wordpress
412 tracked vulnerabilities.
CVE-2008-2392
WordPress < 2.5.1 - Authenticated Arbitrary File Upload via Dashboard Upload Section
May 21, 2008
EPSS 0.02
CVE-2008-2146
WordPress < 2.2.3 - Unauthenticated Access Restriction Bypass via PATH_INFO Handling
May 12, 2008
EPSS 0.01
CVE-2008-2068
WordPress 2.5 - Cross-Site Scripting
May 02, 2008
EPSS 0.01
CVE-2008-2034
WordPress Download Monitor <2.0.6 - SQL Injection
Apr 30, 2008
EPSS 0.00
CVE-2008-1930
WordPress - Improper Authentication via Cookie Hash Collision
Apr 28, 2008
EPSS 0.08
CVE-2008-1982
Spreadsheet (wpSS) <0.6 - SQL Injection
Apr 27, 2008
EPSS 0.01
CVE-2008-1646
WP-Download 1.2 - SQL Injection via dl_id Parameter
Apr 02, 2008
EPSS 0.01
CVE-2008-1304
WordPress 2.3.2 - Cross-Site Scripting via Invite Email and To Parameters
Mar 12, 2008
EPSS 0.02
CVE-2008-1059
NUCLEI
Sniplets Plugin 1.1.2 and 1.2.2 - Remote Code Execution via libpath Parameter
Feb 28, 2008
EPSS 0.00
CVE-2008-1060
Sniplets Plugin 1.1.2 and 1.2.2 - Remote Code Execution via Text Parameter
Feb 28, 2008
EPSS 0.15
CVE-2008-1061
NUCLEI
Sniplets Plugin 1.1.2 and 1.2.2 for WordPress - Cross-Site Scripting via Multiple Parameters
Feb 28, 2008
EPSS 0.00
CVE-2008-0939
WP Photo Album < 1.1 - SQL Injection via Photo or Album Parameter
Feb 25, 2008
EPSS 0.02
CVE-2008-0837
Search Unleashed Plugin 0.2.10 - Stored Cross-Site Scripting via Log Feature
Feb 20, 2008
EPSS 0.00
CVE-2008-0845
Dean Logan WP-People Plugin 1.6.1 - SQL Injection via Person Parameter
Feb 20, 2008
EPSS 0.00
CVE-2008-0682
Wordspew < 3.72 - SQL Injection via id Parameter
Feb 12, 2008
EPSS 0.01
CVE-2008-0683
ShiftThis Newsletter Plugin for WordPress - SQL Injection via Newsletter Parameter
Feb 12, 2008
EPSS 0.01
CVE-2008-0691
WP-Footnotes 2.2 - Cross-Site Scripting via Multiple Admin Panel Parameters
Feb 12, 2008
EPSS 0.01
CVE-2008-0664
WordPress < 2.3.3 - Unauthenticated Post Editing via XML-RPC
Feb 08, 2008
EPSS 0.07
CVE-2008-0507
AdServe 0.2 - SQL Injection via id Parameter
Jan 31, 2008
EPSS 0.01
CVE-2008-0508
Dean's Permalinks Migration 1.0 - Cross-Site Request Forgery via old_struct Parameter
Jan 31, 2008
EPSS 0.00
CVE-2008-0520
WassUp Plugin 1.4-1.4.3 - SQL Injection via from_date or to_date Parameter
Jan 31, 2008
EPSS 0.01
CVE-2008-0490
WP-Cal Plugin 0.3 - SQL Injection via id Parameter
Jan 30, 2008
EPSS 0.01
CVE-2008-0388
WP-Forum 1.7.4 - SQL Injection via User Parameter in Showprofile Action
Jan 23, 2008
EPSS 0.02
CVE-2008-0222
Wp-FileManager 1.2 - Unauthenticated Arbitrary File Upload and Remote Code Execution via ajaxfilemanager.php
Jan 10, 2008
EPSS 0.06
CVE-2008-0191
WordPress 2.2.x-2.3.x - Exposure of Sensitive Information via Invalid RSS2 P Parameter
Jan 10, 2008
EPSS 0.01
Products
wordpress 353
wordpress_mu 10
WordPress 3
sniplets_plugin 3
blix 2
math_comment_spam_protection_plugin 2
pay-with-tweet 2
wassup_plugin 2
Buddypress 1
Social-Share-Buttons 1
adserve 1
alert_before_you_post 1
blixed 1
blixkrieg 1
blogger_importer 1
captcha 1
cryptographp 1
dean_logan_wp-people_plugin 1
debug_bar 1
download_monitor_plugin 1
fcchat_widget 1
filemanager 1
gutenberg 1
health_check_\&_troubleshooting 1
lanoba_social_plugin 1
page_flip_image_gallery_plugin 1
performance_lab 1
permalinks_migration_plugin 1
peter\'s_math_anti-spam_for_wordpress 1
photo_album_plugin 1
Quick Filters