Wordpress plugin to Hide Admin Panels

For the site security sometimes it become important to hide admin panel of wordpress blog. Now lets introduce a wordpress plugin to hide admin panel. This plugin will only compatible with the wordpress blogs which are using the wordpress version greater than 2.7.1. You can hide all the options that wordpress shows you on the left sidebar. But, do remember that it’s only an aesthetic effect. So, if the user of your wordpress blog has installed any extension that allows him to change the CSS then he can able to view the options.


Best 24 Wordpress Plugins For a Blog

WordPress Popular Posts
WordPress popular post is a sidebar widget that allows us to show popular post at the sidebar of our wordpress blog. WordPress popular post is also supported by another very good plugin that is wp-post rating.

Wp-postratings plugin
You might have seen the blog posts that have a star rating, now you also can have that feature in your blog using the wp-postrating plugin.

All in One SEO Plugin
This is the must have plugin that every wordpress blog should have. It gives us option to optimize our wordpress blog for search engine to get more traffic. It allows us to customize our blog’s title tag, keywords, Meta tags etc to gain more exposure in search engine.

Tweet This
This is another good plugin that can help you to popularize your blog into social media and get you more traffic. It adds “tweet this post” link to every blog post and page.

Most Commented Widget
Most commented widget will add a widget into your blog sidebar that will show the most commented post on your blog.

WordPress Related Posts
This is a very good plugin, wordpress related post plugin generates related according to the tag and categories post and shows them at the end of the article that help the user to browse similar content into your blog also it is good for seo too since it interlinks your blog posts.

Top Commentators Widget
This is a good plugin that help you to encourage commenting in your blog by showing the top commenter in the sidebar widget.

Dofollow
This plugin also help you to encourage the commenting in your blog specially if your blog is new by removing the dofollow attribute from your wordpress blog and rewarding the commenter with a dofollow link.

No Self Pings
If you intralink your blog post and your wordpress blog is configured to accept trackbacks then your blog must be sending trackback link to your blog each time you interlinks your posts. No self pings plugin will disable intra-blog pinging.

Sociable
This plugin will add the links of your favorite social bookmarking site at the bottom of your post so that the blog readers can bookmark your article and help you to get more traffic from social media.

WP-DBManager
This plugin is very useful, it allows you to optimize, repair, delete, backup, and restore your wordpress database. You can also schedule this plugin to take time to to back back of you’re your wordpress blog database.

WP-Sticky
This plugin is used to feature a blog post, the best part of this plugin is that you can make sticky post for specific a category.

WP e-Commerce
Turn your wordpress site into a money making ecommerce store.wp e-commerce plugin will give you all the functionality within your wordpress blog that you need to run an ecommerce site.

All in One Video Pack
If you want to upload videos on your blog then this plugin will help you. This Is not just an another video embed plugin, it gives you lots of features like uploading videos, editing of videos using online video editor, manage and track your video content , it supports more than 150 formats of video and audio etc

Permalink Redirect
If you change your blog’s permalink settings then this is the must have plugin for you, it redirects your old URL to new so that you don’t loose any traffic.

WP125
I like this plugin very much, it helps you to place the 125X125 ads on your sidebar. This plugin is very easy to use and you can easily configure according to your requirement  from its admin panel.

GoCodes
This plugin is very useful for bloggers who promotes affiliate product on there blog, it basically hides the nasty affiliate URL and convert that URL into your blog URL and when some user click on that URL It redirects the user to your affiliate link.

Google XML Sitemaps
This is a must have plugin to get better indexing in search engine, it generates a xml sitemap of your blog that help search engines like Google, yahoo, bing and ask to index your blog in a better way and shows them the complete structure of your blog.

WP-DB-Backup
This is the most essential plugin for every blog, it helps you to take he back up of your blog database. The best part of this plugin is that you can schedule the back up time and it will mail you the backup files.

WordPress Backup
This is another essential plugin for your wordpress blog, it take the back up of images, theme directory, plugins and mail the zip copy of it to you.

WP Super Cache
This is another must have plugin for every wordpress blog, it generates the static html file from your dynamic blog that will reduces the loading time of your blog so that your user can browse your blog faster and that enhance their experience on your blog.
SEO Smart Links
This is essential plugin for search engine optimization, if you’re looking to get traffic from search engines then you can’t overlook this plugin. This plugin will interlink your blog posts according to the keywords that you can configure from its admin panel

Akismet
Wordpress blog unfortunately get many spam comments and to prevent your wordpress blogfrom getting those spam comments this is the must have plugin.

