WordPress
by WordPress
Source repositories
CVEs (377)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-5835 | Hig | 0.42 | 7.5 | 0.04 | Jun 29, 2016 | WordPress before 4.5.3 allows remote attackers to obtain sensitive revision-history information by leveraging the ability to read a post, related to wp-admin/includes/ajax-actions.php and wp-admin/revision.php. | ||
| CVE-2016-5832 | Hig | 0.42 | 7.5 | 0.03 | Jun 29, 2016 | The customizer in WordPress before 4.5.3 allows remote attackers to bypass intended redirection restrictions via unspecified vectors. | ||
| CVE-2016-6897 | Med | 0.41 | 6.5 | 0.28 | Jan 18, 2017 | Cross-site request forgery (CSRF) vulnerability in the wp_ajax_update_plugin function in wp-admin/includes/ajax-actions.php in WordPress before 4.6 allows remote attackers to hijack the authentication of subscribers for /dev/random read operations by leveraging a late call to… | ||
| CVE-2016-2221 | Hig | 0.41 | 7.4 | 0.05 | May 22, 2016 | Open redirect vulnerability in the wp_validate_redirect function in wp-includes/pluggable.php in WordPress before 4.4.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a malformed URL that triggers incorrect hostname parsing, as… | ||
| CVE-2023-54358 | Med | 0.40 | 6.1 | 0.00 | Apr 9, 2026 | WordPress adivaha Travel Plugin 2.3 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the isMobile parameter. Attackers can craft malicious URLs containing JavaScript payloads in the isMobile… | ||
| CVE-2018-1000556 | Med | 0.40 | 6.1 | 0.01 | Jun 26, 2018 | WordPress version 4.8 + contains a Cross Site Scripting (XSS) vulnerability in plugins.php or core wordpress on delete function that can result in An attacker can perform client side attacks which could be from stealing a cookie to code injection. This attack appear to be… | ||
| CVE-2017-5490 | Med | 0.40 | 6.1 | 0.02 | Jan 15, 2017 | Cross-site scripting (XSS) vulnerability in the theme-name fallback functionality in wp-includes/class-wp-theme.php in WordPress before 4.7.1 allows remote attackers to inject arbitrary web script or HTML via a crafted directory name of a theme, related to… | ||
| CVE-2017-5488 | Med | 0.40 | 6.1 | 0.02 | Jan 15, 2017 | Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/update-core.php in WordPress before 4.7.1 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) version header of a plugin. | ||
| CVE-2016-6634 | Med | 0.40 | 6.1 | 0.03 | Aug 7, 2016 | Cross-site scripting (XSS) vulnerability in the network settings page in WordPress before 4.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||
| CVE-2023-2745 | Med | 0.37 | 5.4 | 0.80 | May 17, 2023 | WordPress Core is vulnerable to Directory Traversal in versions up to, and including, 6.2, via the ‘wp_lang’ parameter. This allows unauthenticated attackers to access and load arbitrary translation files. In cases where an attacker is able to upload a crafted translation… | ||
| CVE-2017-8295 | Med | 0.36 | 5.9 | 0.27 | May 4, 2017 | WordPress through 4.7.4 relies on the Host HTTP header for a password-reset e-mail message, which makes it easier for remote attackers to reset arbitrary passwords by making a crafted wp-login.php?action=lostpassword request and then arranging for this message to bounce or be… | ||
| CVE-2021-47948 | Med | 0.35 | 5.4 | 0.00 | May 10, 2026 | WordPress GetPaid Plugin 2.4.6 contains an HTML injection vulnerability that allows authenticated attackers to inject arbitrary HTML code by exploiting the Help Text field in payment forms. Attackers can inject malicious HTML including image tags and scripts into the Help Text… | ||
| CVE-2023-5692 | Med | 0.35 | 5.3 | 0.01 | Apr 5, 2024 | WordPress Core is vulnerable to Sensitive Information Exposure in versions up to, and including, 6.4.3 via the redirect_guess_404_permalink function. This can allow unauthenticated attackers to expose the slug of a custom post whose 'publicly_queryable' post status has been set… | ||
| CVE-2017-6819 | Med | 0.35 | 6.5 | 0.02 | Mar 12, 2017 | In WordPress before 4.7.3, there is cross-site request forgery (CSRF) in Press This (wp-admin/includes/class-wp-press-this.php), leading to excessive use of server resources. The CSRF can trigger an outbound HTTP request for a large file that is then parsed by Press This. | ||
| CVE-2017-5491 | Med | 0.35 | 5.3 | 0.03 | Jan 15, 2017 | wp-mail.php in WordPress before 4.7.1 might allow remote attackers to bypass intended posting restrictions via a spoofed mail server with the mail.example.com name. | ||
| CVE-2006-6016 | Med | 0.35 | 6.5 | 0.02 | Nov 21, 2006 | wp-admin/user-edit.php in WordPress before 2.0.5 allows remote authenticated users to read the metadata of an arbitrary user via a modified user_id parameter. | ||
| CVE-2006-6017 | Med | 0.35 | 6.5 | 0.02 | Nov 21, 2006 | WordPress before 2.0.5 does not properly store a profile containing a string representation of a serialized object, which allows remote authenticated users to cause a denial of service (application crash) via a string that represents a (1) malformed or (2) large serialized… | ||
| CVE-2005-1688 | Med | 0.35 | 5.3 | 0.02 | May 20, 2005 | Wordpress 1.5 and earlier allows remote attackers to obtain sensitive information via a direct request to files in (1) wp-content/themes/, (2) wp-includes/, or (3) wp-admin/, which reveal the path in an error message. | ||
| CVE-2016-7169 | Med | 0.34 | 6.3 | 0.03 | Jan 5, 2017 | Directory traversal vulnerability in the File_Upload_Upgrader class in wp-admin/includes/class-file-upload-upgrader.php in the upgrade package uploader in WordPress before 4.6.1 allows remote authenticated users to access arbitrary files via a crafted urlholder parameter. | ||
| CVE-2024-32111 | Med | 0.33 | 5.0 | 0.00 | Jun 25, 2024 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Automattic WordPress allows Relative Path Traversal.This issue affects WordPress: from 6.5 through 6.5.4, from 6.4 through 6.4.4, from 6.3 through 6.3.4, from 6.2 through 6.2.5, from… |
- risk 0.42cvss 7.5epss 0.04
WordPress before 4.5.3 allows remote attackers to obtain sensitive revision-history information by leveraging the ability to read a post, related to wp-admin/includes/ajax-actions.php and wp-admin/revision.php.
