Medium 6.1
2026-03-10
WordPress <= 6.9.1 - Authenticated (Author+) XML External Entity Injection via getID3 Library Media Upload
WordPress 3.6 Vulnerabilities
Vulnerabilities 562All 3.6.x releases →
Medium 6.1
2026-03-10
WordPress <= 6.9.1 - Authenticated (Author+) XML External Entity Injection via getID3 Library Media Upload
Medium 6.1
2026-03-10
WordPress <= 6.9.1 - Authenticated (Author+) XML External Entity Injection via getID3 Library Media Upload
Medium 6.1
2026-03-10
WordPress <= 6.9.1 - Authenticated (Author+) XML External Entity Injection via getID3 Library Media Upload
Medium 6.1
2026-03-10
WordPress <= 6.9.1 - Authenticated (Author+) XML External Entity Injection via getID3 Library Media Upload
Medium 6.1
2026-03-10
WordPress <= 6.9.1 - Authenticated (Author+) XML External Entity Injection via getID3 Library Media Upload
Medium 6.1
2026-03-10
WordPress <= 6.9.1 - Authenticated (Author+) XML External Entity Injection via getID3 Library Media Upload
Medium 6.1
2026-03-10
WordPress <= 6.9.1 - Authenticated (Author+) XML External Entity Injection via getID3 Library Media Upload
Medium 5.4
2024-10-16
CVE-2022-4973
Medium 5.4
2024-10-16
CVE-2022-4973
Medium 5.4
2024-10-16
CVE-2022-4973
Medium 5.4
2024-10-16
CVE-2022-4973
Medium 5.4
2024-10-16
CVE-2022-4973
Medium 5.4
2024-10-16
CVE-2022-4973
Medium 5.4
2024-10-16
CVE-2022-4973
Medium 5.4
2024-10-16
CVE-2022-4973
Medium 5.9
2022-12-14
CVE-2022-3590
Medium 5.9
2022-12-14
CVE-2022-3590
Medium 5.9
2022-12-14
CVE-2022-3590
Medium 5.9
2022-12-14
CVE-2022-3590
Medium 5.9
2022-12-14
CVE-2022-3590
Medium 5.9
2022-12-14
CVE-2022-3590
Medium 5.9
2022-12-14
CVE-2022-3590
Medium 5.9
2022-12-14
CVE-2022-3590
N/A
2022-08-31
WordPress <= 6.0.1 - Authenticated Cross-Site Scripting (XSS) vulnerability
N/A
2022-08-31
WordPress <= 6.0.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
N/A
2022-08-31
WordPress <= 6.0.1 - Authenticated SQL Injection (SQLi) vulnerability via Link API
N/A
2022-08-31
WordPress <= 6.0.1 - Authenticated Cross-Site Scripting (XSS) vulnerability
N/A
2022-08-31
WordPress <= 6.0.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
N/A
2022-08-31
WordPress <= 6.0.1 - Authenticated SQL Injection (SQLi) vulnerability via Link API
N/A
2022-08-31
WordPress <= 6.0.1 - Authenticated Cross-Site Scripting (XSS) vulnerability
N/A
2022-08-31
WordPress <= 6.0.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
N/A
2022-08-31
WordPress <= 6.0.1 - Authenticated SQL Injection (SQLi) vulnerability via Link API
N/A
2022-08-31
WordPress <= 6.0.1 - Authenticated Cross-Site Scripting (XSS) vulnerability
N/A
2022-08-31
WordPress <= 6.0.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
N/A
2022-08-31
WordPress <= 6.0.1 - Authenticated SQL Injection (SQLi) vulnerability via Link API
N/A
2022-08-31
WordPress <= 6.0.1 - Authenticated Cross-Site Scripting (XSS) vulnerability
N/A
2022-08-31
WordPress <= 6.0.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
N/A
2022-08-31
WordPress <= 6.0.1 - Authenticated SQL Injection (SQLi) vulnerability via Link API
N/A
2022-08-31
WordPress <= 6.0.1 - Authenticated Cross-Site Scripting (XSS) vulnerability
N/A
2022-08-31
WordPress <= 6.0.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
N/A
2022-08-31
WordPress <= 6.0.1 - Authenticated SQL Injection (SQLi) vulnerability via Link API
N/A
2022-08-31
WordPress <= 6.0.1 - Authenticated Cross-Site Scripting (XSS) vulnerability
N/A
2022-08-31
WordPress <= 6.0.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
N/A
2022-08-31
WordPress <= 6.0.1 - Authenticated SQL Injection (SQLi) vulnerability via Link API
N/A
2022-08-31
WordPress <= 6.0.1 - Authenticated Cross-Site Scripting (XSS) vulnerability
N/A
2022-08-31
WordPress <= 6.0.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
N/A
2022-08-31
WordPress <= 6.0.1 - Authenticated SQL Injection (SQLi) vulnerability via Link API
High 8.8
2022-05-17
High 8.8
2022-05-17
High 8.8
2022-05-17
High 8.8
2022-05-17
High 8.8
2022-05-17
High 8.8
2022-05-17
High 8.8
2022-05-17
High 8.8
2022-05-17
Medium 6.5
2022-05-14
Medium 6.1
2022-05-14
Medium 5.4
2022-05-14
Medium 5.4
2022-05-14
Medium 6.5
2022-05-14
Medium 6.1
2022-05-14
Medium 5.4
2022-05-14