Contact Form 7
This is a very useful plugin that lets your user to contact you using a contact form. This plugin is very easy to use and you can easily configure this plugin according to your requirements under its control panel.
Above our the list of best wordpress plugins according to me, do let me know in comments if, I have forgot any important plugin for wordpress also don’t forget to share your best wordpress plugins that i didn’t mention in this post so that I can update this post.

Wordpress plugin vulnerability list

In our wordpress blog we use many plugin. But all of us do not know that some of these plugin is harmful for our site. Harmful plugin create a hole of a website. And a hacker hack my site by using this hole. So we should aboid the vulnerability plugin. In the bellow I give you some wordpress plugin vulnerability list:


Date Description Status
2011-12-15BLIND SQL injection UPM-POLLS wordpress plugin 1.0.4Published
2011-12-08WordPress Pretty Link 1.5.2 Cross Site ScriptingPublished
2011-12-02WordPress Flash Album Gallery Cross Site ScriptingPublished
2011-11-25Wordpress enable-latex plugin Remote File Include VulnerabilitiesPublished
2011-11-23Wordpress meenews 5.1 plugin Cross-Site Scripting VulnerabilitiesPublished
2011-11-22WordPress Advanced Text Widget plugin suffers from a cross site scripting vulnerabilityPublished
2011-11-22WordPress Adminimize plugin suffers from a cross site scripting vulnerabilityPublished
2011-11-19WordPress jetpack plugin SQL Injection VulnerabilityPublished
2011-11-15WordPress AdRotate plugin <= 3.6.6 SQL Injection VulnerabilityPublished
2011-11-14Wordpress Zingiri Plugin <= 2.2.3 (ajax_save_name.php) Remote Code ExecutionPublished
2011-11-01WordPress WP Glossary plugin SQL Injection VulnerabilityPublished
2011-10-31WordPress WP Glossary Plugin SQL InjectionPublished
2011-10-31WordPress Classipress Theme <= 3.1.4 Stored XSSPublished
2011-10-28WordPress wptouch plugin SQL Injection VulnerabilityPublished
2011-10-17Wordpress Mailing List 1.3.2Published
2011-10-17WordPress Photo Album Plus <= 4.1.1 SQLPublished
2011-10-15WordPress Photo Album Plus <= 4.1.1 SQL Injection VulnerabilityPublished
2011-10-13WordPress Pretty Link 1.4.56 Cross Site ScriptingPublished
2011-10-13WordPress GD Star Rating plugin <= 1.9.10 SQL InjectionPublished
2011-10-06Packet storm WordPress Redirection 2.2.9 Persistent Cross Site ScriptingPublished
2011-10-05WordPress Redirection 2.2.9 Persistent Cross Site ScriptingPublished
2011-09-30WordPress WP Bannerize plugin <= 2.8.7 SQL Injection VulnerabilityPublished
2011-09-25WordPress Link Library plugin <= 5.2.1 SQL Injection VulnerabilityPublished
2011-09-21Wordpress Zingiri Web Shop Plugin 2.2.0 Remote File InclusionPublished
2011-09-21Wordpress AllWebMenus Plugin 1.1.3 Remote File InclusionPublished
2011-09-21Wordpress Mailing List Plugin 1.3.2 Remote File InclusionPublished
2011-09-21Wordpress TheCartPress Plugin 1.1.1 Remote File InclusionPublished
2011-09-21Wordpress Disclosure Policy Plugin 1.0 Remote File InclusionPublished
2011-09-21Wordpress Relocate Upload Plugin 0.14 Remote File InclusionPublished
2011-09-21Wordpress Livesig Plugin 0.4 Remote File InclusionPublished
2011-09-21WordPress Filedownload Plugin 0.1 (download.php) Remote File Disclosure VulnerabilityPublished
2011-09-21WordPress WP e-Commerce"cs1"SQLPublished
2011-09-21Multiple Wordpress Plugin timthumb.php VulnerabilitesPublished
