Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / wordpress

wordpress

412 tracked vulnerabilities.

WordPress < 2.0 - Denial of Service via Pingback Service Calls

WordPress < 2.0 - Information Disclosure via Pingback Service

WordPress 2.0.6-2.1Alpha 3 - Info Disclosure

WordPress <= 2.0.6 - SQL Injection via tb_id Parameter

WordPress < 2.0.6 - Cross-Site Scripting via CSRF Protection Scheme

WordPress < 2.0.6 - SQL Injection via Multibyte Charset Bypass

WordPress <= 2.0.5 - Information Disclosure via Login Error Messages

WordPress 2.0.5 - Cross-Site Scripting via File Parameter in wp-admin/templates.php

CVE-2006-6016 MEDIUM

WordPress < 2.0.4 - Authenticated Out-of-bounds Read via user_id Parameter

CVE-2006-6017 MEDIUM

WordPress < 2.0.5 - Authenticated Denial of Service via Malformed Serialized Object

WordPress < 2.0.5 - Authenticated Directory Traversal and Arbitrary File Write via Backup and Fragment Parameters

WordPress 2.0.2-2.0.5 - Information Disclosure via Direct File Request

WordPress < 2.0.4 - Unspecified Vulnerabilities

WordPress 2.0.3 - Information Disclosure via Invalid Paged Parameter

WordPress 2.0.3 - Information Disclosure via Direct Request to Core Directories

WordPress 2.0.2 - IP Address Spoofing via PC_REMOTE_ADDR Header

WordPress < 2.0.2 - Remote Code Execution via Profile Update Displayname Injection

WordPress < 2.0 - Cross-Site Scripting via Request URI

WordPress < 2.0.2 - Cross-Site Scripting

WordPress 1.5.2 - SQL Injection via User-Agent Header

WordPress <= 2.0.1 - Stored Cross-Site Scripting via Comment Parameters

WordPress <= 2.0.1 - Information Disclosure via Direct Request to Sensitive Files

WordPress 2.0.0 - Stored Cross-Site Scripting via Author Website Field

WordPress < 1.5.2 - Information Disclosure via Direct Request to Sensitive Files

WordPress <1.5.1.3 - Code Injection

Previous Page 16 of 17 Next

Products

wordpress 353 wordpress_mu 10 WordPress 3 sniplets_plugin 3 blix 2 math_comment_spam_protection_plugin 2 pay-with-tweet 2 wassup_plugin 2 Buddypress 1 Social-Share-Buttons 1 adserve 1 alert_before_you_post 1 blixed 1 blixkrieg 1 blogger_importer 1 captcha 1 cryptographp 1 dean_logan_wp-people_plugin 1 debug_bar 1 download_monitor_plugin 1 fcchat_widget 1 filemanager 1 gutenberg 1 health_check_\&_troubleshooting 1 lanoba_social_plugin 1 page_flip_image_gallery_plugin 1 performance_lab 1 permalinks_migration_plugin 1 peter\'s_math_anti-spam_for_wordpress 1 photo_album_plugin 1

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy