Medium 5.9
2026-03-10
WordPress <= 6.9.1 - Authenticated (Author+) XML External Entity Injection via getID3 Library Media Upload
WordPress 6.3 Vulnerabilities
Vulnerabilities 51All 6.3.x releases →
Medium 5.9
2026-03-10
WordPress <= 6.9.1 - Authenticated (Author+) XML External Entity Injection via getID3 Library Media Upload
Medium 5.9
2026-03-10
WordPress <= 6.9.1 - Authenticated (Author+) XML External Entity Injection via getID3 Library Media Upload
Medium 5.9
2026-03-10
WordPress <= 6.9.1 - Authenticated (Author+) XML External Entity Injection via getID3 Library Media Upload
Medium 5.9
2026-03-10
WordPress <= 6.9.1 - Authenticated (Author+) XML External Entity Injection via getID3 Library Media Upload
Medium 5.9
2026-03-10
WordPress <= 6.9.1 - Authenticated (Author+) XML External Entity Injection via getID3 Library Media Upload
Medium 5.9
2026-03-10
WordPress <= 6.9.1 - Authenticated (Author+) XML External Entity Injection via getID3 Library Media Upload
Medium 5.9
2026-03-10
WordPress <= 6.9.1 - Authenticated (Author+) XML External Entity Injection via getID3 Library Media Upload
Medium 6.5
2024-06-25
CVE-2024-31111
Medium 6.4
2024-06-25
CVE-2024-6307
N/A
2024-06-25
WordPress is vulnerable to Cross Site Scripting (XSS)
Medium 5.0
2024-06-25
CVE-2024-32111
Medium 6.5
2024-06-25
CVE-2024-31111
Medium 6.4
2024-06-25
CVE-2024-6307
N/A
2024-06-25
WordPress is vulnerable to Cross Site Scripting (XSS)
Medium 5.0
2024-06-25
CVE-2024-32111
Medium 6.5
2024-06-25
CVE-2024-31111
Medium 6.4
2024-06-25
CVE-2024-6307
N/A
2024-06-25
WordPress is vulnerable to Cross Site Scripting (XSS)
Medium 5.0
2024-06-25
CVE-2024-32111
Medium 6.5
2024-06-25
CVE-2024-31111
Medium 6.4
2024-06-25
CVE-2024-6307
N/A
2024-06-25
WordPress is vulnerable to Cross Site Scripting (XSS)
Medium 5.0
2024-06-25
CVE-2024-32111
Medium 6.5
2024-06-25
CVE-2024-31111
Medium 6.4
2024-06-25
CVE-2024-6307
N/A
2024-06-25
WordPress is vulnerable to Cross Site Scripting (XSS)
Medium 6.1
2024-05-03
CVE-2024-4439
Medium 6.1
2024-05-03
CVE-2024-4439
Medium 6.1
2024-05-03
CVE-2024-4439
Medium 6.1
2024-05-03
CVE-2024-4439
Medium 5.3
2024-04-05
CVE-2023-5692
Medium 5.3
2024-04-05
CVE-2023-5692
Medium 5.3
2024-04-05
CVE-2023-5692
High 8.8
2024-04-04
CVE-2024-31210
High 8.8
2024-04-04
CVE-2024-31210
High 8.8
2024-04-04
CVE-2024-31210
Medium 5.3
2023-10-16
CVE-2023-5561
Medium 5.3
2023-10-16
CVE-2023-5561
Medium 4.3
2023-10-13
CVE-2023-39999
Medium 4.3
2023-10-13
CVE-2023-39999
N/A
2023-10-12
WordPress Core 6.3 - 6.3.1 - Authenticated(Contributor+) Cross-Site Scripting via Footnotes Block
N/A
2023-10-12
WordPress Core 4.7.0-6.3.1 - Denial of Service via Cache Poisoning
N/A
2023-10-12
WordPress Core < 6.3.2 – Authenticated (Subscriber+) Arbitrary Shortcode Execution via parse-media-shortcode
N/A
2023-10-12
WordPress Core 5.6 - 6.3.1 - Reflected Cross-Site Scripting via Application Password Requests
N/A
2023-10-12
WordPress Core 6.3 - 6.3.1 - Authenticated(Contributor+) Cross-Site Scripting via Footnotes Block
N/A
2023-10-12
WordPress Core 4.7.0-6.3.1 - Denial of Service via Cache Poisoning
N/A
2023-10-12
WordPress Core < 6.3.2 – Authenticated (Subscriber+) Arbitrary Shortcode Execution via parse-media-shortcode
N/A
2023-10-12
WordPress Core 5.6 - 6.3.1 - Reflected Cross-Site Scripting via Application Password Requests
High 7.2
2018-08-10
CVE-2018-14028
High 7.2
2018-08-10
CVE-2018-14028