2011-09-21Wordpress Annonces Plugin 1.2.0.0 Remote File InclusionPublished
2011-09-21Wordpress Mini Mail Dashboard Widget Plugin 1.36 Remote File InclusionPublished
2011-09-21Wordpress WPEasyStats Plugin 1.8 Remote File InclusionPublished
2011-09-19WordPress Count per Day plugin <= 2.17 SQL Injection VulnerabilityPublished
2011-09-18WordPress Auctions plugin <= 1.8.8 SQL Injection VulnerabilityPublished
2011-09-14WordPress WP e-Commerce plugin <= 3.8.6 SQL Injection VulnerabilityPublished
2011-09-13Wordpress 1 Flash Gallery Plugin Arbiraty File Upload Exploit (MSF)Published
2011-09-10WordPress Advertizer plugin <= 1.0 SQL Injection VulnerabilityPublished
2011-09-10WordPress WP Bannerize plugin <= 2.8.6 SQL InjectionPublished
2011-09-10WordPress wp audio gallery playlist plugin <= 0.12 SQL InjectionPublished
2011-09-10WordPress iCopyright(R) Article Tools plugin <= 1.1.4 SQL InjectionPublished
2011-09-10WordPress Donation plugin <= 1.0 SQL InjectionPublished
2011-09-10WordPress Crawl Rate Tracker plugin <= 2.0.2 SQL Injection VulnerabilityPublished
2011-09-10WordPress PureHTML plugin <= 1.0.0 SQL InjectionPublished
2011-09-10WordPress Facebook Opengraph Meta Plugin plugin <= 1.0 SQL Injection VulnerabilityPublished
2011-09-10Wordpress Image Gallery with Slideshow plugin <= 1.5 Multiple VulnerabilitiesPublished
2011-09-10WordPress yolink Search plugin <= 1.1.4 SQL InjectionPublished
2011-09-10WordPress VideoWhisper Video Presentation plugin <= 1.1 SQL Injection VulnerabilityPublished
2011-09-10WordPress SH Slideshow plugin <= 3.1.4 SQL Injection VulnerabilityPublished
2011-09-10Wordpress grapefile plugin <= 1.1 Arbitrary File UploadPublished
2011-09-10WordPress Facebook Promotions plugin <= 1.3.3 SQL Injection VulnerabilityPublished
2011-09-10WordPress Event Registration plugin <= 5.4.3 SQL InjectionPublished
2011-09-10WordPress Couponer plugin <= 1.2 SQL InjectionPublished
2011-09-10WordPress SendIt plugin <= 1.5.9 Blind SQL Injection VulnerabilityPublished
2011-08-29WordPress mySTAT plugin <= 2.6 SQL Injection VulnerabilityPublished
2011-08-29WordPress Block-Spam-By-Math-Reloaded Plugin BypassPublished
2011-08-29WordPress Evarisk plugin <= 5.1.3.6 SQL Injection VulnerabilityPublished
2011-08-29WordPress MM Duplicate plugin <= 1.2 SQL Injection VulnerabilityPublished
2011-08-29WordPress Profiles plugin <= 2.0 RC1 SQL Injection VulnerabilityPublished
2011-08-29WordPress Photoracer 1.0 Cross Site Scripting / SQL InjectionPublished
2011-08-29WordPress TimThumb Plugin - Remote Code ExecutionPublished
2011-08-28WordPress Js-appointment plugin <= 1.5 SQL Injection VulnerabilityPublished
2011-08-28WordPress Super CAPTCHA plugin <= 2.2.4 SQL Injection VulnerabilityPublished
2011-08-28WordPress Collision Testimonials plugin <= 3.0 SQL Injection VulnerabilityPublished
2011-08-28WordPress oQey Headers plugin <= 0.3 SQL Injection VulnerabilityPublished
2011-08-28WordPress Photoracer plugin <= 1.0 SQL Injection VulnerabilityPublished
2011-08-28WordPress Photoracer Plugin <= 1.0 Multiple VulnerabilitiesPublished
2011-08-28WordPress MM Forms Community plugin <= 1.2.3 SQL Injection VulnerabilityPublished
2011-08-26WordPress Yoast v4.1.3 Local File Disclosure VulnerabilityPublished
2011-08-21WordPress UnGallery plugin <= 1.5.8 Local File Disclosure VulnerabilityPublished
2011-08-18WordPress File Groups plugin <= 1.1.2 SQL Injection VulnerabilityPublished
2011-08-18WordPress WP DS FAQ plugin <= 1.3.2 SQL Injection VulnerabilityPublished