Medium 5.4
2022-05-14
Medium 6.5
2022-05-14
Medium 6.1
2022-05-14
Medium 5.4
2022-05-14
Medium 5.4
2022-05-14
Medium 6.5
2022-05-14
Medium 6.1
2022-05-14
Medium 5.4
2022-05-14
Medium 5.4
2022-05-14
Medium 6.5
2022-05-14
Medium 6.1
2022-05-14
Medium 5.4
2022-05-14
Medium 5.4
2022-05-14
Medium 6.5
2022-05-14
Medium 6.1
2022-05-14
Medium 5.4
2022-05-14
Medium 5.4
2022-05-14
Medium 6.5
2022-05-14
Medium 6.1
2022-05-14
Medium 5.4
2022-05-14
Medium 5.4
2022-05-14
Medium 6.5
2022-05-14
Medium 6.1
2022-05-14
Medium 5.4
2022-05-14
Medium 5.4
2022-05-14
High 7.5
2022-05-13
High 7.5
2022-05-13
High 7.5
2022-05-13
High 7.5
2022-05-13
High 7.5
2022-05-13
High 7.5
2022-05-13
High 7.5
2022-05-13
High 7.5
2022-05-13
N/A
2022-03-11
WordPress <= 5.9.1 - Stored Cross-Site Scripting (XSS) vulnerability
N/A
2022-03-11
WordPress <= 5.9.1 - Stored Cross-Site Scripting (XSS) vulnerability
N/A
2022-03-11
WordPress <= 5.9.1 - Stored Cross-Site Scripting (XSS) vulnerability
N/A
2022-03-11
WordPress <= 5.9.1 - Stored Cross-Site Scripting (XSS) vulnerability
N/A
2022-03-11
WordPress <= 5.9.1 - Stored Cross-Site Scripting (XSS) vulnerability
N/A
2022-03-11
WordPress <= 5.9.1 - Stored Cross-Site Scripting (XSS) vulnerability
N/A
2022-03-11
WordPress <= 5.9.1 - Stored Cross-Site Scripting (XSS) vulnerability
N/A
2022-03-11
WordPress <= 5.9.1 - Stored Cross-Site Scripting (XSS) vulnerability
N/A
2021-11-10
WordPress core <= 5.8.1 - Expired DST Root CA X3 Certificate issue
N/A
2021-11-10
WordPress core <= 5.8.1 - Expired DST Root CA X3 Certificate issue
N/A
2021-11-10
WordPress core <= 5.8.1 - Expired DST Root CA X3 Certificate issue
N/A
2021-11-10
WordPress core <= 5.8.1 - Expired DST Root CA X3 Certificate issue
N/A
2021-11-10
WordPress core <= 5.8.1 - Expired DST Root CA X3 Certificate issue
N/A
2021-11-10
WordPress core <= 5.8.1 - Expired DST Root CA X3 Certificate issue
N/A
2021-11-10
WordPress core <= 5.8.1 - Expired DST Root CA X3 Certificate issue
N/A
2021-11-10
WordPress core <= 5.8.1 - Expired DST Root CA X3 Certificate issue
N/A
2021-09-09
WordPress core <= 5.8 - Command injection vulnerability in the Lodash library
N/A
2021-09-09
WordPress core <= 5.8 - Command injection vulnerability in the Lodash library
N/A
2021-09-09
WordPress core <= 5.8 - Command injection vulnerability in the Lodash library
N/A
2021-09-09
WordPress core <= 5.8 - Command injection vulnerability in the Lodash library
N/A
2021-09-09
WordPress core <= 5.8 - Command injection vulnerability in the Lodash library
N/A
2021-09-09
WordPress core <= 5.8 - Command injection vulnerability in the Lodash library
N/A
2021-09-09
WordPress core <= 5.8 - Command injection vulnerability in the Lodash library
N/A
2021-09-09
WordPress core <= 5.8 - Command injection vulnerability in the Lodash library
N/A
2021-05-13
WordPress <= 5.7.1 - Object injection in PHPMailer vulnerability
N/A
2021-05-13
WordPress <= 5.7.1 - Object injection in PHPMailer vulnerability
N/A
2021-05-13
WordPress <= 5.7.1 - Object injection in PHPMailer vulnerability
N/A
2021-05-13
WordPress <= 5.7.1 - Object injection in PHPMailer vulnerability
N/A
2021-05-13
WordPress <= 5.7.1 - Object injection in PHPMailer vulnerability
N/A
2021-05-13
WordPress <= 5.7.1 - Object injection in PHPMailer vulnerability
N/A
2021-05-13
WordPress <= 5.7.1 - Object injection in PHPMailer vulnerability
N/A
2021-05-13
WordPress <= 5.7.1 - Object injection in PHPMailer vulnerability
Critical 9.8
2021-04-28
CVE-2020-36326
Critical 9.8
2021-04-28
CVE-2020-36326
Critical 9.8
2021-04-28
CVE-2020-36326
Critical 9.8
2021-04-28
CVE-2020-36326
Critical 9.8
2021-04-28
CVE-2020-36326
Critical 9.8
2021-04-28
CVE-2020-36326
Critical 9.8
2021-04-28
CVE-2020-36326
Critical 9.8
2021-04-28
CVE-2020-36326
N/A
2021-04-15
WordPress core 4.7-5.7 - Sensitive Data Exposure vulnerability
N/A
2021-04-15
WordPress core 4.7-5.7 - Sensitive Data Exposure vulnerability
N/A
2021-04-15
WordPress core 4.7-5.7 - Sensitive Data Exposure vulnerability
N/A
2021-04-15
WordPress core 4.7-5.7 - Sensitive Data Exposure vulnerability
N/A
2021-04-15
WordPress core 4.7-5.7 - Sensitive Data Exposure vulnerability
N/A
2021-04-15
WordPress core 4.7-5.7 - Sensitive Data Exposure vulnerability
