Pages

Subscribe:

Thursday, February 9, 2012

Wordpress plugin vulnerability list

In our wordpress blog we use many plugin. But all of us do not know that some of these plugin is harmful for our site. Harmful plugin create a hole of a website. And a hacker hack my site by using this hole. So we should aboid the vulnerability plugin. In the bellow I give you some wordpress plugin vulnerability list:



Date Description Status
2011-12-15BLIND SQL injection UPM-POLLS wordpress plugin 1.0.4Published
2011-12-08WordPress Pretty Link 1.5.2 Cross Site ScriptingPublished
2011-12-02WordPress Flash Album Gallery Cross Site ScriptingPublished
2011-11-25Wordpress enable-latex plugin Remote File Include VulnerabilitiesPublished
2011-11-23Wordpress meenews 5.1 plugin Cross-Site Scripting VulnerabilitiesPublished
2011-11-22WordPress Advanced Text Widget plugin suffers from a cross site scripting vulnerabilityPublished
2011-11-22WordPress Adminimize plugin suffers from a cross site scripting vulnerabilityPublished
2011-11-19WordPress jetpack plugin SQL Injection VulnerabilityPublished
2011-11-15WordPress AdRotate plugin <= 3.6.6 SQL Injection VulnerabilityPublished
2011-11-14Wordpress Zingiri Plugin <= 2.2.3 (ajax_save_name.php) Remote Code ExecutionPublished
2011-11-01WordPress WP Glossary plugin SQL Injection VulnerabilityPublished
2011-10-31WordPress WP Glossary Plugin SQL InjectionPublished
2011-10-31WordPress Classipress Theme <= 3.1.4 Stored XSSPublished
2011-10-28WordPress wptouch plugin SQL Injection VulnerabilityPublished
2011-10-17Wordpress Mailing List 1.3.2Published
2011-10-17WordPress Photo Album Plus <= 4.1.1 SQLPublished
2011-10-15WordPress Photo Album Plus <= 4.1.1 SQL Injection VulnerabilityPublished
2011-10-13WordPress Pretty Link 1.4.56 Cross Site ScriptingPublished
2011-10-13WordPress GD Star Rating plugin <= 1.9.10 SQL InjectionPublished
2011-10-06Packet storm WordPress Redirection 2.2.9 Persistent Cross Site ScriptingPublished
2011-10-05WordPress Redirection 2.2.9 Persistent Cross Site ScriptingPublished
2011-09-30WordPress WP Bannerize plugin <= 2.8.7 SQL Injection VulnerabilityPublished
2011-09-25WordPress Link Library plugin <= 5.2.1 SQL Injection VulnerabilityPublished
2011-09-21Wordpress Zingiri Web Shop Plugin 2.2.0 Remote File InclusionPublished
2011-09-21Wordpress AllWebMenus Plugin 1.1.3 Remote File InclusionPublished
2011-09-21Wordpress Mailing List Plugin 1.3.2 Remote File InclusionPublished
2011-09-21Wordpress TheCartPress Plugin 1.1.1 Remote File InclusionPublished
2011-09-21Wordpress Disclosure Policy Plugin 1.0 Remote File InclusionPublished
2011-09-21Wordpress Relocate Upload Plugin 0.14 Remote File InclusionPublished
2011-09-21Wordpress Livesig Plugin 0.4 Remote File InclusionPublished
2011-09-21WordPress Filedownload Plugin 0.1 (download.php) Remote File Disclosure VulnerabilityPublished
2011-09-21WordPress WP e-Commerce"cs1"SQLPublished
2011-09-21Multiple Wordpress Plugin timthumb.php VulnerabilitesPublished
2011-09-21Wordpress Annonces Plugin 1.2.0.0 Remote File InclusionPublished
2011-09-21Wordpress Mini Mail Dashboard Widget Plugin 1.36 Remote File InclusionPublished
2011-09-21Wordpress WPEasyStats Plugin 1.8 Remote File InclusionPublished
2011-09-19WordPress Count per Day plugin <= 2.17 SQL Injection VulnerabilityPublished
2011-09-18WordPress Auctions plugin <= 1.8.8 SQL Injection VulnerabilityPublished
2011-09-14WordPress WP e-Commerce plugin <= 3.8.6 SQL Injection VulnerabilityPublished
2011-09-13Wordpress 1 Flash Gallery Plugin Arbiraty File Upload Exploit (MSF)Published