2011-08-18WordPress OdiHost Newsletter plugin <= 1.0 SQL Injection VulnerabilityPublished
2011-08-18WordPress Easy Contact Form Lite plugin <= 1.0.7 SQL Injection VulnerabilityPublished
2011-08-18WordPress Global Content Blocks plugin <= 1.2 SQL Injection VulnerabilityPublished
2011-08-18WordPress WP Symposium plugin <= 0.64 SQL Injection VulnerabilityPublished
2011-08-18WordPress Ajax Gallery plugin <= 3.0 SQL Injection VulnerabilityPublished
2011-08-18WordPress Contus HD FLV Player plugin <= 1.3 SQL Injection VulnerabilityPublished
2011-08-18WordPress WP Forum plugin <= 1.7.8 SQL Injection VulnerabilityPublished
2011-07-04WordPress 3.1.3 SQL Injection VulnerabilitiesPublished
2011-06-27Wordpress core 3.1.3 Persistent XSS VulnerabilityPublished
2011-06-27Wordpress Beer Recipes Plugin v.1.0 XSSPublished
2011-05-24Is-human <=1.4.2 Wordpress Plugin Remote Command Execution VulnerabilityPublished
2011-04-28WordPress SermonBrowser Plugin 0.43 SQL InjectionPublished
2011-04-26Ajax Category Dropdown Wordpress Plugin 0.1.5 Multiple VulnerabilitiesPublished
2011-04-06WordPress WP Custom Pages Plugin 0.5.0.1 LFI VulnerabilityPublished
2011-03-29Wordpress plugin BackWPup Remote and Local Code Execution VulnerabilityPublished
2011-03-10PHP Speedy <= 0.5.2 Wordpress Plugin (admin_container.php) Remote Code Exec ExploitPublished
2011-03-10GRAND Flash Album Gallery 0.55 Wordpress Plugin Multiple VulnerabilitiesPublished
2011-02-27OPS Old Post Spinner 2.2.1 Wordpress Plugin LFI VulnerabilityPublished
2011-02-27JQuery Mega Menu 1.0 Wordpress Plugin Local File InclusionPublished
2011-02-26Z-Vote 1.1 Wordpress Plugin SQL Injection VulnerabilityPublished
2011-02-25Relevanssi 2.7.2 Wordpress Plugin Stored XSS VulnerabilityPublished
2011-02-25IWantOneButton 3.0.1 Wordpress Plugin Multiple VulnerabilitiesPublished
2011-02-25WP Forum Server 1.6.5 Wordpress Plugin SQL Injection VulnerabilityPublished
2011-02-25GigPress 2.1.10 Wordpress Plugin Stored XSS VulnerabilityPublished
2011-02-24Comment Rating 2.9.23 Wordpress Plugin Multiple VulnerabilitiesPublished
2011-02-18WordPress User Photo Component Remote File Upload VulnerabilityPublished
2011-02-11Enable Media Replace WordPress Plugin Multiple VulnerabilitiesPublished
2010-12-07SQL injection vulnerability in do_trackbacks() Wordpress functionPublished
2010-11-14Wordpress Event Registration Plugin 5.32 SQL Injection VulnerabilityPublished
2010-10-20Wordpress plugin mygallerybrowser.php Remote File Upload VulnerabilityPublished
2010-09-07Wordpress Events Manager Extended Plugin Persistent XSS VulnerabilityPublished
2010-08-05WordPress NextGEN Smooth Gallery Blind SQL Injection VulnerabilityPublished
2010-07-23WordPress Plugin myLDlinker SQL Injection VulnerabilityPublished
2010-07-10Wordpress Firestats Remote Configuration File DownloadPublished
2010-06-25Vulnerabilities in Cimy Counter for WordPressPublished
2010-06-08WordPress Gigya Socialize Plugin Cross-Site Scripting VulnerabilitiesPublished
2010-04-06XSS Vulnerability in NextGEN Gallery Wordpress PluginPublished
2010-03-02Wordpress 2.9.1 wp-admin Cross-Site Scripting VulnerabilityPublished
2010-02-23WordPress Copperleaf Photolog SQL Injection VulnerabilityPublished
2010-02-19WordPress 2.9 plugin wp-wall (XSS) Cross Site Scripting VulnerabilityPublished
2010-02-19Joomla JD-WordPress Remote File Include ExploitPublished
2010-02-19Wordpress Resource exhaustion ExploitPublished
2010-02-19WordPress Pyrmont V2. SQL Injection VulnerabilityPublished
