Published
2009-08-12 Fedora Security Update Fixes WordPress Admin Pass Reset Vulnerability Published
2009-08-11 Wordpress <= 2.8.3 Remote Admin Reset Password Vulnerability Published
2009-08-07 Fedora Security Update Fixes WordPress Privilege Escalation Issues Published
2009-07-30 Fedora Security Update Fixes WordPress Cross Site Scripting Issue Published
2009-07-27 WordPress Plugin FireStats <= 1.6.1(fs_javascript) RFI Vulnerability Published
2009-07-24 Wordpress 2.8.1 (url) Remote Cross Site Scripting Exploit Published
2009-07-20 Fedora Security Update Fixes WordPress Security Bypass Vulnerabilities Published
2009-07-15 WordPress Plugin My Category Order <= 2.8 SQL Injection Vulnerability Published
2009-07-10 WordPress Privileges Unchecked in admin.php and Multiple Information Published
2009-07-09 WordPress Media Holder (mediaHolder.php id) SQL Injection vulnerability Published
2009-07-09 WordPress Multiple Security Bypass and Information Disclosure Issues Published
2009-07-02 Wordpress Plugin st_newsletter (stnl_iframe.php) SQL Injection Vulnerability Published
2009-06-30 WordPress Plugin DM Albums 1.9.2 Remote File Disclosure Vulnerability Published
2009-06-30 WordPress Plugin Related Sites 2.1 Blind SQL Injection Vulnerability Published
2009-06-29 WordPress Plugin DM Albums 1.9.2 Remote File Inclusion Vuln Published
2009-06-15 WordPress Plugin Photoracer 1.0 (id) SQL Injection Vulnerability Published
2009-05-26 Wordpress Plugin Lytebox (wp-lytebox) Local File Inclusion Vulnerability Published
2009-04-15 Fedora Security Update Fixes Wordpress-mu Cross Site Scripting Issue Published
2009-03-18 FMoblog Plugin for WordPress "id" Remote SQL Injection Vulnerability Published
2009-03-17 Wordpress Plugin fMoblog 2.1 (id) SQL Injection Vulnerability Published
2009-03-10 Wordpress MU < 2.7 'HOST' HTTP Header XSS Vulnerability Published
2009-01-12 Wordpress plugin WP-Forum 1.7.8 Remote SQL Injection Vulnerability Published
2008-12-22 Wordpress Plugin Page Flip Image Gallery <= 0.2.2 Remote FD Vuln Published
2008-11-07 Fedora Security Update Fixes Wordpress Snoopy Code Execution Published
2008-10-29 Wordpress Plugin e-Commerce <= 3.4 Arbitrary File Upload Exploit Published
2008-10-26 WordPress Media Holder (mediaHolder.php id) SQL Injection Vuln Published
2008-10-17 Wordpress Plugin st_newsletter (stnl_iframe.php) SQL Injection Vuln Published
2008-09-15 WordPress "user_login" Column SQL Truncation Vulnerability Published
2008-09-10 Wordpress 2.6.1 (SQL Column Truncation) Admin Takeover Exploit Published
2008-09-10 Fedora Security Update Fixes WordPress SSL Enforcement Weakness Published
2008-09-07 Wordpress 2.6.1 SQL Column Truncation Vulnerability Published
2008-07-24 Wordpress Plugin Download Manager 0.2 Arbitrary File Upload Exploit Published
2008-07-07 Debian Security Update Fixes WordPress Security Bypass Issues Published
2008-05-05 Fedora Security Update Fixes WordPress Privilege Escalation Issue Published
2008-04-28 WordPress Cookie Integrity Protection Privilege Escalation Vulnerability Published
2008-04-24 Spreadsheet for WordPress "ss_id" Remote SQL Injection Vulnerability Published
2008-04-22 Wordpress Plugin Spreadsheet <= 0.6 SQL Injection Vulnerability Published
2008-03-31 Wordpress Plugin Download (dl_id) SQL Injection Vulnerability Published
2008-02-26 Wordpress Plugin Sniplets 1.1.2 (RFI/XSS/RCE) Multiple Vulnerabilities Published
2008-02-18 Photo Album Plugin for WordPress Multiple SQL Injection Vulnerabilities Published
2008-02-16 Wordpress Photo album Remote SQL Injection Vulnerability Published
2008-02-15 Wordpress Plugin Simple Forum 2.0-2.1 SQL Injection Vulnerability Published
2008-02-15 Wordpress Plugin Simple Forum 1.10-1.11 SQL Injection Vulnerability Published
2008-02-13 Fedora Security Update Fixes WordPress XML-RPC Post Editing Issue Published
2008-02-07 WordPress XML-RPC Implementation Arbitrary Post Editing Vulnerability Published