2011-09-10WordPress Advertizer plugin <= 1.0 SQL Injection VulnerabilityPublished
2011-09-10WordPress WP Bannerize plugin <= 2.8.6 SQL InjectionPublished
2011-09-10WordPress wp audio gallery playlist plugin <= 0.12 SQL InjectionPublished
2011-09-10WordPress iCopyright(R) Article Tools plugin <= 1.1.4 SQL InjectionPublished
2011-09-10WordPress Donation plugin <= 1.0 SQL InjectionPublished
2011-09-10WordPress Crawl Rate Tracker plugin <= 2.0.2 SQL Injection VulnerabilityPublished
2011-09-10WordPress PureHTML plugin <= 1.0.0 SQL InjectionPublished
2011-09-10WordPress Facebook Opengraph Meta Plugin plugin <= 1.0 SQL Injection VulnerabilityPublished
2011-09-10Wordpress Image Gallery with Slideshow plugin <= 1.5 Multiple VulnerabilitiesPublished
2011-09-10WordPress yolink Search plugin <= 1.1.4 SQL InjectionPublished
2011-09-10WordPress VideoWhisper Video Presentation plugin <= 1.1 SQL Injection VulnerabilityPublished
2011-09-10WordPress SH Slideshow plugin <= 3.1.4 SQL Injection VulnerabilityPublished
2011-09-10Wordpress grapefile plugin <= 1.1 Arbitrary File UploadPublished
2011-09-10WordPress Facebook Promotions plugin <= 1.3.3 SQL Injection VulnerabilityPublished
2011-09-10WordPress Event Registration plugin <= 5.4.3 SQL InjectionPublished
2011-09-10WordPress Couponer plugin <= 1.2 SQL InjectionPublished
2011-09-10WordPress SendIt plugin <= 1.5.9 Blind SQL Injection VulnerabilityPublished
2011-08-29WordPress mySTAT plugin <= 2.6 SQL Injection VulnerabilityPublished
2011-08-29WordPress Block-Spam-By-Math-Reloaded Plugin BypassPublished
2011-08-29WordPress Evarisk plugin <= 5.1.3.6 SQL Injection VulnerabilityPublished
2011-08-29WordPress MM Duplicate plugin <= 1.2 SQL Injection VulnerabilityPublished
2011-08-29WordPress Profiles plugin <= 2.0 RC1 SQL Injection VulnerabilityPublished
2011-08-29WordPress Photoracer 1.0 Cross Site Scripting / SQL InjectionPublished
2011-08-29WordPress TimThumb Plugin - Remote Code ExecutionPublished
2011-08-28WordPress Js-appointment plugin <= 1.5 SQL Injection VulnerabilityPublished
2011-08-28WordPress Super CAPTCHA plugin <= 2.2.4 SQL Injection VulnerabilityPublished
2011-08-28WordPress Collision Testimonials plugin <= 3.0 SQL Injection VulnerabilityPublished
2011-08-28WordPress oQey Headers plugin <= 0.3 SQL Injection VulnerabilityPublished
2011-08-28WordPress Photoracer plugin <= 1.0 SQL Injection VulnerabilityPublished
2011-08-28WordPress Photoracer Plugin <= 1.0 Multiple VulnerabilitiesPublished
2011-08-28WordPress MM Forms Community plugin <= 1.2.3 SQL Injection VulnerabilityPublished
2011-08-26WordPress Yoast v4.1.3 Local File Disclosure VulnerabilityPublished
2011-08-21WordPress UnGallery plugin <= 1.5.8 Local File Disclosure VulnerabilityPublished
2011-08-18WordPress File Groups plugin <= 1.1.2 SQL Injection VulnerabilityPublished
2011-08-18WordPress WP DS FAQ plugin <= 1.3.2 SQL Injection VulnerabilityPublished
2011-08-18WordPress OdiHost Newsletter plugin <= 1.0 SQL Injection VulnerabilityPublished
2011-08-18WordPress Easy Contact Form Lite plugin <= 1.0.7 SQL Injection VulnerabilityPublished
2011-08-18WordPress Global Content Blocks plugin <= 1.2 SQL Injection VulnerabilityPublished
2011-08-18WordPress WP Symposium plugin <= 0.64 SQL Injection VulnerabilityPublished
2011-08-18WordPress Ajax Gallery plugin <= 3.0 SQL Injection VulnerabilityPublished
2011-08-18WordPress Contus HD FLV Player plugin <= 1.3 SQL Injection VulnerabilityPublished
2011-08-18WordPress WP Forum plugin <= 1.7.8 SQL Injection VulnerabilityPublished
