Vulnerabilities > Wordfence
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-09-23 | CVE-2022-3144 | Unspecified vulnerability in Wordfence Security The Wordfence Security – Firewall & Malware Scan plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 7.6.0 via a setting on the options page due to insufficient escaping on the stored value. | 4.8 |
2019-04-25 | CVE-2019-9669 | Cross-site Scripting vulnerability in Wordfence 7.2.3 The Wordfence plugin 7.2.3 for WordPress allows XSS via a unique attack vector. | 6.1 |
2018-08-28 | CVE-2014-4932 | Cross-site Scripting vulnerability in Wordfence Security Cross-site scripting (XSS) vulnerability in the Wordfence Security plugin before 5.1.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the val parameter to whois.php. | 6.1 |