2008-02-05 Wordpress MU < 1.3.2 active_plugins option Code Execution Exploit Published
2008-02-03 Wordpress Plugin st_newsletter Remote SQL Injection Vulnerability Published
2008-02-02 Wordpress Plugin Wordspew Remote SQL Injection Vulnerability Published
2008-02-02 Wordpress Plugin dmsguestbook 1.7.0 Multiple Remote Vulnerabilities Published
2008-01-31 AdServe Plugin for WordPress "id" Parameter SQL Injection Vulnerability Published
2008-01-31 WassUp Plugin for WordPress "to_date" SQL Injection Vulnerability Published
2008-01-31 WP-Cal Plugin for WordPress "id" SQL Query Injection Vulnerability Published
2008-01-31 FGallery Plugin for WordPress "album" SQL Query Injection Vulnerability Published
2008-01-30 Wordpress Plugin Adserve 0.2 adclick.php SQL Injection Exploit Published
2008-01-30 Wordpress Plugin WassUp 1.4.3 (spy.php to_date) SQL Injection Exploit Published
2008-01-27 Wordpress Plugin WP-Cal 0.3 editevent.php SQL Injection Vulnerability Published
2008-01-27 Wordpress plugin fGallery 2.4.1 fimrss.php SQL Injection Vulnerability Published
2008-01-25 Permalinks Migration Plugin for WordPress Cross Site Request Forgery Published
2008-01-22 WP-Forum Plugin for WordPress "user" SQL Query Injection Vulnerability Published
2008-01-19 Wordpress plugin WP-Forum 1.7.4 Remote SQL Injection Vulnerability Published
2008-01-06 Wordpress Plugin Wp-FileManager 1.2 Remote Upload Vulnerability Published
2008-01-03 Fedora Security Update Fixes WordPress Multiple Remote Vulnerabilities Published
2007-12-11 Wordpress <= 2.3.1 Charset Remote SQL Injection Vulnerability Published
2007-12-11 WordPress "s" Parameter Handling Remote SQL Injection Vulnerability Published
2007-12-05 Wordpress Plugin PictPress <= 0.91 Remote File Disclosure Vulnerability Published
2007-11-21 WordPress Cookies Processing Authentication Bypass Weakness Published
2007-11-06 BackUpWordPress "bkpwp_plugin_path" PHP File Inclusion Vulnerabilities Published
2007-11-01 WordPress Plugin BackUpWordPress <= 0.4.2b RFI Vulnerability Published
2007-10-29 WordPress "posts_columns" Parameter Cross Site Scripting Vulnerability Published
2007-09-14 Wordpress Multiple Versions Pwnpress Exploitation Tookit (0.2pub) Published
2007-09-13 Wordpress Multiple Parameter Cross Site Scripting and SQL Injection Issues Published
2007-08-31 Fedora Security Update Fixes WordPress Cross Site Scripting Vulnerability Published
2007-08-01 WordPress "style" Parameter Processing Cross Site Scripting Vulnerability Published
2007-06-26 WordPress Security Update Fixes Code Execution and SQL Injection Vulnerabilities Published
2007-06-26 WordPress 2.2 (wp-app.php) Arbitrary File Upload Exploit Published
2007-06-11 OpenPKG Security Update Fixes WordPress XML-RPC SQL Injection Vulnerability Published
2007-06-07 WordPress XML-RPC Interface "wp_suggestCategories()" SQL Injection Vulnerability Published
2007-06-06 Wordpress 2.2 (xmlrpc.php) Remote SQL Injection Exploit Published
2007-05-21 WordPress "cookie" Parameter Handling Remote SQL Query Injection Vulnerability Published
2007-05-21 Wordpress 2.1.3 admin-ajax.php SQL Injection Blind Fishing Exploit Published
2007-05-02 Debian Security Update Fixes WordPress Cross Site Scripting and Security Bypass Issues Published
2007-05-02 WP-Table Plugin for WordPress "wppath" Parameter Remote File Inclusion Vulnerability Published
2007-05-02 WordTube Plugin for WordPress "wppath" Parameter Remote File Inclusion Vulnerability Published
2007-05-02 MyFlash Plugin for WordPress "wppath" Parameter Remote File Inclusion Vulnerability Published
2007-05-01 Wordpress plugin wordTube <= 1.43 (wpPATH) RFI Vulnerability Published
2007-05-01 Wordpress plugin myflash <= 1.00 (wppath) RFI Vulnerability Published
2007-05-01 Wordpress plugin wp-Table <= 1.43 (inc_dir) RFI Vulnerability Published
2007-04-30 MyGallery Plugin for Wordpress "myPath" Parameter Remote File Inclusion Vulnerability Published
2007-04-29 Wordpress Plugin myGallery <= 1.4b4 Remote File Inclusion Vulnerability Published
