Filter
AND
WordPress WordPressWordPress < 6.3.2 - Unauthenticated Post Author Email Disclosure
5.3
First published (updated )
WordPress WordPressWordPress < 6.3.2 is vulnerable to Broken Access Control
4.3
First published (updated )
WordPress WordPressImproper authentication vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthent…
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
WordPress WordPressObject injection via local phar file
9.8
First published (updated )
WordPress WordPressAuthenticated XSS via media attachment page in WordPress
6.8
First published (updated )
WordPress WordPressOpen redirect in wp_validate_redirect() in WordPress
5.7
First published (updated )
WordPress WordPressAuthenticated self-XSS via theme uploads in WordPress
3.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
WordPress WordPressset-screen-option filter misuse by plugins leading to privilege escalation in WordPress
First published (updated )
WordPress WordPressAuthenticated XSS through embed block in WordPress
5.4
First published (updated )
WordPress WordPressSpecially crafted filenames in WordPress leading to XSS
8.7
First published (updated )
WordPress WordPressCross-site scripting in stats method (object cache) in WordPress
6.1
First published (updated )
WordPress WordPressPassword reset links invalidation issue in WordPress
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
debian/wordpresswp-admin/user-new.php in WordPress before 4.9.1 sets the newbloguser key to a string that can be dir…
8.8
First published (updated )