WordPress 4.7.26 Vulnerabilities

Medium 5.9

2026-03-10

WordPress <= 6.9.1 - Authenticated (Author+) XML External Entity Injection via getID3 Library Media Upload

Medium 5.0

2024-06-25

CVE-2024-32111

N/A

2024-06-25

WordPress is vulnerable to Cross Site Scripting (XSS)

Medium 5.3

2024-04-05

CVE-2023-5692

High 8.8

2024-04-04

CVE-2024-31210

Medium 5.3

2023-10-16

CVE-2023-5561

N/A

2023-10-12

WordPress Core 4.7.0-6.3.1 - Denial of Service via Cache Poisoning

N/A

2023-10-12

WordPress Core < 6.3.2 – Authenticated (Subscriber+) Arbitrary Shortcode Execution via parse-media-shortcode

High 7.2

2018-08-10

CVE-2018-14028