2011-07-04WordPress 3.1.3 SQL Injection VulnerabilitiesPublished
2011-06-27Wordpress core 3.1.3 Persistent XSS VulnerabilityPublished
2011-06-27Wordpress Beer Recipes Plugin v.1.0 XSSPublished
2011-05-24Is-human <=1.4.2 Wordpress Plugin Remote Command Execution VulnerabilityPublished
2011-04-28WordPress SermonBrowser Plugin 0.43 SQL InjectionPublished
2011-04-26Ajax Category Dropdown Wordpress Plugin 0.1.5 Multiple VulnerabilitiesPublished
2011-04-06WordPress WP Custom Pages Plugin 0.5.0.1 LFI VulnerabilityPublished
2011-03-29Wordpress plugin BackWPup Remote and Local Code Execution VulnerabilityPublished
2011-03-10PHP Speedy <= 0.5.2 Wordpress Plugin (admin_container.php) Remote Code Exec ExploitPublished
2011-03-10GRAND Flash Album Gallery 0.55 Wordpress Plugin Multiple VulnerabilitiesPublished
2011-02-27OPS Old Post Spinner 2.2.1 Wordpress Plugin LFI VulnerabilityPublished
2011-02-27JQuery Mega Menu 1.0 Wordpress Plugin Local File InclusionPublished
2011-02-26Z-Vote 1.1 Wordpress Plugin SQL Injection VulnerabilityPublished
2011-02-25Relevanssi 2.7.2 Wordpress Plugin Stored XSS VulnerabilityPublished
2011-02-25IWantOneButton 3.0.1 Wordpress Plugin Multiple VulnerabilitiesPublished
2011-02-25WP Forum Server 1.6.5 Wordpress Plugin SQL Injection VulnerabilityPublished
2011-02-25GigPress 2.1.10 Wordpress Plugin Stored XSS VulnerabilityPublished
2011-02-24Comment Rating 2.9.23 Wordpress Plugin Multiple VulnerabilitiesPublished
2011-02-18WordPress User Photo Component Remote File Upload VulnerabilityPublished
2011-02-11Enable Media Replace WordPress Plugin Multiple VulnerabilitiesPublished
2010-12-07SQL injection vulnerability in do_trackbacks() Wordpress functionPublished
2010-11-14Wordpress Event Registration Plugin 5.32 SQL Injection VulnerabilityPublished
2010-10-20Wordpress plugin mygallerybrowser.php Remote File Upload VulnerabilityPublished
2010-09-07Wordpress Events Manager Extended Plugin Persistent XSS VulnerabilityPublished
2010-08-05WordPress NextGEN Smooth Gallery Blind SQL Injection VulnerabilityPublished
2010-07-23WordPress Plugin myLDlinker SQL Injection VulnerabilityPublished
2010-07-10Wordpress Firestats Remote Configuration File DownloadPublished
2010-06-25Vulnerabilities in Cimy Counter for WordPressPublished
2010-06-08WordPress Gigya Socialize Plugin Cross-Site Scripting VulnerabilitiesPublished
2010-04-06XSS Vulnerability in NextGEN Gallery Wordpress PluginPublished
2010-03-02Wordpress 2.9.1 wp-admin Cross-Site Scripting VulnerabilityPublished
2010-02-23WordPress Copperleaf Photolog SQL Injection VulnerabilityPublished
2010-02-19WordPress 2.9 plugin wp-wall (XSS) Cross Site Scripting VulnerabilityPublished
2010-02-19Joomla JD-WordPress Remote File Include ExploitPublished
2010-02-19Wordpress Resource exhaustion ExploitPublished
2010-02-19WordPress Pyrmont V2. SQL Injection VulnerabilityPublished
2010-02-19Wordpress <= 2.9 Denial of ServicePublished
2010-02-19Wordpress script <== x.x.x (Events Plugins) SQL Injection VulnerabilityPublished
2010-02-15WordPress Copperleaf Photolog SQL injectionPublished
2010-02-13WordPress >= 2.9 Failure to Restrict URL AccessPublished
2010-01-02Wordpress Events Plugin SQL Injection VulnerabilityPublished
2009-12-310day Wordpress DOS <= 2.9Published
2009-12-18WordPress and Pyrmont V2. SQL Injection VulnerabilityPublished
2009-12-07Vulnerabilities in WP-Cumulus for WordPressPublished
2009-12-05Wordpress Image Manager Plugins Shell Upload VulnerabilityPublished
2009-11-25Vulnerabilities in WP-Cumulus <= 1.20 for WordPressPublished