2010-02-19Wordpress <= 2.9 Denial of ServicePublished
2010-02-19Wordpress script <== x.x.x (Events Plugins) SQL Injection VulnerabilityPublished
2010-02-15WordPress Copperleaf Photolog SQL injectionPublished
2010-02-13WordPress >= 2.9 Failure to Restrict URL AccessPublished
2010-01-02Wordpress Events Plugin SQL Injection VulnerabilityPublished
2009-12-310day Wordpress DOS <= 2.9Published
2009-12-18WordPress and Pyrmont V2. SQL Injection VulnerabilityPublished
2009-12-07Vulnerabilities in WP-Cumulus for WordPressPublished
2009-12-05Wordpress Image Manager Plugins Shell Upload VulnerabilityPublished
2009-11-25Vulnerabilities in WP-Cumulus <= 1.20 for WordPressPublished
2009-11-13Wordpress Plugin WP-Syntax <= 0.9.1 Remote Command Execution PoCPublished
2009-11-13WordPress Arbitrary File Upload and Cross Site Scripting VulnerabilitiesPublished
2009-11-11WordPress <= 2.8.5 Unrestricted File Upload Arbitrary PHP Code ExecutionPublished
2009-11-11Fedora Security Update Fixes WordPress-MU Denial of Service IssuePublished
2009-11-10WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass VulnerabilityPublished
2009-11-10WordPress 2.8.5 Unrestricted File Upload Arbitrary PHP Code ExecutionPublished
2009-11-10WordPress MU 1.2.2 - 1.3.1 'wp-includes/wpmu-functions.php' Cross-Site Scripting VulnerabilityPublished
2009-10-27Fedora Security Update Fixes WordPress Denial of Service VulnerabilityPublished
2009-10-23DM Albums for WordPress "delete_album" Directory Traversal IssuePublished
2009-10-22WordPress < 2.8.1 Security Bypass 0dayPublished
2009-10-21WordPress Trackback Remote Denial of Service VulnerabilityPublished
2009-10-20JD-WordPress for Joomla "mosConfig_absolute_path" Inclusion IssuePublished
2009-10-19Joomla JD-WordPress 2.0 RC2 remote file icnlusionPublished
2009-09-02WordPress Privileges Unchecked in admin.php and Multiple Information DisclosuresPublished
2009-08-28WP-Syntax for WordPress "test_filter[wp_head]" Code Injection VulnerabilityPublished
2009-08-27Wordpress Plugin WP-Syntax <= 0.9.1 Remote Command ExecutionPublished
2009-08-24Debian Security Update Fixes Wordpress Security Bypass VulnerabilitiesPublished
2009-08-17Fedora Security Update Fixes WordPress-MU Multiple VulnerabilitiesPublished
2009-08-12Fedora Security Update Fixes WordPress Admin Pass Reset VulnerabilityPublished
2009-08-11Wordpress <= 2.8.3 Remote Admin Reset Password VulnerabilityPublished
2009-08-07Fedora Security Update Fixes WordPress Privilege Escalation IssuesPublished
2009-07-30Fedora Security Update Fixes WordPress Cross Site Scripting IssuePublished
2009-07-27WordPress Plugin FireStats <= 1.6.1(fs_javascript) RFI VulnerabilityPublished
2009-07-24Wordpress 2.8.1 (url) Remote Cross Site Scripting ExploitPublished
2009-07-20Fedora Security Update Fixes WordPress Security Bypass VulnerabilitiesPublished
2009-07-15WordPress Plugin My Category Order <= 2.8 SQL Injection VulnerabilityPublished
2009-07-10WordPress Privileges Unchecked in admin.php and Multiple InformationPublished
2009-07-09WordPress Media Holder (mediaHolder.php id) SQL Injection vulnerabilityPublished
2009-07-09WordPress Multiple Security Bypass and Information Disclosure IssuesPublished
2009-07-02Wordpress Plugin st_newsletter (stnl_iframe.php) SQL Injection VulnerabilityPublished
2009-06-30WordPress Plugin DM Albums 1.9.2 Remote File Disclosure VulnerabilityPublished
2009-06-30WordPress Plugin Related Sites 2.1 Blind SQL Injection VulnerabilityPublished
