wordpress
412 tracked vulnerabilities.
CVE-2014-9038
WordPress < 3.7.5, 3.8.x < 3.8.5, 3.9.x < 3.9.3, 4.x < 4.0.1 - Server-Side Request Forgery via 127.0.0.0/8 Resource
Nov 25, 2014
EPSS 0.01
CVE-2014-9037
WordPress <4.0.1 - Info Disclosure
Nov 25, 2014
EPSS 0.03
CVE-2014-9036
WordPress < 3.7.5, 3.8.x < 3.8.5, 3.9.x < 3.9.3, 4.x < 4.0.1 - Cross-Site Scripting via CSS Token Sequence
Nov 25, 2014
EPSS 0.01
CVE-2014-9035
WordPress < 3.7.5, 3.8.x < 3.8.5, 3.9.x < 3.9.3, 4.x < 4.0.1 - Cross-Site Scripting in Press This
Nov 25, 2014
EPSS 0.01
CVE-2014-9034
WordPress Long Password DoS
Nov 25, 2014
EPSS 0.72
CVE-2014-9033
WordPress 3.7.4, 3.8.4, 3.9.2, 4.0 - Cross-Site Request Forgery in Password Reset
Nov 25, 2014
EPSS 0.01
CVE-2014-9032
WordPress < 3.9.3 and 4.x < 4.0.1 - Cross-Site Scripting in Media Playlists
Nov 25, 2014
EPSS 0.00
CVE-2014-9031
WordPress < 3.7.5, 3.8.x < 3.8.5, 3.9.x < 3.9.3 - Cross-Site Scripting via Shortcode Brackets
Nov 25, 2014
EPSS 0.01
CVE-2014-5266
WordPress < 3.9.2 - Denial of Service via Large XML Document in IXR Library
Aug 18, 2014
EPSS 0.76
CVE-2014-5265
WordPress < 3.9.2 - Denial of Service via XML Entity Expansion
Aug 18, 2014
EPSS 0.07
CVE-2014-5240
WordPress < 3.9.2 - Authenticated Cross-Site Scripting via Avatar URL
Aug 18, 2014
EPSS 0.01
CVE-2014-5205
WordPress < 3.9.2 - Cross-Site Request Forgery via Brute-Force Token Bypass
Aug 18, 2014
EPSS 0.00
CVE-2014-5204
Debian Linux < 3.9.1 - CSRF
Aug 18, 2014
EPSS 0.00
CVE-2014-5203
WordPress 3.9.x - Remote Code Execution via Serialized Data
Aug 18, 2014
EPSS 0.06
CVE-2014-0166
WordPress <3.7.2, <3.8.2 - Info Disclosure
Apr 10, 2014
EPSS 0.38
CVE-2014-0165
WordPress < 3.7.2 and 3.8.x < 3.8.2 - Authenticated Post Publication via Contributor Role
Apr 10, 2014
EPSS 0.01
CVE-2013-10027
MEDIUM
Blogger Importer Plugin <0.6 - CSRF
Jun 04, 2023
CVSS 4.3
EPSS 0.00
CVE-2013-10021
LOW
WordPress dd32 Debug Bar Plugin <0.8 - XSS
Mar 11, 2023
CVSS 3.5
EPSS 0.00
CVE-2013-7240
NUCLEI
Advanced Dewplayer <1.2 - Path Traversal
Jan 03, 2014
EPSS 0.41
CVE-2013-7233
WordPress < 2.0.11 - Cross-Site Request Forgery via Retrospam Component
Dec 30, 2013
EPSS 0.00
CVE-2013-5739
WordPress < 3.6.1 - Authenticated Cross-Site Scripting via SWF/EXE File Upload
Sep 12, 2013
EPSS 0.00
CVE-2013-5738
WordPress < 3.6.1 - Authenticated Cross-Site Scripting via HTML File Upload
Sep 12, 2013
EPSS 0.01
CVE-2013-4340
WordPress < 3.6.1 - Authenticated Post Authorship Spoofing via user_ID Parameter
Sep 12, 2013
EPSS 0.01
CVE-2013-4339
WordPress < 3.6.1 - Open Redirect via URL Validation Bypass
Sep 12, 2013
EPSS 0.01
CVE-2013-4338
WordPress < 3.6.1 - Remote Code Execution via PHP Unserialize
Sep 12, 2013
EPSS 0.10
Products
wordpress 353
wordpress_mu 10
WordPress 3
sniplets_plugin 3
blix 2
math_comment_spam_protection_plugin 2
pay-with-tweet 2
wassup_plugin 2
Buddypress 1
Social-Share-Buttons 1
adserve 1
alert_before_you_post 1
blixed 1
blixkrieg 1
blogger_importer 1
captcha 1
cryptographp 1
dean_logan_wp-people_plugin 1
debug_bar 1
download_monitor_plugin 1
fcchat_widget 1
filemanager 1
gutenberg 1
health_check_\&_troubleshooting 1
lanoba_social_plugin 1
page_flip_image_gallery_plugin 1
performance_lab 1
permalinks_migration_plugin 1
peter\'s_math_anti-spam_for_wordpress 1
photo_album_plugin 1
Quick Filters