2009-11-13Wordpress Plugin WP-Syntax <= 0.9.1 Remote Command Execution PoCPublished
2009-11-13WordPress Arbitrary File Upload and Cross Site Scripting VulnerabilitiesPublished
2009-11-11WordPress <= 2.8.5 Unrestricted File Upload Arbitrary PHP Code ExecutionPublished
2009-11-11Fedora Security Update Fixes WordPress-MU Denial of Service IssuePublished
2009-11-10WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass VulnerabilityPublished
2009-11-10WordPress 2.8.5 Unrestricted File Upload Arbitrary PHP Code ExecutionPublished
2009-11-10WordPress MU 1.2.2 - 1.3.1 'wp-includes/wpmu-functions.php' Cross-Site Scripting VulnerabilityPublished
2009-10-27Fedora Security Update Fixes WordPress Denial of Service VulnerabilityPublished
2009-10-23DM Albums for WordPress "delete_album" Directory Traversal IssuePublished
2009-10-22WordPress < 2.8.1 Security Bypass 0dayPublished
2009-10-21WordPress Trackback Remote Denial of Service VulnerabilityPublished
2009-10-20JD-WordPress for Joomla "mosConfig_absolute_path" Inclusion IssuePublished
2009-10-19Joomla JD-WordPress 2.0 RC2 remote file icnlusionPublished
2009-09-02WordPress Privileges Unchecked in admin.php and Multiple Information DisclosuresPublished
2009-08-28WP-Syntax for WordPress "test_filter[wp_head]" Code Injection VulnerabilityPublished
2009-08-27Wordpress Plugin WP-Syntax <= 0.9.1 Remote Command ExecutionPublished
2009-08-24Debian Security Update Fixes Wordpress Security Bypass VulnerabilitiesPublished
2009-08-17Fedora Security Update Fixes WordPress-MU Multiple VulnerabilitiesPublished
2009-08-12Fedora Security Update Fixes WordPress Admin Pass Reset VulnerabilityPublished
2009-08-11Wordpress <= 2.8.3 Remote Admin Reset Password VulnerabilityPublished
2009-08-07Fedora Security Update Fixes WordPress Privilege Escalation IssuesPublished
2009-07-30Fedora Security Update Fixes WordPress Cross Site Scripting IssuePublished
2009-07-27WordPress Plugin FireStats <= 1.6.1(fs_javascript) RFI VulnerabilityPublished
2009-07-24Wordpress 2.8.1 (url) Remote Cross Site Scripting ExploitPublished
2009-07-20Fedora Security Update Fixes WordPress Security Bypass VulnerabilitiesPublished
2009-07-15WordPress Plugin My Category Order <= 2.8 SQL Injection VulnerabilityPublished
2009-07-10WordPress Privileges Unchecked in admin.php and Multiple InformationPublished
2009-07-09WordPress Media Holder (mediaHolder.php id) SQL Injection vulnerabilityPublished
2009-07-09WordPress Multiple Security Bypass and Information Disclosure IssuesPublished
2009-07-02Wordpress Plugin st_newsletter (stnl_iframe.php) SQL Injection VulnerabilityPublished
2009-06-30WordPress Plugin DM Albums 1.9.2 Remote File Disclosure VulnerabilityPublished
2009-06-30WordPress Plugin Related Sites 2.1 Blind SQL Injection VulnerabilityPublished
2009-06-29WordPress Plugin DM Albums 1.9.2 Remote File Inclusion VulnPublished
2009-06-15WordPress Plugin Photoracer 1.0 (id) SQL Injection VulnerabilityPublished
2009-05-26Wordpress Plugin Lytebox (wp-lytebox) Local File Inclusion VulnerabilityPublished
2009-04-15Fedora Security Update Fixes Wordpress-mu Cross Site Scripting IssuePublished
2009-03-18FMoblog Plugin for WordPress "id" Remote SQL Injection VulnerabilityPublished
2009-03-17Wordpress Plugin fMoblog 2.1 (id) SQL Injection VulnerabilityPublished
2009-03-10Wordpress MU < 2.7 'HOST' HTTP Header XSS VulnerabilityPublished
2009-01-12Wordpress plugin WP-Forum 1.7.8 Remote SQL Injection VulnerabilityPublished
2008-12-22Wordpress Plugin Page Flip Image Gallery <= 0.2.2 Remote FD VulnPublished
