Roytanck Wp-Cumulus vulnerabilities
3 known vulnerabilities affecting roytanck/wp-cumulus.
Total CVEs
3
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2009-4170P4MEDIUMCVSS 5.0PoCv1.202009-12-02
CVE-2009-4170 [MEDIUM] CWE-200 CVE-2009-4170: WP-Cumulus Plug-in 1.20 for WordPress, and possibly other versions, allows remote attackers to obtai
WP-Cumulus Plug-in 1.20 for WordPress, and possibly other versions, allows remote attackers to obtain sensitive information via a crafted request to wp-cumulus.php, probably without parameters, which reveals the installation path in an error message.
nvd
CVE-2009-4168P4MEDIUMCVSS 4.3PoC≤ 1.22v1.00+17 more2009-12-02
CVE-2009-4168 [MEDIUM] CWE-79 CVE-2009-4168: Cross-site scripting (XSS) vulnerability in Roy Tanck tagcloud.swf, as used in the WP-Cumulus plugin
Cross-site scripting (XSS) vulnerability in Roy Tanck tagcloud.swf, as used in the WP-Cumulus plugin before 1.23 for WordPress and the Joomulus module 2.0 and earlier for Joomla!, allows remote attackers to inject arbitrary web script or HTML via the tagcloud parameter in a tags action. Cross-site scripting (XSS) vulnerability in tagcloud.swf in the WP
nvd
CVE-2009-4169P4MEDIUMCVSS 4.3≤ 1.21v1.00+16 more2009-12-02
CVE-2009-4169 [MEDIUM] CWE-79 CVE-2009-4169: Cross-site scripting (XSS) vulnerability in wp-cumulus.php in the WP-Cumulus Plug-in before 1.22 for
Cross-site scripting (XSS) vulnerability in wp-cumulus.php in the WP-Cumulus Plug-in before 1.22 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
nvd