N/A
2021-04-15
WordPress core 4.7-5.7 - Sensitive Data Exposure vulnerability
N/A
2021-04-15
WordPress core 4.7-5.7 - Sensitive Data Exposure vulnerability
N/A
2020-10-29
WordPress <= 5.5.1 - XML-RPC Privilege Escalation vulnerability
N/A
2020-10-29
WordPress <= 5.5.1 - XML-RPC Privilege Escalation vulnerability
N/A
2020-10-29
WordPress <= 5.5.1 - XML-RPC Privilege Escalation vulnerability
N/A
2020-10-29
WordPress <= 5.5.1 - XML-RPC Privilege Escalation vulnerability
N/A
2020-10-29
WordPress <= 5.5.1 - XML-RPC Privilege Escalation vulnerability
N/A
2020-10-29
WordPress <= 5.5.1 - XML-RPC Privilege Escalation vulnerability
N/A
2020-10-29
WordPress <= 5.5.1 - XML-RPC Privilege Escalation vulnerability
N/A
2020-10-29
WordPress <= 5.5.1 - XML-RPC Privilege Escalation vulnerability
N/A
2019-12-13
WordPress <= 5.3 - Stored Cross-Site Scripting (XSS) vulnerability
N/A
2019-12-13
WordPress <= 5.3 - Stored Cross-Site Scripting (XSS) vulnerability
N/A
2019-12-13
WordPress <= 5.3 - Stored Cross-Site Scripting (XSS) vulnerability
N/A
2019-12-13
WordPress <= 5.3 - Stored Cross-Site Scripting (XSS) vulnerability
N/A
2019-12-13
WordPress <= 5.3 - Stored Cross-Site Scripting (XSS) vulnerability
N/A
2019-12-13
WordPress <= 5.3 - Stored Cross-Site Scripting (XSS) vulnerability
N/A
2019-12-13
WordPress <= 5.3 - Stored Cross-Site Scripting (XSS) vulnerability
N/A
2019-12-13
WordPress <= 5.3 - Stored Cross-Site Scripting (XSS) vulnerability
N/A
2019-10-15
WordPress <= 5.2.3 - Multiple security issues (XSS, SSRF, Cache Poisoning)
N/A
2019-10-15
WordPress <= 5.2.3 - Multiple security issues (XSS, SSRF, Cache Poisoning)
N/A
2019-10-15
WordPress <= 5.2.3 - Multiple security issues (XSS, SSRF, Cache Poisoning)
N/A
2019-10-15
WordPress <= 5.2.3 - Multiple security issues (XSS, SSRF, Cache Poisoning)
N/A
2019-10-15
WordPress <= 5.2.3 - Multiple security issues (XSS, SSRF, Cache Poisoning)
N/A
2019-10-15
WordPress <= 5.2.3 - Multiple security issues (XSS, SSRF, Cache Poisoning)
N/A
2019-10-15
WordPress <= 5.2.3 - Multiple security issues (XSS, SSRF, Cache Poisoning)
N/A
2019-10-15
WordPress <= 5.2.3 - Multiple security issues (XSS, SSRF, Cache Poisoning)
N/A
2019-09-05
WordPress core <= 5.2.2 - Cross-Site Scripting (XSS) vulnerability
N/A
2019-09-05
WordPress core <= 5.2.2 - Cross-Site Scripting (XSS) vulnerability
N/A
2019-09-05
WordPress core <= 5.2.2 - Cross-Site Scripting (XSS) vulnerability
N/A
2019-09-05
WordPress core <= 5.2.2 - Cross-Site Scripting (XSS) vulnerability
N/A
2019-09-05
WordPress core <= 5.2.2 - Cross-Site Scripting (XSS) vulnerability
N/A
2019-09-05
WordPress core <= 5.2.2 - Cross-Site Scripting (XSS) vulnerability
N/A
2019-09-05
WordPress core <= 5.2.2 - Cross-Site Scripting (XSS) vulnerability
N/A
2019-09-05
WordPress core <= 5.2.2 - Cross-Site Scripting (XSS) vulnerability
N/A
2019-03-13
WordPress 3.9-5.1 - Cross-Site Scripting (XSS) vulnerability
N/A
2019-03-13
WordPress 3.9-5.1 - Cross-Site Scripting (XSS) vulnerability
N/A
2019-03-13
WordPress 3.9-5.1 - Cross-Site Scripting (XSS) vulnerability
N/A
2019-03-13
WordPress 3.9-5.1 - Cross-Site Scripting (XSS) vulnerability
N/A
2019-03-13
WordPress 3.9-5.1 - Cross-Site Scripting (XSS) vulnerability
N/A
2019-03-13
WordPress 3.9-5.1 - Cross-Site Scripting (XSS) vulnerability
N/A
2019-03-13
WordPress 3.9-5.1 - Cross-Site Scripting (XSS) vulnerability
N/A
2019-03-13
WordPress 3.9-5.1 - Cross-Site Scripting (XSS) vulnerability
N/A
2018-12-13
WordPress <= 5.0 - Authenticated File Delete vulnerability
N/A
2018-12-13
WordPress <= 5.0 - Authenticated Post Type Bypass vulnerability
N/A
2018-12-13
WordPress <= 5.0 - PHP Object Injection via Meta Data vulnerability
N/A
2018-12-13
WordPress <= 5.0 - Authenticated Cross-Site Scripting (XSS) vulnerability
N/A
2018-12-13
WordPress <= 5.0 - Cross-Site Scripting (XSS) vulnerability that could affect plugins
N/A
2018-12-13
WordPress <= 5.0 - User Activation Screen Search Engine Indexing
N/A
2018-12-13
WordPress <= 5.0 - File Upload to XSS on Apache Web Servers vulnerability
N/A
2018-12-13
WordPress <= 5.0 - Authenticated File Delete vulnerability
N/A
2018-12-13
WordPress <= 5.0 - Authenticated Post Type Bypass vulnerability
N/A