2008-11-07Fedora Security Update Fixes Wordpress Snoopy Code ExecutionPublished
2008-10-29Wordpress Plugin e-Commerce <= 3.4 Arbitrary File Upload ExploitPublished
2008-10-26WordPress Media Holder (mediaHolder.php id) SQL Injection VulnPublished
2008-10-17Wordpress Plugin st_newsletter (stnl_iframe.php) SQL Injection VulnPublished
2008-09-15WordPress "user_login" Column SQL Truncation VulnerabilityPublished
2008-09-10Fedora Security Update Fixes WordPress SSL Enforcement WeaknessPublished
2008-09-10Wordpress 2.6.1 (SQL Column Truncation) Admin Takeover ExploitPublished
2008-09-07Wordpress 2.6.1 SQL Column Truncation VulnerabilityPublished
2008-07-24Wordpress Plugin Download Manager 0.2 Arbitrary File Upload ExploitPublished
2008-07-07Debian Security Update Fixes WordPress Security Bypass IssuesPublished
2008-05-05Fedora Security Update Fixes WordPress Privilege Escalation IssuePublished
2008-04-28WordPress Cookie Integrity Protection Privilege Escalation VulnerabilityPublished
2008-04-24Spreadsheet for WordPress "ss_id" Remote SQL Injection VulnerabilityPublished
2008-04-22Wordpress Plugin Spreadsheet <= 0.6 SQL Injection VulnerabilityPublished
2008-03-31Wordpress Plugin Download (dl_id) SQL Injection VulnerabilityPublished
2008-02-26Wordpress Plugin Sniplets 1.1.2 (RFI/XSS/RCE) Multiple VulnerabilitiesPublished
2008-02-18Photo Album Plugin for WordPress Multiple SQL Injection VulnerabilitiesPublished
2008-02-16Wordpress Photo album Remote SQL Injection VulnerabilityPublished
2008-02-15Wordpress Plugin Simple Forum 2.0-2.1 SQL Injection VulnerabilityPublished
2008-02-15Wordpress Plugin Simple Forum 1.10-1.11 SQL Injection VulnerabilityPublished
2008-02-13Fedora Security Update Fixes WordPress XML-RPC Post Editing IssuePublished
2008-02-07WordPress XML-RPC Implementation Arbitrary Post Editing VulnerabilityPublished
2008-02-05Wordpress MU < 1.3.2 active_plugins option Code Execution ExploitPublished
2008-02-03Wordpress Plugin st_newsletter Remote SQL Injection VulnerabilityPublished
2008-02-02Wordpress Plugin dmsguestbook 1.7.0 Multiple Remote VulnerabilitiesPublished
2008-02-02Wordpress Plugin Wordspew Remote SQL Injection VulnerabilityPublished
2008-01-31WP-Cal Plugin for WordPress "id" SQL Query Injection VulnerabilityPublished
2008-01-31FGallery Plugin for WordPress "album" SQL Query Injection VulnerabilityPublished
2008-01-31AdServe Plugin for WordPress "id" Parameter SQL Injection VulnerabilityPublished
2008-01-31WassUp Plugin for WordPress "to_date" SQL Injection VulnerabilityPublished
2008-01-30Wordpress Plugin Adserve 0.2 adclick.php SQL Injection ExploitPublished
2008-01-30Wordpress Plugin WassUp 1.4.3 (spy.php to_date) SQL Injection ExploitPublished
2008-01-27Wordpress plugin fGallery 2.4.1 fimrss.php SQL Injection VulnerabilityPublished
2008-01-27Wordpress Plugin WP-Cal 0.3 editevent.php SQL Injection VulnerabilityPublished
2008-01-25Permalinks Migration Plugin for WordPress Cross Site Request ForgeryPublished
2008-01-22WP-Forum Plugin for WordPress "user" SQL Query Injection VulnerabilityPublished
2008-01-19Wordpress plugin WP-Forum 1.7.4 Remote SQL Injection VulnerabilityPublished
2008-01-06Wordpress Plugin Wp-FileManager 1.2 Remote Upload VulnerabilityPublished
2008-01-03Fedora Security Update Fixes WordPress Multiple Remote VulnerabilitiesPublished
2007-12-11Wordpress <= 2.3.1 Charset Remote SQL Injection VulnerabilityPublished
2007-12-11WordPress "s" Parameter Handling Remote SQL Injection VulnerabilityPublished
2007-12-05Wordpress Plugin PictPress <= 0.91 Remote File Disclosure VulnerabilityPublished
