Filter
AND

Wordpress Blogger ImporterCSRF

8.8
First published (updated )

Wordpress Performance LabWordPress Performance Lab Plugin <= 2.2.0 is vulnerable to Cross Site Request Forgery (CSRF)

8.8
First published (updated )

Wordpress Health Check \& TroubleshootingWordPress Health Check & Troubleshooting Plugin <= 1.5.1 is vulnerable to Cross Site Request Forgery (CSRF)

8.8
First published (updated )

Debian Debian LinuxStored XSS in WordPress

First published (updated )

Debian Debian LinuxAuthenticated Object Injection in Multisites in WordPress

7.2
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Debian Debian LinuxSQL injection in WordPress

8.8
First published (updated )

Debian Debian LinuxWordPress Core WP_Query SQL Injection Information Disclosure Vulnerability

First published (updated )

WordPress WordPressWordPress 5.8 beta: Stored Cross-Site Scripting (XSS) vulnerability in widget

7.6
First published (updated )

debian/wordpressAuthenticated cross-site scripting (XSS) in WordPress editor

7.6
First published (updated )

Debian Debian LinuxWordPress Authenticated XXE attack when installation is running PHP 8

7.1
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Fedoraproject FedoraWordPress before 5.5.2 mishandles embeds from disabled sites on a multisite network, as demonstrated…

7.5
First published (updated )

WordPress WordPressSpecially crafted filenames in WordPress leading to XSS

8.7
First published (updated )

Debian Debian LinuxUnauthenticated disclosure of certain private posts in WordPress

7.5
First published (updated )

WordPress WordPressPassword reset links invalidation issue in WordPress

8.1
First published (updated )

Snapcreek DuplicatorWordPress Snap Creek Duplicator Plugin File Download Vulnerability

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Debian Debian LinuxWordPress before 5.2.4 is vulnerable to poisoning of the cache of JSON GET requests because certain …

7.5
First published (updated )

Debian Debian LinuxCSRF

8.8
First published (updated )

debian/wordpressXSS, CSRF

8.8
First published (updated )

WordPress WordPressMalicious File Upload

8.8
First published (updated )

WordPress WordPressInfoleak

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

WordPress WordPressInput Validation

8.8
First published (updated )

WordPress WordPressInput Validation

8.8
First published (updated )

WordPress WordPressMalicious File Upload

7.2
First published (updated )

Debian Debian LinuxPath Traversal

8.8
First published (updated )

WordPress WordPressIn WordPress through 4.9.2, unauthenticated attackers can cause a denial of service (resource consum…

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

debian/wordpresswp-admin/user-new.php in WordPress before 4.9.1 sets the newbloguser key to a string that can be dir…

8.8
First published (updated )

WordPress WordPressWeak Encryption

7.5
First published (updated )

WordPress WordPressPath Traversal

7.5
First published (updated )

WordPress WordPressPath Traversal

7.5
First published (updated )

composer/phpmailer/phpmailerObject injection

8.8
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Debian Debian LinuxSSRF

8.6
First published (updated )

Debian Debian LinuxInput Validation

7.5
First published (updated )

Debian Debian LinuxCSRF, XSS

8.6
First published (updated )

Debian Debian LinuxCSRF

8.8
First published (updated )

WordPress WordPressThe register_routes function in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in…

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

WordPress WordPressPath Traversal

7.1
First published (updated )

WordPress WordPressCSRF

8.8
First published (updated )

WordPress WordPressWeak RNG

7.5
First published (updated )

WordPress WordPressCSRF

8.8
First published (updated )

WordPress WordPressSSRF

8.6
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

WordPress WordPressCSRF

8.8
First published (updated )

WordPress WordPressWordPress before 4.5.3 allows remote attackers to bypass intended access restrictions and remove a c…

7.5
First published (updated )

WordPress WordPressThe oEmbed protocol implementation in WordPress before 4.5.3 allows remote attackers to cause a deni…

7.5
First published (updated )

WordPress WordPressInfoleak

7.5
First published (updated )

WordPress WordPressWordPress before 4.5.3 allows remote attackers to bypass intended password-change restrictions by le…

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

WordPress WordPressWordPress before 4.5.3 allows remote attackers to bypass the sanitize_file_name protection mechanism…

7.5
First published (updated )

WordPress WordPressThe customizer in WordPress before 4.5.3 allows remote attackers to bypass intended redirection rest…

7.5
First published (updated )

WordPress WordPressSSRF

8.6
First published (updated )

WordPress WordPressOpen redirect vulnerability in the wp_validate_redirect function in wp-includes/pluggable.php in Wor…

7.4
First published (updated )

WordPress WordPressSQL Injection

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203