2018-12-13
WordPress <= 5.0 - PHP Object Injection via Meta Data vulnerability
N/A
2018-12-13
WordPress <= 5.0 - Authenticated Cross-Site Scripting (XSS) vulnerability
N/A
2018-12-13
WordPress <= 5.0 - Cross-Site Scripting (XSS) vulnerability that could affect plugins
N/A
2018-12-13
WordPress <= 5.0 - User Activation Screen Search Engine Indexing
N/A
2018-12-13
WordPress <= 5.0 - File Upload to XSS on Apache Web Servers vulnerability
N/A
2018-12-13
WordPress <= 5.0 - Authenticated File Delete vulnerability
N/A
2018-12-13
WordPress <= 5.0 - Authenticated Post Type Bypass vulnerability
N/A
2018-12-13
WordPress <= 5.0 - PHP Object Injection via Meta Data vulnerability
N/A
2018-12-13
WordPress <= 5.0 - Authenticated Cross-Site Scripting (XSS) vulnerability
N/A
2018-12-13
WordPress <= 5.0 - Cross-Site Scripting (XSS) vulnerability that could affect plugins
N/A
2018-12-13
WordPress <= 5.0 - User Activation Screen Search Engine Indexing
N/A
2018-12-13
WordPress <= 5.0 - File Upload to XSS on Apache Web Servers vulnerability
N/A
2018-12-13
WordPress <= 5.0 - Authenticated File Delete vulnerability
N/A
2018-12-13
WordPress <= 5.0 - Authenticated Post Type Bypass vulnerability
N/A
2018-12-13
WordPress <= 5.0 - PHP Object Injection via Meta Data vulnerability
N/A
2018-12-13
WordPress <= 5.0 - Authenticated Cross-Site Scripting (XSS) vulnerability
N/A
2018-12-13
WordPress <= 5.0 - Cross-Site Scripting (XSS) vulnerability that could affect plugins
N/A
2018-12-13
WordPress <= 5.0 - User Activation Screen Search Engine Indexing
N/A
2018-12-13
WordPress <= 5.0 - File Upload to XSS on Apache Web Servers vulnerability
N/A
2018-12-13
WordPress <= 5.0 - Authenticated File Delete vulnerability
N/A
2018-12-13
WordPress <= 5.0 - Authenticated Post Type Bypass vulnerability
N/A
2018-12-13
WordPress <= 5.0 - PHP Object Injection via Meta Data vulnerability
N/A
2018-12-13
WordPress <= 5.0 - Authenticated Cross-Site Scripting (XSS) vulnerability
N/A
2018-12-13
WordPress <= 5.0 - Cross-Site Scripting (XSS) vulnerability that could affect plugins
N/A
2018-12-13
WordPress <= 5.0 - User Activation Screen Search Engine Indexing
N/A
2018-12-13
WordPress <= 5.0 - File Upload to XSS on Apache Web Servers vulnerability
N/A
2018-12-13
WordPress <= 5.0 - Authenticated File Delete vulnerability
N/A
2018-12-13
WordPress <= 5.0 - Authenticated Post Type Bypass vulnerability
N/A
2018-12-13
WordPress <= 5.0 - PHP Object Injection via Meta Data vulnerability
N/A
2018-12-13
WordPress <= 5.0 - Authenticated Cross-Site Scripting (XSS) vulnerability
N/A
2018-12-13
WordPress <= 5.0 - Cross-Site Scripting (XSS) vulnerability that could affect plugins
N/A
2018-12-13
WordPress <= 5.0 - User Activation Screen Search Engine Indexing
N/A
2018-12-13
WordPress <= 5.0 - File Upload to XSS on Apache Web Servers vulnerability
N/A
2018-12-13
WordPress <= 5.0 - Authenticated File Delete vulnerability
N/A
2018-12-13
WordPress <= 5.0 - Authenticated Post Type Bypass vulnerability
N/A
2018-12-13
WordPress <= 5.0 - PHP Object Injection via Meta Data vulnerability
N/A
2018-12-13
WordPress <= 5.0 - Authenticated Cross-Site Scripting (XSS) vulnerability
N/A
2018-12-13
WordPress <= 5.0 - Cross-Site Scripting (XSS) vulnerability that could affect plugins
N/A
2018-12-13
WordPress <= 5.0 - User Activation Screen Search Engine Indexing
N/A
2018-12-13
WordPress <= 5.0 - File Upload to XSS on Apache Web Servers vulnerability
N/A
2018-12-13
WordPress <= 5.0 - Authenticated File Delete vulnerability
N/A
2018-12-13
WordPress <= 5.0 - Authenticated Post Type Bypass vulnerability
N/A
2018-12-13
WordPress <= 5.0 - PHP Object Injection via Meta Data vulnerability
N/A
2018-12-13
WordPress <= 5.0 - Authenticated Cross-Site Scripting (XSS) vulnerability
N/A
2018-12-13
WordPress <= 5.0 - Cross-Site Scripting (XSS) vulnerability that could affect plugins
N/A
2018-12-13
WordPress <= 5.0 - User Activation Screen Search Engine Indexing
N/A
2018-12-13
WordPress <= 5.0 - File Upload to XSS on Apache Web Servers vulnerability
High 7.2
2018-08-10
CVE-2018-14028
High 7.2
2018-08-10
CVE-2018-14028
High 7.2
2018-08-10
CVE-2018-14028
High 7.2
2018-08-10
CVE-2018-14028
High 7.2
2018-08-10
CVE-2018-14028
High 7.2
