Latest vulnerabilities for "wordpress" 3.1.3

WordPressPath Traversal

high

7.5

First published (updated )

CVE-2017-14719

Drupal DrupalThe Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and …

medium

5

First published (updated )

CVE-2014-5266

Drupal DrupalThe Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and …

medium

5

First published (updated )

CVE-2014-5265

WordPressXSS

low

2.1

First published (updated )

CVE-2014-5240

WordPressWordPress before 3.7.2 and 3.8.x before 3.8.2 allows remote authenticated users to publish posts by …

medium

4

First published (updated )

CVE-2014-0165

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

WordPressThe wp_validate_auth_cookie function in wp-includes/pluggable.php in WordPress before 3.7.2 and 3.8.…

medium

6.4

First published (updated )

CVE-2014-0166

WordPresswp-admin/includes/class-wp-posts-list-table.php in WordPress before 3.3.3 does not properly restrict…

medium

4

First published (updated )

CVE-2012-6635

WordPresswp-admin/media-upload.php in WordPress before 3.3.3 allows remote attackers to obtain sensitive info…

medium

6.4

First published (updated )

CVE-2012-6634

WordPressXSS

medium

4.3

First published (updated )

CVE-2012-6633

WordPressXSS

medium

4.3

First published (updated )

CVE-2012-3414

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

WordPressThe create_post function in wp-includes/class-wp-atom-server.php in WordPress before 3.4.2 does not …

medium

4

First published (updated )

CVE-2012-4421

WordPresswp-admin/plugins.php in WordPress before 3.4.2, when the multisite feature is enabled, does not chec…

low

3.5

First published (updated )

CVE-2012-4422

WordPressCSRF

medium

6.8

First published (updated )

CVE-2012-3384

WordPressWordPress before 3.4.1 does not properly restrict access to post contents such as private or draft p…

medium

5

First published (updated )

CVE-2012-3385

WordPressCSRF

medium

6.8

First published (updated )

CVE-2012-1936

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

WordPressXSS

medium

4.3

First published (updated )

CVE-2012-2403

WordPressXSS

medium

4.3

First published (updated )

CVE-2012-2404

WordPressUnspecified vulnerability in wp-includes/js/swfobject.js in WordPress before 3.3.2 has unknown impac…

critical

10

First published (updated )

CVE-2012-2400

WordPressPlupload before 1.5.4, as used in wp-includes/js/plupload/ in WordPress before 3.3.2 and other produ…

medium

5

First published (updated )

CVE-2012-2401

WordPressXSS

critical

10

First published (updated )

CVE-2012-2399

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

WordPresswp-admin/plugins.php in WordPress before 3.3.2 allows remote authenticated site administrators to by…

medium

5.5

First published (updated )

CVE-2012-2402

WordPressXSS

medium

4.3

First published (updated )

CVE-2012-0782

WordPresswp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not limi…

medium

5

First published (updated )

CVE-2012-0937

WordPressInfoleak

medium

5

First published (updated )

CVE-2011-4898

WordPressXSS, Code Injection

high

7.5

First published (updated )

CVE-2011-4899

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

WordPressPath Traversal

Drupal DrupalThe Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and …

Drupal DrupalThe Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and …

WordPressXSS

WordPressWordPress before 3.7.2 and 3.8.x before 3.8.2 allows remote authenticated users to publish posts by …

Never miss a vulnerability like this again

WordPressThe wp_validate_auth_cookie function in wp-includes/pluggable.php in WordPress before 3.7.2 and 3.8.…

WordPresswp-admin/includes/class-wp-posts-list-table.php in WordPress before 3.3.3 does not properly restrict…

WordPresswp-admin/media-upload.php in WordPress before 3.3.3 allows remote attackers to obtain sensitive info…

WordPressXSS

WordPressXSS

Never miss a vulnerability like this again

WordPressThe create_post function in wp-includes/class-wp-atom-server.php in WordPress before 3.4.2 does not …

WordPresswp-admin/plugins.php in WordPress before 3.4.2, when the multisite feature is enabled, does not chec…

WordPressCSRF

WordPressWordPress before 3.4.1 does not properly restrict access to post contents such as private or draft p…

WordPressCSRF

Never miss a vulnerability like this again

WordPressXSS

WordPressXSS

WordPressUnspecified vulnerability in wp-includes/js/swfobject.js in WordPress before 3.3.2 has unknown impac…

WordPressPlupload before 1.5.4, as used in wp-includes/js/plupload/ in WordPress before 3.3.2 and other produ…

WordPressXSS

Never miss a vulnerability like this again

WordPresswp-admin/plugins.php in WordPress before 3.3.2 allows remote authenticated site administrators to by…

WordPressXSS

WordPresswp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not limi…

WordPressInfoleak

WordPressXSS, Code Injection

Never miss a vulnerability like this again

Company

Resources

Contact