2007-04-04 WordPress "XML-RPC" Module Remote SQL Injection and Security Bypass Vulnerabilities Published
2007-04-03 Wordpress 2.1.2 (xmlrpc) Remote SQL Injection Exploit Published
2007-03-21 Gentoo Security Update Fixes Multiple Wordpress Cross Site Scripting Vulnerabilities Published
2007-03-19 WordPress "PHP_SELF" Variable Handling Client-Side Cross Site Scripting Vulnerability Published
2007-03-13 WordPress "wp_title()" and "single_month_title()" Cross Site Scripting Vulnerability Published
2007-03-05 WordPress "comment_text_phpfilter()" and "get_theme_mcommand()" Vulnerabilities Published
2007-02-27 WordPress "wp-includes/functions.php" Client-Side Cross Site Scripting Vulnerability Published
2007-02-26 NoMoKeTo Module for phpBB "phpbb_root_path" Remote File Inclusion Vulnerability Published
2007-02-26 WordPress "wp_explain_nonce()" Function Client-Side Cross Site Scripting Vulnerability Published
2007-01-17 Gentoo Security Update Fixes WordPress SQL Injection and Cross Site Scripting Issues Published
2007-01-10 Wordpress <= 2.0.6 wp-trackback.php Remote SQL Injection Exploit Published
2007-01-09 OpenPKG Security Update Fixes WordPress Trackback Charset SQL Injection Issue Published
2007-01-07 Wordpress 2.0.5 Trackback UTF-7 Remote SQL Injection Exploit Published
2007-01-06 WordPress "wp-login.php" Authentication Process Information Disclosure Vulnerability Published
2007-01-06 WordPress Trackback Charset SQL Injection and Admin Cross Site Scripting Vulnerabilities Published
2006-12-30 Enigma 2 WordPress Bridge (boarddir) Remote File Include Vulnerability Published
2006-12-27 WordPress "get_file_description()" Function Client-Side Cross Site Scripting Vulnerability Published
2006-11-21 Gentoo Security Update Fixes WordPress Directory Traversal and Security Bypass Published
2006-11-03 OpenPKG Security Update Fixes WordPress Multiple Security Bypass Vulnerabilities Published
2006-11-02 WordPress Remote Directory Traversal and Security Bypass Vulnerabilities Published
2006-08-16 WP-DB Backup Plugin for WordPress "backup" Parameter Directory Traversal Vulnerability Published
2006-07-31 WordPress Unspecified Parameter Handling Multiple Vulnerabilities Published
2006-07-17 Rocks "mount-loop" and "umount-loop" Arguments Handling Privilege Escalation Vulnerability Published
2006-07-04 WordPress "paged" Parameter Table Prefix and Full Path Disclosure Vulnerabilities Published
2006-06-12 Gentoo Security Update Fixes WordPress Remote Command Injection Vulnerability Published
2006-05-26 WordPress User Profile Handling Remote PHP Command Injection Vulnerability Published
2006-05-25 WordPress <= 2.0.2 (cache) Remote Shell Injection Exploit Published
2006-03-05 Gentoo Security Update Fixes WordPress SQL Injection Vulnerability Published
2006-03-01 WordPress Cross Site Scripting And Full Path Disclosure Vulnerabilities Published
2006-01-16 WP-Stats WordPress Plug-in "author" Remote SQL Injection Vulnerability Published
2005-11-25 PhpWordPress Multiple Parameters Remote SQL Injection Vulnerability Published
2005-08-10 WordPress "cache_lastpostdate" Remote Code Execution Issue Published
2005-08-10 Wordpress <= 1.5.1.3 Remote Code Execution eXploit (metasploit) Published
2005-08-09 Wordpress <= 1.5.1.3 Remote Code Execution 0-Day Exploit Published
2005-07-04 Gentoo Security Update Fixes Multiple WordPress Vulnerabilities Published
2005-06-30 Wordpress <= 1.5.1.2 xmlrpc Interface SQL Injection Exploit Published
2005-06-30 WordPress SQL Injection and Cross Site Scripting Vulnerabilities Published
2005-06-22 WordPress <= 1.5.1.1 SQL Injection Exploit Published
2005-06-21 WordPress <= 1.5.1.1 "add new admin" SQL Injection Exploit Published
2005-06-21 WordPress <= 1.5.1.1 ""add new admin"" SQL Injection Exploit Published
2005-05-30 WordPress "cat_ID" Remote SQL Injection Vulnerability Published
2004-10-10 WordPress Blog HTTP Splitting Vulnerability Published
No comments:
Post a Comment