2018-08-10
CVE-2018-14028
High 7.2
2018-08-10
CVE-2018-14028
High 7.2
2018-08-10
CVE-2018-14028
N/A
2018-04-05
WordPress <=4.9.4 - Vulnerable due to "localhost" default parameter
N/A
2018-04-05
WordPress <=4.9.4 - Use Safe Redirect for Login
N/A
2018-04-05
WordPress <=4.9.4 - Escape Version in Generator Tag
N/A
2018-04-05
WordPress <=4.9.4 - Vulnerable due to "localhost" default parameter
N/A
2018-04-05
WordPress <=4.9.4 - Use Safe Redirect for Login
N/A
2018-04-05
WordPress <=4.9.4 - Escape Version in Generator Tag
N/A
2018-04-05
WordPress <=4.9.4 - Vulnerable due to "localhost" default parameter
N/A
2018-04-05
WordPress <=4.9.4 - Use Safe Redirect for Login
N/A
2018-04-05
WordPress <=4.9.4 - Escape Version in Generator Tag
N/A
2018-04-05
WordPress <=4.9.4 - Vulnerable due to "localhost" default parameter
N/A
2018-04-05
WordPress <=4.9.4 - Use Safe Redirect for Login
N/A
2018-04-05
WordPress <=4.9.4 - Escape Version in Generator Tag
N/A
2018-04-05
WordPress <=4.9.4 - Vulnerable due to "localhost" default parameter
N/A
2018-04-05
WordPress <=4.9.4 - Use Safe Redirect for Login
N/A
2018-04-05
WordPress <=4.9.4 - Escape Version in Generator Tag
N/A
2018-04-05
WordPress <=4.9.4 - Vulnerable due to "localhost" default parameter
N/A
2018-04-05
WordPress <=4.9.4 - Use Safe Redirect for Login
N/A
2018-04-05
WordPress <=4.9.4 - Escape Version in Generator Tag
N/A
2018-04-05
WordPress <=4.9.4 - Vulnerable due to "localhost" default parameter
N/A
2018-04-05
WordPress <=4.9.4 - Use Safe Redirect for Login
N/A
2018-04-05
WordPress <=4.9.4 - Escape Version in Generator Tag
N/A
2018-04-05
WordPress <=4.9.4 - Vulnerable due to "localhost" default parameter
N/A
2018-04-05
WordPress <=4.9.4 - Use Safe Redirect for Login
N/A
2018-04-05
WordPress <=4.9.4 - Escape Version in Generator Tag
N/A
2018-01-17
WordPress 3.7-4.9.1 - Cross-Site Scripting vulnerability
N/A
2018-01-17
WordPress 3.7-4.9.1 - Cross-Site Scripting vulnerability
N/A
2018-01-17
WordPress 3.7-4.9.1 - Cross-Site Scripting vulnerability
N/A
2018-01-17
WordPress 3.7-4.9.1 - Cross-Site Scripting vulnerability
N/A
2018-01-17
WordPress 3.7-4.9.1 - Cross-Site Scripting vulnerability
N/A
2018-01-17
WordPress 3.7-4.9.1 - Cross-Site Scripting vulnerability
N/A
2018-01-17
WordPress 3.7-4.9.1 - Cross-Site Scripting vulnerability
N/A
2018-01-17
WordPress 3.7-4.9.1 - Cross-Site Scripting vulnerability
N/A
2017-12-01
WordPress <=4.9 - Authenticated JavaScript File Upload vulnerability
N/A
2017-12-01
WordPress <=4.9 - Authenticated JavaScript File Upload vulnerability
N/A
2017-12-01
WordPress <=4.9 - Authenticated JavaScript File Upload vulnerability
N/A
2017-12-01
WordPress <=4.9 - Authenticated JavaScript File Upload vulnerability
N/A
2017-12-01
WordPress <=4.9 - Authenticated JavaScript File Upload vulnerability
N/A
2017-12-01
WordPress <=4.9 - Authenticated JavaScript File Upload vulnerability
N/A
2017-12-01
WordPress <=4.9 - Authenticated JavaScript File Upload vulnerability
N/A
2017-12-01
WordPress <=4.9 - Authenticated JavaScript File Upload vulnerability
N/A
2017-10-31
WordPress <=4.8.2 - potential SQL injection (SQLi), $wpdb->prepare() issue, possible unsafe queries
N/A
2017-10-31
WordPress <=4.8.2 - potential SQL injection (SQLi), $wpdb->prepare() issue, possible unsafe queries
N/A
2017-10-31
WordPress <=4.8.2 - potential SQL injection (SQLi), $wpdb->prepare() issue, possible unsafe queries
N/A
2017-10-31
WordPress <=4.8.2 - potential SQL injection (SQLi), $wpdb->prepare() issue, possible unsafe queries
N/A
2017-10-31
WordPress <=4.8.2 - potential SQL injection (SQLi), $wpdb->prepare() issue, possible unsafe queries
N/A
2017-10-31
WordPress <=4.8.2 - potential SQL injection (SQLi), $wpdb->prepare() issue, possible unsafe queries
N/A
2017-10-31
WordPress <=4.8.2 - potential SQL injection (SQLi), $wpdb->prepare() issue, possible unsafe queries
N/A
2017-10-31
WordPress <=4.8.2 - potential SQL injection (SQLi), $wpdb->prepare() issue, possible unsafe queries
N/A
2017-09-19
WordPress <=4.8.1 - SQL injection (SQLi) vulnerability
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (oEmbed)
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (visual editor)