2009-06-29WordPress Plugin DM Albums 1.9.2 Remote File Inclusion VulnPublished
2009-06-15WordPress Plugin Photoracer 1.0 (id) SQL Injection VulnerabilityPublished
2009-05-26Wordpress Plugin Lytebox (wp-lytebox) Local File Inclusion VulnerabilityPublished
2009-04-15Fedora Security Update Fixes Wordpress-mu Cross Site Scripting IssuePublished
2009-03-18FMoblog Plugin for WordPress "id" Remote SQL Injection VulnerabilityPublished
2009-03-17Wordpress Plugin fMoblog 2.1 (id) SQL Injection VulnerabilityPublished
2009-03-10Wordpress MU < 2.7 'HOST' HTTP Header XSS VulnerabilityPublished
2009-01-12Wordpress plugin WP-Forum 1.7.8 Remote SQL Injection VulnerabilityPublished
2008-12-22Wordpress Plugin Page Flip Image Gallery <= 0.2.2 Remote FD VulnPublished
2008-11-07Fedora Security Update Fixes Wordpress Snoopy Code ExecutionPublished
2008-10-29Wordpress Plugin e-Commerce <= 3.4 Arbitrary File Upload ExploitPublished
2008-10-26WordPress Media Holder (mediaHolder.php id) SQL Injection VulnPublished
2008-10-17Wordpress Plugin st_newsletter (stnl_iframe.php) SQL Injection VulnPublished
2008-09-15WordPress "user_login" Column SQL Truncation VulnerabilityPublished
2008-09-10Fedora Security Update Fixes WordPress SSL Enforcement WeaknessPublished
2008-09-10Wordpress 2.6.1 (SQL Column Truncation) Admin Takeover ExploitPublished
2008-09-07Wordpress 2.6.1 SQL Column Truncation VulnerabilityPublished
2008-07-24Wordpress Plugin Download Manager 0.2 Arbitrary File Upload ExploitPublished
2008-07-07Debian Security Update Fixes WordPress Security Bypass IssuesPublished
2008-05-05Fedora Security Update Fixes WordPress Privilege Escalation IssuePublished
2008-04-28WordPress Cookie Integrity Protection Privilege Escalation VulnerabilityPublished
2008-04-24Spreadsheet for WordPress "ss_id" Remote SQL Injection VulnerabilityPublished
2008-04-22Wordpress Plugin Spreadsheet <= 0.6 SQL Injection VulnerabilityPublished
2008-03-31Wordpress Plugin Download (dl_id) SQL Injection VulnerabilityPublished
2008-02-26Wordpress Plugin Sniplets 1.1.2 (RFI/XSS/RCE) Multiple VulnerabilitiesPublished
2008-02-18Photo Album Plugin for WordPress Multiple SQL Injection VulnerabilitiesPublished
2008-02-16Wordpress Photo album Remote SQL Injection VulnerabilityPublished
2008-02-15Wordpress Plugin Simple Forum 2.0-2.1 SQL Injection VulnerabilityPublished
2008-02-15Wordpress Plugin Simple Forum 1.10-1.11 SQL Injection VulnerabilityPublished
2008-02-13Fedora Security Update Fixes WordPress XML-RPC Post Editing IssuePublished
2008-02-07WordPress XML-RPC Implementation Arbitrary Post Editing VulnerabilityPublished
2008-02-05Wordpress MU < 1.3.2 active_plugins option Code Execution ExploitPublished
2008-02-03Wordpress Plugin st_newsletter Remote SQL Injection VulnerabilityPublished
2008-02-02Wordpress Plugin dmsguestbook 1.7.0 Multiple Remote VulnerabilitiesPublished
2008-02-02Wordpress Plugin Wordspew Remote SQL Injection VulnerabilityPublished
2008-01-31WP-Cal Plugin for WordPress "id" SQL Query Injection VulnerabilityPublished
2008-01-31FGallery Plugin for WordPress "album" SQL Query Injection VulnerabilityPublished
2008-01-31AdServe Plugin for WordPress "id" Parameter SQL Injection VulnerabilityPublished
2008-01-31WassUp Plugin for WordPress "to_date" SQL Injection VulnerabilityPublished
2008-01-30Wordpress Plugin Adserve 0.2 adclick.php SQL Injection ExploitPublished
2008-01-30Wordpress Plugin WassUp 1.4.3 (spy.php to_date) SQL Injection ExploitPublished