2007-11-21WordPress Cookies Processing Authentication Bypass WeaknessPublished
2007-11-06BackUpWordPress "bkpwp_plugin_path" PHP File Inclusion VulnerabilitiesPublished
2007-11-01WordPress Plugin BackUpWordPress <= 0.4.2b RFI VulnerabilityPublished
2007-10-29WordPress "posts_columns" Parameter Cross Site Scripting VulnerabilityPublished
2007-09-14Wordpress Multiple Versions Pwnpress Exploitation Tookit (0.2pub)Published
2007-09-13Wordpress Multiple Parameter Cross Site Scripting and SQL Injection IssuesPublished
2007-08-31Fedora Security Update Fixes WordPress Cross Site Scripting VulnerabilityPublished
2007-08-01WordPress "style" Parameter Processing Cross Site Scripting VulnerabilityPublished
2007-06-26WordPress Security Update Fixes Code Execution and SQL Injection VulnerabilitiesPublished
2007-06-26WordPress 2.2 (wp-app.php) Arbitrary File Upload ExploitPublished
2007-06-11OpenPKG Security Update Fixes WordPress XML-RPC SQL Injection VulnerabilityPublished
2007-06-07WordPress XML-RPC Interface "wp_suggestCategories()" SQL Injection VulnerabilityPublished
2007-06-06Wordpress 2.2 (xmlrpc.php) Remote SQL Injection ExploitPublished
2007-05-21Wordpress 2.1.3 admin-ajax.php SQL Injection Blind Fishing ExploitPublished
2007-05-21WordPress "cookie" Parameter Handling Remote SQL Query Injection VulnerabilityPublished
2007-05-02Debian Security Update Fixes WordPress Cross Site Scripting and Security Bypass IssuesPublished
2007-05-02WP-Table Plugin for WordPress "wppath" Parameter Remote File Inclusion VulnerabilityPublished
2007-05-02WordTube Plugin for WordPress "wppath" Parameter Remote File Inclusion VulnerabilityPublished
2007-05-02MyFlash Plugin for WordPress "wppath" Parameter Remote File Inclusion VulnerabilityPublished
2007-05-01Wordpress plugin myflash <= 1.00 (wppath) RFI VulnerabilityPublished
2007-05-01Wordpress plugin wp-Table <= 1.43 (inc_dir) RFI VulnerabilityPublished
2007-05-01Wordpress plugin wordTube <= 1.43 (wpPATH) RFI VulnerabilityPublished
2007-04-30MyGallery Plugin for Wordpress "myPath" Parameter Remote File Inclusion VulnerabilityPublished
2007-04-29Wordpress Plugin myGallery <= 1.4b4 Remote File Inclusion VulnerabilityPublished
2007-04-04WordPress "XML-RPC" Module Remote SQL Injection and Security Bypass VulnerabilitiesPublished
2007-04-03Wordpress 2.1.2 (xmlrpc) Remote SQL Injection ExploitPublished
2007-03-21Gentoo Security Update Fixes Multiple Wordpress Cross Site Scripting VulnerabilitiesPublished
2007-03-19WordPress "PHP_SELF" Variable Handling Client-Side Cross Site Scripting VulnerabilityPublished
2007-03-13WordPress "wp_title()" and "single_month_title()" Cross Site Scripting VulnerabilityPublished
2007-03-05WordPress "comment_text_phpfilter()" and "get_theme_mcommand()" VulnerabilitiesPublished
2007-02-27WordPress "wp-includes/functions.php" Client-Side Cross Site Scripting VulnerabilityPublished
2007-02-26NoMoKeTo Module for phpBB "phpbb_root_path" Remote File Inclusion VulnerabilityPublished
2007-02-26WordPress "wp_explain_nonce()" Function Client-Side Cross Site Scripting VulnerabilityPublished
2007-01-17Gentoo Security Update Fixes WordPress SQL Injection and Cross Site Scripting IssuesPublished
2007-01-10Wordpress <= 2.0.6 wp-trackback.php Remote SQL Injection ExploitPublished
2007-01-09OpenPKG Security Update Fixes WordPress Trackback Charset SQL Injection IssuePublished
2007-01-07Wordpress 2.0.5 Trackback UTF-7 Remote SQL Injection ExploitPublished
2007-01-06WordPress Trackback Charset SQL Injection and Admin Cross Site Scripting VulnerabilitiesPublished
