Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / wordpress

wordpress

412 tracked vulnerabilities.

WordPress < 2.0.9 - Cross-Site Scripting via popuptitle Parameter

WordPress < 2.0.11 - Cross-Site Scripting via Backup Parameter

WordPress < 2.0.3 - Path Traversal and Arbitrary File Read/Delete via Backup Parameter

WordPress < 2.0.11 - Unauthenticated Sensitive Information Exposure via Empty Page Parameter

WordPress < 2.0.11 - Path Traversal and Arbitrary File Write via Page and Import Parameters

WP-ContactForm < 1.5_alpha - Cross-Site Scripting via Multiple Parameters

Cryptographp < 1.2 - Stored Cross-Site Scripting via Multiple Parameters

Math Comment Spam Protection Plugin < 2.1 - Cross-Site Scripting via Parameters

Math Comment Spam Protection Plugin < 2.1 - Cross-Site Request Forgery

WordPress Captcha Plugin < 2.5d - Cross-Site Scripting via captcha_ttffolder Parameter

PictPress < 0.91 - Path Traversal via Size or Path Parameter

WordPress <= 2.3.1 - SQL Injection via s Parameter

CVE-2007-6013 CRITICAL

WordPress 1.5-2.3.1 - Authentication Bypass via MD5 Hash Reuse

WordPress 2.3 - Cross-Site Scripting via posts_columns Array Parameter

WordPress 2.0-2.0.1 - Cross-Site Scripting via user_email Parameter

WordPress 2.0 - Cross-Site Scripting via wp-register.php user_login Parameter

WordPress < 2.2.3 and WordPress MU < 1.2.5a - Cross-Site Scripting via Unfiltered HTML Privilege

WordPress < 2.2.3 and WordPress MU < 1.2.5a - SQL Injection via XMLRPC Pingback Post Type Parameter

WordPress MU < 1.0 - Cross-Site Scripting via Weblog ID Parameter

Sirius 1.0 - Cross-Site Scripting via PATH_INFO

Blix 0.9.1 - Cross-Site Scripting via PATH_INFO

WordPress Pool 1.0.7 - Cross-Site Scripting via PATH_INFO

WordPress Classic 1.5 - Cross-Site Scripting via PATH_INFO

Unnamed theme <1.217 & SE <1.02 - XSS

WordPress 2.2.1 - Authenticated Stored Cross-Site Scripting via Admin Panel Options Database Table or OPML URL Import

Previous Page 14 of 17 Next

Products

wordpress 353 wordpress_mu 10 WordPress 3 sniplets_plugin 3 blix 2 math_comment_spam_protection_plugin 2 pay-with-tweet 2 wassup_plugin 2 Buddypress 1 Social-Share-Buttons 1 adserve 1 alert_before_you_post 1 blixed 1 blixkrieg 1 blogger_importer 1 captcha 1 cryptographp 1 dean_logan_wp-people_plugin 1 debug_bar 1 download_monitor_plugin 1 fcchat_widget 1 filemanager 1 gutenberg 1 health_check_\&_troubleshooting 1 lanoba_social_plugin 1 page_flip_image_gallery_plugin 1 performance_lab 1 permalinks_migration_plugin 1 peter\'s_math_anti-spam_for_wordpress 1 photo_album_plugin 1

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy