WordPress
by WordPress
Source repositories
CVEs (377)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-14719 | Hig | 0.50 | 7.5 | 0.13 | Sep 23, 2017 | Before version 4.8.2, WordPress was vulnerable to a directory traversal attack during unzip operations in the ZipArchive and PclZip components. | ||
| CVE-2017-9064 | Hig | 0.50 | 8.8 | 0.02 | May 18, 2017 | In WordPress before 4.7.5, a Cross Site Request Forgery (CSRF) vulnerability exists in the filesystem credentials dialog because a nonce is not required for updating credentials. | ||
| CVE-2017-5489 | Hig | 0.50 | 8.8 | 0.01 | Jan 15, 2017 | Cross-site request forgery (CSRF) vulnerability in WordPress before 4.7.1 allows remote attackers to hijack the authentication of unspecified victims via vectors involving a Flash file upload. | ||
| CVE-2017-14722 | Hig | 0.49 | 7.5 | 0.08 | Sep 23, 2017 | Before version 4.8.2, WordPress allowed a Directory Traversal attack in the Customizer component via a crafted theme filename. | ||
| CVE-2017-9066 | Hig | 0.49 | 8.6 | 0.04 | May 18, 2017 | In WordPress before 4.7.5, there is insufficient redirect validation in the HTTP class, leading to SSRF. | ||
| CVE-2017-9062 | Hig | 0.49 | 8.6 | 0.02 | May 18, 2017 | In WordPress before 4.7.5, there is improper handling of post meta data values in the XML-RPC API. | ||
| CVE-2017-5493 | Hig | 0.49 | 7.5 | 0.03 | Jan 15, 2017 | wp-includes/ms-functions.php in the Multisite WordPress API in WordPress before 4.7.1 does not properly choose random numbers for keys, which makes it easier for remote attackers to bypass intended access restrictions via a crafted (1) site signup or (2) user signup. | ||
| CVE-2014-6412 | Hig | 0.46 | 8.1 | 0.05 | Apr 12, 2018 | WordPress before 4.4 makes it easier for remote attackers to predict password-recovery tokens via a brute-force approach. | ||
| CVE-2017-5487 | Med | 0.44 | 5.3 | 0.87 | Jan 15, 2017 | wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in the REST API implementation in WordPress 4.7 before 4.7.1 does not properly restrict listings of post authors, which allows remote attackers to obtain sensitive information via a wp-json/wp/v2/users request. | ||
| CVE-2026-5717 | Med | 0.42 | 6.4 | 0.00 | Apr 15, 2026 | The VI: Include Post By plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class_container' attribute of the 'include-post-by-cat' shortcode in all versions up to, and including, 0.4.200706 due to insufficient input sanitization and output escaping on… | ||
| CVE-2026-5506 | Med | 0.42 | 6.4 | 0.00 | Apr 8, 2026 | The Wavr plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `wave` shortcode in all versions up to, and including, 0.2.6. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for… | ||
| CVE-2024-31111 | Med | 0.42 | 6.5 | 0.00 | Jun 25, 2024 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Automattic WordPress allows Stored XSS.This issue affects WordPress: from 6.5 through 6.5.4, from 6.4 through 6.4.4, from 6.3 through 6.3.4, from 6.2 through 6.2.5, from… | ||
| CVE-2024-6307 | Med | 0.42 | 6.4 | 0.00 | Jun 25, 2024 | WordPress Core is vulnerable to Stored Cross-Site Scripting via the HTML API in various versions prior to 6.5.5 due to insufficient input sanitization and output escaping on URLs. This makes it possible for authenticated attackers, with contributor-level access and above, to… | ||
| CVE-2012-6707 | Hig | 0.42 | 7.5 | 0.01 | Oct 19, 2017 | WordPress through 4.8.2 uses a weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. NOTE: the approach to changing this may not be fully compatible with certain use cases, such as… | ||
| CVE-2017-14990 | Med | 0.42 | 6.5 | 0.02 | Oct 3, 2017 | WordPress 4.8.2 stores cleartext wp_signups.activation_key values (but stores the analogous wp_users.user_activation_key values as hashes), which might make it easier for remote attackers to hijack unactivated user accounts by leveraging database read access (such as access… | ||
| CVE-2017-9065 | Hig | 0.42 | 7.5 | 0.04 | May 18, 2017 | In WordPress before 4.7.5, there is a lack of capability checks for post meta data in the XML-RPC API. | ||
| CVE-2016-5839 | Hig | 0.42 | 7.5 | 0.03 | Jun 29, 2016 | WordPress before 4.5.3 allows remote attackers to bypass the sanitize_file_name protection mechanism via unspecified vectors. | ||
| CVE-2016-5838 | Hig | 0.42 | 7.5 | 0.03 | Jun 29, 2016 | WordPress before 4.5.3 allows remote attackers to bypass intended password-change restrictions by leveraging knowledge of a cookie. | ||
| CVE-2016-5837 | Hig | 0.42 | 7.5 | 0.04 | Jun 29, 2016 | WordPress before 4.5.3 allows remote attackers to bypass intended access restrictions and remove a category attribute from a post via unspecified vectors. | ||
| CVE-2016-5836 | Hig | 0.42 | 7.5 | 0.04 | Jun 29, 2016 | The oEmbed protocol implementation in WordPress before 4.5.3 allows remote attackers to cause a denial of service via unspecified vectors. |
- risk 0.50cvss 7.5epss 0.13
Before version 4.8.2, WordPress was vulnerable to a directory traversal attack during unzip operations in the ZipArchive and PclZip components.
- risk 0.50cvss 8.8epss 0.02
In WordPress before 4.7.5, a Cross Site Request Forgery (CSRF) vulnerability exists in the filesystem credentials dialog because a nonce is not required for updating credentials.
- risk 0.50cvss 8.8epss 0.01
Cross-site request forgery (CSRF) vulnerability in WordPress before 4.7.1 allows remote attackers to hijack the authentication of unspecified victims via vectors involving a Flash file upload.
- risk 0.49cvss 7.5epss 0.08
Before version 4.8.2, WordPress allowed a Directory Traversal attack in the Customizer component via a crafted theme filename.
- risk 0.49cvss 8.6epss 0.04
In WordPress before 4.7.5, there is insufficient redirect validation in the HTTP class, leading to SSRF.
- risk 0.49cvss 8.6epss 0.02
In WordPress before 4.7.5, there is improper handling of post meta data values in the XML-RPC API.
- risk 0.49cvss 7.5epss 0.03
wp-includes/ms-functions.php in the Multisite WordPress API in WordPress before 4.7.1 does not properly choose random numbers for keys, which makes it easier for remote attackers to bypass intended access restrictions via a crafted (1) site signup or (2) user signup.
- risk 0.46cvss 8.1epss 0.05
WordPress before 4.4 makes it easier for remote attackers to predict password-recovery tokens via a brute-force approach.
- risk 0.44cvss 5.3epss 0.87
wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in the REST API implementation in WordPress 4.7 before 4.7.1 does not properly restrict listings of post authors, which allows remote attackers to obtain sensitive information via a wp-json/wp/v2/users request.
- risk 0.42cvss 6.4epss 0.00
The VI: Include Post By plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class_container' attribute of the 'include-post-by-cat' shortcode in all versions up to, and including, 0.4.200706 due to insufficient input sanitization and output escaping on…
- risk 0.42cvss 6.4epss 0.00
The Wavr plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `wave` shortcode in all versions up to, and including, 0.2.6. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for…
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Automattic WordPress allows Stored XSS.This issue affects WordPress: from 6.5 through 6.5.4, from 6.4 through 6.4.4, from 6.3 through 6.3.4, from 6.2 through 6.2.5, from…
- risk 0.42cvss 6.4epss 0.00
WordPress Core is vulnerable to Stored Cross-Site Scripting via the HTML API in various versions prior to 6.5.5 due to insufficient input sanitization and output escaping on URLs. This makes it possible for authenticated attackers, with contributor-level access and above, to…
- risk 0.42cvss 7.5epss 0.01
WordPress through 4.8.2 uses a weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. NOTE: the approach to changing this may not be fully compatible with certain use cases, such as…
- risk 0.42cvss 6.5epss 0.02
WordPress 4.8.2 stores cleartext wp_signups.activation_key values (but stores the analogous wp_users.user_activation_key values as hashes), which might make it easier for remote attackers to hijack unactivated user accounts by leveraging database read access (such as access…
- risk 0.42cvss 7.5epss 0.04
In WordPress before 4.7.5, there is a lack of capability checks for post meta data in the XML-RPC API.
- risk 0.42cvss 7.5epss 0.03
WordPress before 4.5.3 allows remote attackers to bypass the sanitize_file_name protection mechanism via unspecified vectors.
- risk 0.42cvss 7.5epss 0.03
WordPress before 4.5.3 allows remote attackers to bypass intended password-change restrictions by leveraging knowledge of a cookie.
- risk 0.42cvss 7.5epss 0.04
WordPress before 4.5.3 allows remote attackers to bypass intended access restrictions and remove a category attribute from a post via unspecified vectors.
- risk 0.42cvss 7.5epss 0.04
The oEmbed protocol implementation in WordPress before 4.5.3 allows remote attackers to cause a denial of service via unspecified vectors.
Page 2 of 19