Filter
AND
WordPressMultiple unspecified vulnerabilities in WordPress before 2.0.4 have unknown impact and remote attack…
10
First published (updated )
WordPressUnspecified vulnerability in wp-includes/js/swfobject.js in WordPress before 3.3.2 has unknown impac…
10
First published (updated )
WordPressWordpress before 2.8.3 allows remote attackers to gain privileges via a direct request to (1) admin-…
10
First published (updated )
WordPressWordpress 1.5 through 2.3.1 uses cookie values based on the MD5 hash of a password MD5 hash, which a…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
WordPressThe wp_remote_fopen function in WordPress before 2.1 allows remote attackers to cause a denial of se…
7.8
First published (updated )
WordPresswp-trackback.php in WordPress 2.0.6 and earlier does not properly unset variables when the input dat…
7.5
First published (updated )
WordPressThe (1) get_edit_post_link and (2) get_edit_comment_link functions in wp-includes/link-template.php …
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
WordPresswp-includes/vars.php in Wordpress before 2.2.3 does not properly extract the current path from the P…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
WordPressThe XML-RPC remote publishing interface in xmlrpc.php in WordPress before 3.0.3 does not properly ch…
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
WordPressThe wp_validate_auth_cookie function in wp-includes/pluggable.php in WordPress before 3.7.2 and 3.8.…
6.4
First published (updated )
WordPressThe XML-RPC implementation (xmlrpc.php) in WordPress before 2.3.3, when registration is enabled, all…
6.4
First published (updated )
WordPresswp-includes/comment.php in WordPress before 3.0.2 does not properly whitelist trackbacks and pingbac…
5.8
First published (updated )
WordPresswp-admin/plugins.php in WordPress before 3.3.2 allows remote authenticated site administrators to by…
5.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
WordPressWordPress 2.0.1 and earlier allows remote attackers to obtain sensitive information via a direct req…
First published (updated )
WordPresswp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not limi…
First published (updated )
WordPressPlupload before 1.5.4, as used in wp-includes/js/plupload/ in WordPress before 3.3.2 and other produ…
First published (updated )
WordPressWordPress before 3.4.1 does not properly restrict access to post contents such as private or draft p…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.