2007-01-06WordPress "wp-login.php" Authentication Process Information Disclosure VulnerabilityPublished
2006-12-30Enigma 2 WordPress Bridge (boarddir) Remote File Include VulnerabilityPublished
2006-12-27WordPress "get_file_description()" Function Client-Side Cross Site Scripting VulnerabilityPublished
2006-11-21Gentoo Security Update Fixes WordPress Directory Traversal and Security BypassPublished
2006-11-03OpenPKG Security Update Fixes WordPress Multiple Security Bypass VulnerabilitiesPublished
2006-11-02WordPress Remote Directory Traversal and Security Bypass VulnerabilitiesPublished
2006-08-16WP-DB Backup Plugin for WordPress "backup" Parameter Directory Traversal VulnerabilityPublished
2006-07-31WordPress Unspecified Parameter Handling Multiple VulnerabilitiesPublished
2006-07-17Rocks "mount-loop" and "umount-loop" Arguments Handling Privilege Escalation VulnerabilityPublished
2006-07-04WordPress "paged" Parameter Table Prefix and Full Path Disclosure VulnerabilitiesPublished
2006-06-12Gentoo Security Update Fixes WordPress Remote Command Injection VulnerabilityPublished
2006-05-26WordPress User Profile Handling Remote PHP Command Injection VulnerabilityPublished
2006-05-25WordPress <= 2.0.2 (cache) Remote Shell Injection ExploitPublished
2006-03-05Gentoo Security Update Fixes WordPress SQL Injection VulnerabilityPublished
2006-03-01WordPress Cross Site Scripting And Full Path Disclosure VulnerabilitiesPublished
2006-01-16WP-Stats WordPress Plug-in "author" Remote SQL Injection VulnerabilityPublished
2005-11-25PhpWordPress Multiple Parameters Remote SQL Injection VulnerabilityPublished
2005-08-10Wordpress <= 1.5.1.3 Remote Code Execution eXploit (metasploit)Published
2005-08-10WordPress "cache_lastpostdate" Remote Code Execution IssuePublished
2005-08-09Wordpress <= 1.5.1.3 Remote Code Execution 0-Day ExploitPublished
2005-07-04Gentoo Security Update Fixes Multiple WordPress VulnerabilitiesPublished
2005-06-30WordPress SQL Injection and Cross Site Scripting VulnerabilitiesPublished
2005-06-30Wordpress <= 1.5.1.2 xmlrpc Interface SQL Injection ExploitPublished
2005-06-22WordPress <= 1.5.1.1 SQL Injection ExploitPublished
2005-06-21WordPress <= 1.5.1.1 "add new admin" SQL Injection ExploitPublished
2005-06-21WordPress <= 1.5.1.1 ""add new admin"" SQL Injection ExploitPublished
2005-05-30WordPress "cat_ID" Remote SQL Injection VulnerabilityPublished
2004-10-10WordPress Blog HTTP Splitting Vulnerability
Posted by at 11:54 AM
Labels: , , , ,

4 comments:

  1. iffataliAugust 4, 2012 at 5:14 AM

    In both business and personal life, I’ve always found that travel inspires me more than anything else I do. Evidence of the languages, cultures, scenery, food, and design sensibilities that I discover all over the world can be found in every piece of my jewelry.
    Flights to Addis Ababa
    Cheap Flights to Addis Ababa
    Cheap Air Tickets to Addis Ababa

    ReplyDelete
  2. UnknownOctober 9, 2012 at 9:19 PM

    Nice job

    ReplyDelete
  3. James RobertFebruary 23, 2017 at 6:32 AM

    This comment has been removed by the author.

    ReplyDelete
  4. UnknownJuly 30, 2017 at 2:05 AM


    I like your post. This post really awesome and very helpful to me. Please keep posting good contents. Thank you.

    WordPress donation plugin


    ReplyDelete

Subscribe to: Post Comments (Atom)
Related Posts Plugin for WordPress, Blogger...
 

Alexa Rank

Review www.allitemz.blogspot.com on alexa.com

Blog Archive

Total Pageviews

Your IP

what is my ip address?
back to top