2008-01-27Wordpress plugin fGallery 2.4.1 fimrss.php SQL Injection VulnerabilityPublished
2008-01-27Wordpress Plugin WP-Cal 0.3 editevent.php SQL Injection VulnerabilityPublished
2008-01-25Permalinks Migration Plugin for WordPress Cross Site Request ForgeryPublished
2008-01-22WP-Forum Plugin for WordPress "user" SQL Query Injection VulnerabilityPublished
2008-01-19Wordpress plugin WP-Forum 1.7.4 Remote SQL Injection VulnerabilityPublished
2008-01-06Wordpress Plugin Wp-FileManager 1.2 Remote Upload VulnerabilityPublished
2008-01-03Fedora Security Update Fixes WordPress Multiple Remote VulnerabilitiesPublished
2007-12-11Wordpress <= 2.3.1 Charset Remote SQL Injection VulnerabilityPublished
2007-12-11WordPress "s" Parameter Handling Remote SQL Injection VulnerabilityPublished
2007-12-05Wordpress Plugin PictPress <= 0.91 Remote File Disclosure VulnerabilityPublished
2007-11-21WordPress Cookies Processing Authentication Bypass WeaknessPublished
2007-11-06BackUpWordPress "bkpwp_plugin_path" PHP File Inclusion VulnerabilitiesPublished
2007-11-01WordPress Plugin BackUpWordPress <= 0.4.2b RFI VulnerabilityPublished
2007-10-29WordPress "posts_columns" Parameter Cross Site Scripting VulnerabilityPublished
2007-09-14Wordpress Multiple Versions Pwnpress Exploitation Tookit (0.2pub)Published
2007-09-13Wordpress Multiple Parameter Cross Site Scripting and SQL Injection IssuesPublished
2007-08-31Fedora Security Update Fixes WordPress Cross Site Scripting VulnerabilityPublished
2007-08-01WordPress "style" Parameter Processing Cross Site Scripting VulnerabilityPublished
2007-06-26WordPress Security Update Fixes Code Execution and SQL Injection VulnerabilitiesPublished
2007-06-26WordPress 2.2 (wp-app.php) Arbitrary File Upload ExploitPublished
2007-06-11OpenPKG Security Update Fixes WordPress XML-RPC SQL Injection VulnerabilityPublished
2007-06-07WordPress XML-RPC Interface "wp_suggestCategories()" SQL Injection VulnerabilityPublished
2007-06-06Wordpress 2.2 (xmlrpc.php) Remote SQL Injection ExploitPublished
2007-05-21Wordpress 2.1.3 admin-ajax.php SQL Injection Blind Fishing ExploitPublished
2007-05-21WordPress "cookie" Parameter Handling Remote SQL Query Injection VulnerabilityPublished
2007-05-02Debian Security Update Fixes WordPress Cross Site Scripting and Security Bypass IssuesPublished
2007-05-02WP-Table Plugin for WordPress "wppath" Parameter Remote File Inclusion VulnerabilityPublished
2007-05-02WordTube Plugin for WordPress "wppath" Parameter Remote File Inclusion VulnerabilityPublished
2007-05-02MyFlash Plugin for WordPress "wppath" Parameter Remote File Inclusion VulnerabilityPublished
2007-05-01Wordpress plugin myflash <= 1.00 (wppath) RFI VulnerabilityPublished
2007-05-01Wordpress plugin wp-Table <= 1.43 (inc_dir) RFI VulnerabilityPublished
2007-05-01Wordpress plugin wordTube <= 1.43 (wpPATH) RFI VulnerabilityPublished
2007-04-30MyGallery Plugin for Wordpress "myPath" Parameter Remote File Inclusion VulnerabilityPublished
2007-04-29Wordpress Plugin myGallery <= 1.4b4 Remote File Inclusion VulnerabilityPublished
2007-04-04WordPress "XML-RPC" Module Remote SQL Injection and Security Bypass VulnerabilitiesPublished
2007-04-03Wordpress 2.1.2 (xmlrpc) Remote SQL Injection ExploitPublished
2007-03-21Gentoo Security Update Fixes Multiple Wordpress Cross Site Scripting VulnerabilitiesPublished
2007-03-19WordPress "PHP_SELF" Variable Handling Client-Side Cross Site Scripting VulnerabilityPublished
