Wordpress

407 tracked vulnerabilities.

CVE-2019-8942 HIGH
Wordpress < 4.9.9 - Unrestricted File Upload
Feb 20, 2019
CVSS 8.8
EPSS 0.93
CVE-2018-20153 MEDIUM
WordPress <4.9.9 & <5.0.1 - XSS
Dec 14, 2018
CVSS 5.4
EPSS 0.05
CVE-2018-20152 MEDIUM
WordPress <4.9.9 & <5.0.1 - Auth Bypass
Dec 14, 2018
CVSS 6.5
EPSS 0.12
CVE-2018-20151 HIGH
WordPress <4.9.9, 5.x <5.0.1 - Info Disclosure
Dec 14, 2018
CVSS 7.5
EPSS 0.07
CVE-2018-20150 MEDIUM
WordPress <4.9.9 & 5.x <5.0.1 - XSS
Dec 14, 2018
CVSS 6.1
EPSS 0.07
CVE-2018-20149 MEDIUM
WordPress <4.9.9 & <5.0.1 - XSS
Dec 14, 2018
CVSS 5.4
EPSS 0.04
CVE-2018-20148 CRITICAL
WordPress <4.9.9, 5.x <5.0.1 - Code Injection
Dec 14, 2018
CVSS 9.8
EPSS 0.55
CVE-2018-20147 MEDIUM
WordPress <4.9.9 & <5.0.1 - Auth Bypass
Dec 14, 2018
CVSS 6.5
EPSS 0.06
CVE-2018-19296 HIGH
PHPMailer <5.2.27, <6.0.6 - Code Injection
Nov 16, 2018
CVSS 8.8
EPSS 0.01
CVE-2018-1000773 HIGH
WordPress <4.9.8 - RCE
Sep 06, 2018
CVSS 8.8
EPSS 0.24
CVE-2017-1000600 HIGH
WordPress <4.9 - RCE
Sep 06, 2018
CVSS 8.8
EPSS 0.21
CVE-2018-14028 HIGH
WordPress 4.9.7 - Code Injection
Aug 10, 2018
CVSS 7.2
EPSS 0.02
CVE-2018-12895 HIGH
Wordpress < 4.9.7 - Path Traversal
Jun 26, 2018
CVSS 8.8
EPSS 0.89
CVE-2018-10102 MEDIUM
WordPress <4.9.5 - XSS
Apr 16, 2018
CVSS 6.1
EPSS 0.05
CVE-2018-10101 MEDIUM
WordPress <4.9.5 - Info Disclosure
Apr 16, 2018
CVSS 6.1
EPSS 0.09
CVE-2018-10100 MEDIUM
WordPress <4.9.5 - Open Redirect
Apr 16, 2018
CVSS 6.1
EPSS 0.07
CVE-2014-6412 HIGH
WordPress <4.4 - Info Disclosure
Apr 12, 2018
CVSS 8.1
EPSS 0.02
CVE-2018-6389 HIGH
Wordpress < 4.9.2 - Denial of Service
Feb 06, 2018
CVSS 7.5
EPSS 0.87
CVE-2018-5776 MEDIUM
WordPress <4.9.2 - XSS
Jan 18, 2018
CVSS 6.1
EPSS 0.03
CVE-2017-17094 MEDIUM
WordPress <4.9.1 - XSS
Dec 02, 2017
CVSS 5.4
EPSS 0.07
CVE-2017-17093 MEDIUM
WordPress <4.9.1 - XSS
Dec 02, 2017
CVSS 5.4
EPSS 0.06
CVE-2017-17092 MEDIUMNUCLEI
WordPress < 4.9.1 - Authenticated JavaScript File Upload
Dec 02, 2017
CVSS 5.4
EPSS 0.03
CVE-2017-17091 HIGH
WordPress <4.9.1 - Info Disclosure
Dec 02, 2017
CVSS 8.8
EPSS 0.04
CVE-2017-16510 CRITICAL
WordPress <4.8.3 - SQL Injection
Nov 02, 2017
CVSS 9.8
EPSS 0.04
CVE-2012-6707 HIGH
Wordpress < 4.8.2 - Weak Encryption
Oct 19, 2017
CVSS 7.5
EPSS 0.00
Products
wordpress 353 wordpress_mu 10 sniplets_plugin 3 blix 2 wassup_plugin 2 pay-with-tweet 2 math_comment_spam_protection_plugin 2 dean_logan_wp-people_plugin 1 debug_bar 1 download_monitor_plugin 1 fcchat_widget 1 filemanager 1 gutenberg 1 health_check_\&_troubleshooting 1 lanoba_social_plugin 1 page_flip_image_gallery_plugin 1 performance_lab 1 permalinks_migration_plugin 1 peter\'s_math_anti-spam_for_wordpress 1 photo_album_plugin 1 pictpress 1 plugin_newsletter_plugin 1 pool 1 requests 1 search_unleashed_plugin 1 sirius 1 slideshow_gallery2 1 spambam_plugin 1 st_newsletter_plugin 1 thanh_toan_quet_ma_qr_code_tu_dong 1
Quick Filters
Critical CVEs With Exploits In CISA KEV