- risk 0.42cvss 7.5epss 0.03
The customizer in WordPress before 4.5.3 allows remote attackers to bypass intended redirection restrictions via unspecified vectors.
- risk 0.41cvss 6.5epss 0.28
Cross-site request forgery (CSRF) vulnerability in the wp_ajax_update_plugin function in wp-admin/includes/ajax-actions.php in WordPress before 4.6 allows remote attackers to hijack the authentication of subscribers for /dev/random read operations by leveraging a late call to…
- risk 0.41cvss 7.4epss 0.05
Open redirect vulnerability in the wp_validate_redirect function in wp-includes/pluggable.php in WordPress before 4.4.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a malformed URL that triggers incorrect hostname parsing, as…
- risk 0.40cvss 6.1epss 0.00
WordPress adivaha Travel Plugin 2.3 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the isMobile parameter. Attackers can craft malicious URLs containing JavaScript payloads in the isMobile…
- risk 0.40cvss 6.1epss 0.01
WordPress version 4.8 + contains a Cross Site Scripting (XSS) vulnerability in plugins.php or core wordpress on delete function that can result in An attacker can perform client side attacks which could be from stealing a cookie to code injection. This attack appear to be…
- risk 0.40cvss 6.1epss 0.02
Cross-site scripting (XSS) vulnerability in the theme-name fallback functionality in wp-includes/class-wp-theme.php in WordPress before 4.7.1 allows remote attackers to inject arbitrary web script or HTML via a crafted directory name of a theme, related to…
- risk 0.40cvss 6.1epss 0.02
Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/update-core.php in WordPress before 4.7.1 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) version header of a plugin.
- risk 0.40cvss 6.1epss 0.03
Cross-site scripting (XSS) vulnerability in the network settings page in WordPress before 4.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
- risk 0.37cvss 5.4epss 0.80
WordPress Core is vulnerable to Directory Traversal in versions up to, and including, 6.2, via the ‘wp_lang’ parameter. This allows unauthenticated attackers to access and load arbitrary translation files. In cases where an attacker is able to upload a crafted translation…
- risk 0.36cvss 5.9epss 0.27
WordPress through 4.7.4 relies on the Host HTTP header for a password-reset e-mail message, which makes it easier for remote attackers to reset arbitrary passwords by making a crafted wp-login.php?action=lostpassword request and then arranging for this message to bounce or be…
- risk 0.35cvss 5.4epss 0.00
WordPress GetPaid Plugin 2.4.6 contains an HTML injection vulnerability that allows authenticated attackers to inject arbitrary HTML code by exploiting the Help Text field in payment forms. Attackers can inject malicious HTML including image tags and scripts into the Help Text…
- risk 0.35cvss 5.3epss 0.01
WordPress Core is vulnerable to Sensitive Information Exposure in versions up to, and including, 6.4.3 via the redirect_guess_404_permalink function. This can allow unauthenticated attackers to expose the slug of a custom post whose 'publicly_queryable' post status has been set…
- risk 0.35cvss 6.5epss 0.02
In WordPress before 4.7.3, there is cross-site request forgery (CSRF) in Press This (wp-admin/includes/class-wp-press-this.php), leading to excessive use of server resources. The CSRF can trigger an outbound HTTP request for a large file that is then parsed by Press This.
- risk 0.35cvss 5.3epss 0.03
wp-mail.php in WordPress before 4.7.1 might allow remote attackers to bypass intended posting restrictions via a spoofed mail server with the mail.example.com name.
- risk 0.35cvss 6.5epss 0.02
wp-admin/user-edit.php in WordPress before 2.0.5 allows remote authenticated users to read the metadata of an arbitrary user via a modified user_id parameter.
- risk 0.35cvss 6.5epss 0.02
WordPress before 2.0.5 does not properly store a profile containing a string representation of a serialized object, which allows remote authenticated users to cause a denial of service (application crash) via a string that represents a (1) malformed or (2) large serialized…
- risk 0.35cvss 5.3epss 0.02
Wordpress 1.5 and earlier allows remote attackers to obtain sensitive information via a direct request to files in (1) wp-content/themes/, (2) wp-includes/, or (3) wp-admin/, which reveal the path in an error message.
- risk 0.34cvss 6.3epss 0.03
Directory traversal vulnerability in the File_Upload_Upgrader class in wp-admin/includes/class-file-upload-upgrader.php in the upgrade package uploader in WordPress before 4.6.1 allows remote authenticated users to access arbitrary files via a crafted urlholder parameter.
- risk 0.33cvss 5.0epss 0.00
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Automattic WordPress allows Relative Path Traversal.This issue affects WordPress: from 6.5 through 6.5.4, from 6.4 through 6.4.4, from 6.3 through 6.3.4, from 6.2 through 6.2.5, from…
Page 3 of 19