2007-03-13WordPress "wp_title()" and "single_month_title()" Cross Site Scripting VulnerabilityPublished
2007-03-05WordPress "comment_text_phpfilter()" and "get_theme_mcommand()" VulnerabilitiesPublished
2007-02-27WordPress "wp-includes/functions.php" Client-Side Cross Site Scripting VulnerabilityPublished
2007-02-26NoMoKeTo Module for phpBB "phpbb_root_path" Remote File Inclusion VulnerabilityPublished
2007-02-26WordPress "wp_explain_nonce()" Function Client-Side Cross Site Scripting VulnerabilityPublished
2007-01-17Gentoo Security Update Fixes WordPress SQL Injection and Cross Site Scripting IssuesPublished
2007-01-10Wordpress <= 2.0.6 wp-trackback.php Remote SQL Injection ExploitPublished
2007-01-09OpenPKG Security Update Fixes WordPress Trackback Charset SQL Injection IssuePublished
2007-01-07Wordpress 2.0.5 Trackback UTF-7 Remote SQL Injection ExploitPublished
2007-01-06WordPress Trackback Charset SQL Injection and Admin Cross Site Scripting VulnerabilitiesPublished
2007-01-06WordPress "wp-login.php" Authentication Process Information Disclosure VulnerabilityPublished
2006-12-30Enigma 2 WordPress Bridge (boarddir) Remote File Include VulnerabilityPublished
2006-12-27WordPress "get_file_description()" Function Client-Side Cross Site Scripting VulnerabilityPublished
2006-11-21Gentoo Security Update Fixes WordPress Directory Traversal and Security BypassPublished
2006-11-03OpenPKG Security Update Fixes WordPress Multiple Security Bypass VulnerabilitiesPublished
2006-11-02WordPress Remote Directory Traversal and Security Bypass VulnerabilitiesPublished
2006-08-16WP-DB Backup Plugin for WordPress "backup" Parameter Directory Traversal VulnerabilityPublished
2006-07-31WordPress Unspecified Parameter Handling Multiple VulnerabilitiesPublished
2006-07-17Rocks "mount-loop" and "umount-loop" Arguments Handling Privilege Escalation VulnerabilityPublished
2006-07-04WordPress "paged" Parameter Table Prefix and Full Path Disclosure VulnerabilitiesPublished
2006-06-12Gentoo Security Update Fixes WordPress Remote Command Injection VulnerabilityPublished
2006-05-26WordPress User Profile Handling Remote PHP Command Injection VulnerabilityPublished
2006-05-25WordPress <= 2.0.2 (cache) Remote Shell Injection ExploitPublished
2006-03-05Gentoo Security Update Fixes WordPress SQL Injection VulnerabilityPublished
2006-03-01WordPress Cross Site Scripting And Full Path Disclosure VulnerabilitiesPublished
2006-01-16WP-Stats WordPress Plug-in "author" Remote SQL Injection VulnerabilityPublished
2005-11-25PhpWordPress Multiple Parameters Remote SQL Injection VulnerabilityPublished
2005-08-10Wordpress <= 1.5.1.3 Remote Code Execution eXploit (metasploit)Published
2005-08-10WordPress "cache_lastpostdate" Remote Code Execution IssuePublished
2005-08-09Wordpress <= 1.5.1.3 Remote Code Execution 0-Day ExploitPublished
2005-07-04Gentoo Security Update Fixes Multiple WordPress VulnerabilitiesPublished
2005-06-30WordPress SQL Injection and Cross Site Scripting VulnerabilitiesPublished
2005-06-30Wordpress <= 1.5.1.2 xmlrpc Interface SQL Injection ExploitPublished
2005-06-22WordPress <= 1.5.1.1 SQL Injection ExploitPublished
2005-06-21WordPress <= 1.5.1.1 "add new admin" SQL Injection ExploitPublished
2005-06-21WordPress <= 1.5.1.1 ""add new admin"" SQL Injection ExploitPublished
2005-05-30WordPress "cat_ID" Remote SQL Injection VulnerabilityPublished
2004-10-10WordPress Blog HTTP Splitting VulnerabilityPublished