Filter
AND
-Infinity
0
Trending
WordPressUnspecified vulnerability in wp-includes/js/swfobject.js in WordPress before 3.3.2 has unknown impac…
10
First published (updated )
WordPressWordpress before 2.8.3 allows remote attackers to gain privileges via a direct request to (1) admin-…
10
First published (updated )
WordPressWordPress Advanced Flamingo plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerability
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
WordPressWordPress GERRYWORKS Post by Mail plugin <= 1.0 - Privilege Escalation vulnerability
8.8
EPSS
0.07%
First published (updated )
WordPressThe (1) get_edit_post_link and (2) get_edit_comment_link functions in wp-includes/link-template.php …
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
WordPresswp-includes/vars.php in Wordpress before 2.2.3 does not properly extract the current path from the P…
7.5
First published (updated )
WordPressThe XML-RPC remote publishing interface in xmlrpc.php in WordPress before 3.0.3 does not properly ch…
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
WordPressking_IE <= 1.0 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload
6.4
EPSS
0.04%
First published (updated )
WordPressBranding <= 1.0 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload
6.4
EPSS
0.04%
First published (updated )
WordPressThe wp_validate_auth_cookie function in wp-includes/pluggable.php in WordPress before 3.7.2 and 3.8.…
6.4
First published (updated )
WordPressGixaw Chat <= 1.0 - Stored XSS via CSRF
6.1
EPSS
0.05%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
WordpressWordPress WordPress Custom Settings Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)
5.9
First published (updated )
WordPresswp-admin/plugins.php in WordPress before 3.3.2 allows remote authenticated site administrators to by…
5.5
First published (updated )
WordPressWordPress before 1.5.2 allows remote attackers to obtain sensitive information via a direct request …
First published (updated )
WordPressWordPress 1.5.1.2 and earlier allows remote attackers to obtain sensitive information via (1) a dire…
First published (updated )
WordPresswp-login.php in WordPress 1.5.1.2 and earlier allows remote attackers to change the content of the f…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
WordPressWordPress 2.0.1 and earlier allows remote attackers to obtain sensitive information via a direct req…
First published (updated )
WordPresswp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not limi…
First published (updated )
WordPressPlupload before 1.5.4, as used in wp-includes/js/plupload/ in WordPress before 3.3.2 and other produ…
First published (updated )
WordPressWordPress before 3.4.1 does not properly restrict access to post contents such as private or draft p…
First published (updated )
WordPressWordPress and WordPress MU before 2.8.1 allow remote attackers to obtain sensitive information via a…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.