N/A
< 3.8.7
Wordfence 3.8.6 - lib/IPTraf.php User-Agent Header Stored XSS
Wordfence Security – Firewall, Malware Scan, and Login Security
Minimum safe version
7.6.1
Update to 7.6.1 or later to address 32 fixable vulnerabilities
Latest available8.2.1 ✓Affected up to7.2.3 ⚠
N/A
< 3.8.3
Wordfence 3.8.1 - Password Creation Restriction Bypass
N/A
< 3.8.3
Wordfence 3.8.1 - wp-admin/admin.php whois Parameter Stored XSS
N/A
< 3.3.7
Wordfence 3.3.5 - XSS & IAA
N/A
< 5.2.5
Wordfence 5.2.4 - Unspecified Issue
N/A
< 5.2.5
Wordfence 5.2.4 - IPTraf.php URI Request Stored XSS
N/A
< 5.2.4
Wordfence 5.2.3 - Banned IP Functionality Bypass
N/A
< 5.2.4
Wordfence 5.2.3 - Multiple Vulnerabilities
N/A
< 5.2.3
Wordfence 5.2.2 - XSS in Referer Header
N/A
< 7.1.14
Wordfence <= 7.1.12 - Username Enumeration Prevention Bypass
N/A
2012-10-19< 3.3.7
Wordfence Security - Firewall & Malware Scan <= 3.3.6 - Stored Cross-Site Scripting
N/A
2012-10-19< 3.3.7
Wordfence < 3.3.7 - Reflected Cross-Site Scripting
N/A
2014-08-01< 3.8.3
Wordfence Security <= 3.8.1 - Stored Cross-Site Scripting
N/A
2014-09-08< 5.2.3
Wordfence <= 5.2.2 - Stored Cross-Site Scripting
N/A
2014-09-14< 5.2.4
Wordfence <= 5.2.3 - Stored Cross-Site Scripting via REQUEST_URI
N/A
2014-09-14< 5.2.4
Wordfence <= 5.2.3 - Multiple Protection Mechanism Bypasses
N/A
2014-09-27< 5.2.4
Wordfence Security <= 5.2.3 - Stored Cross-Site Scripting via HTTP_HOST
N/A
2016-05-10< 6.1.7
Wordfence Security – Firewall & Malware Scan 6.1.1 - 6.1.6 - Reflected Cross-Site Scripting
N/A
2018-10-02< 7.1.14
Wordfence Security – Firewall & Malware Scan <= 7.1.13 - Reflected Cross-Site Scripting and Information Disclosure
Medium 4.8
2022-09-23< 7.6.1
CVE-2022-3144
N/A
2015-05-15< 5.2.5
WordPress Wordfence Plugin <= 5.2.4 - Unspecified Vulnerability
N/A
2015-05-15< 3.3.7
WordPress Wordfence Plugin <= 3.3.5 - Multiple Vulnerabilities
N/A
2015-05-15< 3.8.3
WordPress Wordfence Plugin <= 3.8.1 - Stored XSS
N/A
2015-05-15< 5.2.3
WordPress Wordfence Plugin <= 5.2.2 - Cross Site Scripting
N/A
2015-05-15< 5.2.5
WordPress Wordfence Plugin <= 5.2.4 - Stored XSS
N/A
2015-05-15< 3.8.3
WordPress Wordfence Plugin <= 3.8.1 - Bypass
N/A
2015-05-15< 5.2.4
WordPress Wordfence Plugin <= 5.2.3 - Multiple Vulnerabilities
N/A
2015-05-15< 3.8.7
WordPress Wordfence Plugin <= 3.8.6 - Stored XSS
N/A
2014-09-14≤ 5.2.3
WordPress Wordfence Security Plugin - Multiple Vulnerabilities
N/A
2012-10-18< 3.3.6
WordPress Wordfence Security Plugin - Cross Site Scripting
N/A
2015-06-24< 5.2.4
WordPress Wordfence Plugin <= 5.2.3 - Bypass
N/A
2014-11-06< 5.2.5
CVE-2014-4664
Medium 6.1
2018-08-28< 5.1.5
CVE-2014-4932
Medium 6.1
2019-04-25≤ 7.2.3
CVE-2019-9669