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (plugin editor)
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (template names)
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (link modal)
N/A
2017-09-19
WordPress <=4.8.1 - Path traversal vulnerability (file unzipping code)
N/A
2017-09-19
WordPress <=4.8.1 - Path traversal vulnerability (customizer)
N/A
2017-09-19
WordPress <=4.8.1 - Open redirect vulnerability (user and term edit screens)
N/A
2017-09-19
WordPress <=4.8.1 - SQL injection (SQLi) vulnerability
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (oEmbed)
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (visual editor)
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (plugin editor)
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (template names)
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (link modal)
N/A
2017-09-19
WordPress <=4.8.1 - Path traversal vulnerability (file unzipping code)
N/A
2017-09-19
WordPress <=4.8.1 - Path traversal vulnerability (customizer)
N/A
2017-09-19
WordPress <=4.8.1 - Open redirect vulnerability (user and term edit screens)
N/A
2017-09-19
WordPress <=4.8.1 - SQL injection (SQLi) vulnerability
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (oEmbed)
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (visual editor)
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (plugin editor)
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (template names)
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (link modal)
N/A
2017-09-19
WordPress <=4.8.1 - Path traversal vulnerability (file unzipping code)
N/A
2017-09-19
WordPress <=4.8.1 - Path traversal vulnerability (customizer)
N/A
2017-09-19
WordPress <=4.8.1 - Open redirect vulnerability (user and term edit screens)
N/A
2017-09-19
WordPress <=4.8.1 - SQL injection (SQLi) vulnerability
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (oEmbed)
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (visual editor)
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (plugin editor)
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (template names)
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (link modal)
N/A
2017-09-19
WordPress <=4.8.1 - Path traversal vulnerability (file unzipping code)
N/A
2017-09-19
WordPress <=4.8.1 - Path traversal vulnerability (customizer)
N/A
2017-09-19
WordPress <=4.8.1 - Open redirect vulnerability (user and term edit screens)
N/A
2017-09-19
WordPress <=4.8.1 - SQL injection (SQLi) vulnerability
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (oEmbed)
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (visual editor)
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (plugin editor)
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (template names)
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (link modal)
N/A
2017-09-19
WordPress <=4.8.1 - Path traversal vulnerability (file unzipping code)
N/A
2017-09-19
WordPress <=4.8.1 - Path traversal vulnerability (customizer)
N/A
2017-09-19
WordPress <=4.8.1 - Open redirect vulnerability (user and term edit screens)
N/A
2017-09-19
WordPress <=4.8.1 - SQL injection (SQLi) vulnerability
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (oEmbed)
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (visual editor)
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (plugin editor)
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (template names)
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (link modal)
N/A
2017-09-19
WordPress <=4.8.1 - Path traversal vulnerability (file unzipping code)
N/A
2017-09-19
WordPress <=4.8.1 - Path traversal vulnerability (customizer)
N/A
2017-09-19
WordPress <=4.8.1 - Open redirect vulnerability (user and term edit screens)
N/A
2017-09-19
WordPress <=4.8.1 - SQL injection (SQLi) vulnerability
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (oEmbed)
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (visual editor)
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (plugin editor)
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (template names)
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (link modal)
N/A
2017-09-19
