Shodan
Vulnerabilities
Vulnerable Software
Wordpress:  >> Wordpress  >> 3.9.23  Security Vulnerabilities
CVE-2011-4568
Cross-site scripting (XSS) vulnerability in view/frontend-head.php in the Flowplayer plugin before 1.2.12 for WordPress allows remote attackers to inject arbitrary web script or HTML via the URI.
CVSS Score
4.3
EPSS Score
0.003
Published
2011-11-29
CVE-2011-4562
Multiple cross-site scripting (XSS) vulnerabilities in (1) view/admin/log_item.php and (2) view/admin/log_item_details.php in the Redirection plugin 2.2.9 for WordPress allow remote attackers to inject arbitrary web script or HTML via the Referer HTTP header in a request to a post that does not exist.
CVSS Score
4.3
EPSS Score
0.005
Published
2011-11-28
CVE-2010-4875
Cross-site scripting (XSS) vulnerability in vodpod-video-gallery/vodpod_gallery_thumbs.php in the Vodpod Video Gallery Plugin 3.1.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the gid parameter.
CVSS Score
4.3
EPSS Score
0.037
Published
2011-10-07
CVE-2011-3981
PHP remote file inclusion vulnerability in actions.php in the Allwebmenus plugin 1.1.3 for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter.
CVSS Score
7.5
EPSS Score
0.053
Published
2011-10-04
CVE-2011-3856
Cross-site scripting (XSS) vulnerability in the Elegant Grunge theme before 1.0.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter.
CVSS Score
4.3
EPSS Score
0.005
Published
2011-09-28
CVE-2011-3857
Cross-site scripting (XSS) vulnerability in the Antisnews theme before 1.10 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter.
CVSS Score
4.3
EPSS Score
0.002
Published
2011-09-28
CVE-2011-3858
Cross-site scripting (XSS) vulnerability in the Pixiv Custom theme before 2.1.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter.
CVSS Score
4.3
EPSS Score
0.006
Published
2011-09-28
CVE-2011-3859
Cross-site scripting (XSS) vulnerability in the Trending theme before 0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cpage parameter.
CVSS Score
4.3
EPSS Score
0.005
Published
2011-09-28
CVE-2011-3860
Cross-site scripting (XSS) vulnerability in the Cover WP theme before 1.6.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter.
CVSS Score
4.3
EPSS Score
0.006
Published
2011-09-28
CVE-2011-3861
Cross-site scripting (XSS) vulnerability in the Web Minimalist 200901 theme before 1.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php.
CVSS Score
4.3
EPSS Score
0.005
Published
2011-09-28


Products
Pricing
Contact Us

Shodan ® - All rights reserved