WordPress <=4.8.1 - Path traversal vulnerability (file unzipping code)
N/A
2017-09-19
WordPress <=4.8.1 - Path traversal vulnerability (customizer)
N/A
2017-09-19
WordPress <=4.8.1 - Open redirect vulnerability (user and term edit screens)
N/A
2017-09-19
WordPress <=4.8.1 - SQL injection (SQLi) vulnerability
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (oEmbed)
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (visual editor)
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (plugin editor)
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (template names)
N/A
2017-09-19
WordPress <=4.8.1 - Cross-Site Scripting (XSS) vulnerability (link modal)
N/A
2017-09-19
WordPress <=4.8.1 - Path traversal vulnerability (file unzipping code)
N/A
2017-09-19
WordPress <=4.8.1 - Path traversal vulnerability (customizer)
N/A
2017-09-19
WordPress <=4.8.1 - Open redirect vulnerability (user and term edit screens)
Medium 5.9
2017-05-04
CVE-2017-8295
Medium 5.9
2017-05-04
CVE-2017-8295
Medium 5.9
2017-05-04
CVE-2017-8295
Medium 5.9
2017-05-04
CVE-2017-8295
Medium 5.9
2017-05-04
CVE-2017-8295
Medium 5.9
2017-05-04
CVE-2017-8295
Medium 5.9
2017-05-04
CVE-2017-8295
Medium 5.9
2017-05-04
CVE-2017-8295
Medium 6.1
2017-03-12
CVE-2017-6815
Medium 5.4
2017-03-12
CVE-2017-6817
Medium 6.1
2017-03-12
CVE-2017-6815
Medium 5.4
2017-03-12
CVE-2017-6817
Medium 6.1
2017-03-12
CVE-2017-6815
Medium 5.4
2017-03-12
CVE-2017-6817
Medium 6.1
2017-03-12
CVE-2017-6815
Medium 5.4
2017-03-12
CVE-2017-6817
Medium 6.1
2017-03-12
CVE-2017-6815
Medium 5.4
2017-03-12
CVE-2017-6817
Medium 6.1
2017-03-12
CVE-2017-6815
Medium 5.4
2017-03-12
CVE-2017-6817
Medium 6.1
2017-03-12
CVE-2017-6815
Medium 5.4
2017-03-12
CVE-2017-6817
Medium 6.1
2017-03-12
CVE-2017-6815
Medium 5.4
2017-03-12
CVE-2017-6817
Critical 9.8
2017-01-30
CVE-2017-5611
Critical 9.8
2017-01-30
CVE-2017-5611
Critical 9.8
2017-01-30
CVE-2017-5611
Critical 9.8
2017-01-30
CVE-2017-5611
Critical 9.8
2017-01-30
CVE-2017-5611
Critical 9.8
2017-01-30
CVE-2017-5611
Critical 9.8
2017-01-30
CVE-2017-5611
Critical 9.8
2017-01-30
CVE-2017-5611
Medium 6.1
2017-01-15
CVE-2017-5488
Medium 6.1
2017-01-15
CVE-2017-5490
High 8.8
2017-01-15
CVE-2017-5492
Medium 5.3
2017-01-15
CVE-2017-5491
High 7.5
2017-01-15
CVE-2017-5493
Medium 6.1
2017-01-15
CVE-2017-5488
Medium 6.1
2017-01-15
CVE-2017-5490
High 8.8
2017-01-15
CVE-2017-5492
Medium 5.3
2017-01-15
CVE-2017-5491
High 7.5
2017-01-15
CVE-2017-5493
Medium 6.1
2017-01-15
CVE-2017-5488
Medium 6.1
2017-01-15
CVE-2017-5490
High 8.8
2017-01-15
CVE-2017-5492
Medium 5.3
2017-01-15
CVE-2017-5491
High 7.5
2017-01-15
CVE-2017-5493
Medium 6.1
2017-01-15
CVE-2017-5488
Medium 6.1
2017-01-15
CVE-2017-5490
High 8.8
2017-01-15
CVE-2017-5492
Medium 5.3
2017-01-15
CVE-2017-5491
High 7.5
2017-01-15
CVE-2017-5493
Medium 6.1
2017-01-15
CVE-2017-5488
Medium 6.1
2017-01-15
CVE-2017-5490
High 8.8
2017-01-15
CVE-2017-5492
Medium 5.3
2017-01-15
CVE-2017-5491
High 7.5
2017-01-15
CVE-2017-5493
Medium 6.1
2017-01-15
CVE-2017-5488
Medium 6.1
2017-01-15
CVE-2017-5490
High 8.8
2017-01-15
CVE-2017-5492
Medium 5.3
2017-01-15
CVE-2017-5491
High 7.5
2017-01-15
CVE-2017-5493
Medium 6.1
2017-01-15
CVE-2017-5488
Medium 6.1
2017-01-15
CVE-2017-5490
High 8.8
2017-01-15
CVE-2017-5492
Medium 5.3
2017-01-15
CVE-2017-5491
High 7.5
2017-01-15
CVE-2017-5493
Medium 6.1
2017-01-15
CVE-2017-5488
Medium 6.1
2017-01-15
CVE-2017-5490
High 8.8
2017-01-15
CVE-2017-5492
Medium 5.3
2017-01-15
CVE-2017-5491
High 7.5
2017-01-15
CVE-2017-5493
Medium 4.8
2017-01-05
CVE-2016-7168
Medium 6.3
2017-01-05
CVE-2016-7169
Medium 4.8
2017-01-05
CVE-2016-7168
Medium 6.3
2017-01-05
CVE-2016-7169
Medium 4.8
2017-01-05
CVE-2016-7168
Medium 6.3
2017-01-05
CVE-2016-7169
Medium 4.8
2017-01-05
CVE-2016-7168
Medium 6.3
2017-01-05
CVE-2016-7169
Medium 4.8
2017-01-05
CVE-2016-7168
Medium 6.3
2017-01-05
CVE-2016-7169
Medium 4.8
2017-01-05
CVE-2016-7168
Medium 6.3
2017-01-05
CVE-2016-7169
Medium 4.8
2017-01-05
CVE-2016-7168
Medium 6.3
2017-01-05
CVE-2016-7169
Medium 4.8
2017-01-05
CVE-2016-7168
Medium 6.3
2017-01-05
CVE-2016-7169
High 8.6
2016-09-29
WordPress Core < 4.5 - Server-Side Request Forgery
High 8.6
2016-09-29
WordPress Core < 4.5 - Server-Side Request Forgery
High 8.6
2016-09-29
WordPress Core < 4.5 - Server-Side Request Forgery
High 8.6
2016-09-29
WordPress Core < 4.5 - Server-Side Request Forgery
High 8.6
2016-09-29
WordPress Core < 4.5 - Server-Side Request Forgery
High 8.6
2016-09-29
WordPress Core < 4.5 - Server-Side Request Forgery
High 8.6
2016-09-29
WordPress Core < 4.5 - Server-Side Request Forgery
High 8.6
2016-09-29
WordPress Core < 4.5 - Server-Side Request Forgery
Medium 6.1
2016-08-07
CVE-2016-6634
High 8.8
2016-08-07
CVE-2016-6635
Medium 6.1
2016-08-07
CVE-2016-6634
High 8.8
2016-08-07
CVE-2016-6635
Medium 6.1
2016-08-07
CVE-2016-6634
High 8.8
2016-08-07
CVE-2016-6635
Medium 6.1
2016-08-07
CVE-2016-6634
High 8.8
2016-08-07
CVE-2016-6635
Medium 6.1
2016-08-07
CVE-2016-6634
High 8.8
2016-08-07
CVE-2016-6635
Medium 6.1
2016-08-07
CVE-2016-6634
High 8.8
2016-08-07
CVE-2016-6635
Medium 6.1
2016-08-07
CVE-2016-6634
High 8.8
2016-08-07
CVE-2016-6635
Medium 6.1
2016-08-07
CVE-2016-6634
High 8.8
2016-08-07
CVE-2016-6635
N/A
2016-07-12
WordPress <= 4.5.3 - Path traversal
N/A
2016-07-12
WordPress <= 4.5.3 - Path traversal
N/A
2016-07-12
WordPress <= 4.5.3 - Path traversal
N/A
2016-07-12
WordPress <= 4.5.3 - Path traversal
N/A
2016-07-12
WordPress <= 4.5.3 - Path traversal
N/A
2016-07-12
WordPress <= 4.5.3 - Path traversal
N/A
2016-07-12
WordPress <= 4.5.3 - Path traversal
N/A
2016-07-12
WordPress <= 4.5.3 - Path traversal
High 7.5
2016-06-29
CVE-2016-5835
High 7.5
2016-06-29
CVE-2016-5837
High 7.5
2016-06-29
CVE-2016-5835
High 7.5
2016-06-29
CVE-2016-5837
High 7.5
2016-06-29
CVE-2016-5835
High 7.5
2016-06-29
CVE-2016-5837
High 7.5
2016-06-29
CVE-2016-5835
High 7.5
2016-06-29
CVE-2016-5837
High 7.5
2016-06-29
CVE-2016-5835
High 7.5
2016-06-29
CVE-2016-5837
High 7.5
2016-06-29
CVE-2016-5835
High 7.5
2016-06-29
CVE-2016-5837
High 7.5
2016-06-29
CVE-2016-5835
High 7.5
2016-06-29
CVE-2016-5837
High 7.5
2016-06-29
CVE-2016-5835
High 7.5
2016-06-29
CVE-2016-5837
N/A
2015-04-27
WordPress <= 4.2 - Stored XSS
N/A
2015-04-27
WordPress <= 4.2 - Stored XSS
N/A
2015-04-27
WordPress <= 4.2 - Stored XSS
N/A
2015-04-27
WordPress <= 4.2 - Stored XSS
N/A
2015-04-27
WordPress <= 4.2 - Stored XSS
N/A
2015-04-27
WordPress <= 4.2 - Stored XSS
N/A
2015-04-27
WordPress <= 4.2 - Stored XSS
N/A
2015-04-27
WordPress <= 4.2 - Stored XSS
N/A
2014-04-09
WordPress Core < 3.8.2 - SQL Injection
N/A
2014-04-09
WordPress Core < 3.8.2 - SQL Injection
N/A
2014-04-09
WordPress Core < 3.8.2 - SQL Injection
N/A
2014-04-09
WordPress Core < 3.8.2 - SQL Injection
N/A
2014-04-09
WordPress Core < 3.8.2 - SQL Injection
N/A
2014-04-09
WordPress Core < 3.8.2 - SQL Injection
N/A
2014-04-09
WordPress Core < 3.8.2 - SQL Injection
N/A
2014-04-09
WordPress Core < 3.8.2 - SQL Injection
N/A
2013-10-14
WordPress <=3.6 - URL Redirect Restriction Bypass
N/A
2013-10-14
WordPress <=3.6 - URL Redirect Restriction Bypass
N/A
2013-10-14
WordPress <=3.6 - URL Redirect Restriction Bypass
N/A
2013-10-14
WordPress <=3.6 - URL Redirect Restriction Bypass
N/A
2013-10-14
WordPress <=3.6 - URL Redirect Restriction Bypass
N/A
2013-10-14
WordPress <=3.6 - URL Redirect Restriction Bypass
N/A
2013-10-14
WordPress <=3.6 - URL Redirect Restriction Bypass
N/A
2013-09-12
CVE-2013-4338
N/A
2013-09-12
CVE-2013-5738
N/A
2013-09-12
CVE-2013-5739
N/A
2013-09-12
CVE-2013-4339
N/A
2013-09-12
CVE-2013-4340
N/A
2013-09-12
CVE-2013-4338
N/A
2013-09-12
CVE-2013-5738
N/A
2013-09-12
CVE-2013-5739
N/A
2013-09-12
CVE-2013-4339
N/A
2013-09-12
CVE-2013-4340
N/A
2013-09-12
CVE-2013-4338
N/A
2013-09-12
CVE-2013-5738
N/A
2013-09-12
CVE-2013-5739
N/A
2013-09-12
CVE-2013-4339
N/A
2013-09-12
CVE-2013-4340
N/A
2013-09-12
CVE-2013-4338
N/A
2013-09-12
CVE-2013-5738
N/A
2013-09-12
CVE-2013-5739
N/A
2013-09-12
CVE-2013-4339
N/A
2013-09-12
CVE-2013-4340
N/A
2013-09-12
CVE-2013-4338
N/A
2013-09-12
CVE-2013-5738
N/A
2013-09-12
CVE-2013-5739
N/A
2013-09-12
CVE-2013-4339
N/A
2013-09-12
CVE-2013-4340
N/A
2013-09-12
CVE-2013-4338
N/A
2013-09-12
CVE-2013-5738
N/A
2013-09-12
CVE-2013-5739
N/A
2013-09-12
CVE-2013-4339
N/A
2013-09-12
CVE-2013-4340
N/A
2013-09-12
CVE-2013-4338
N/A
2013-09-12
CVE-2013-5738
N/A
2013-09-12
CVE-2013-5739
N/A
2013-09-12
CVE-2013-4339
N/A
2013-09-12
CVE-2013-4340