Vulnerabilities > Wordpress

DATE	CVE	VULNERABILITY TITLE	RISK
2022-12-14	CVE-2022-3590	Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Wordpress WordPress is affected by an unauthenticated blind SSRF in the pingback feature. network high complexity wordpress CWE-367	5.9
2022-12-05	CVE-2022-43497	Cross-site Scripting vulnerability in Wordpress Cross-site scripting vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to inject an arbitrary script. network low complexity wordpress CWE-79	6.1
2022-12-05	CVE-2022-43500	Cross-site Scripting vulnerability in Wordpress Cross-site scripting vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to inject an arbitrary script. network low complexity wordpress CWE-79	6.1
2022-12-05	CVE-2022-43504	Improper Authentication vulnerability in Wordpress Improper authentication vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to obtain the email address of the user who posted a blog using the WordPress Post by Email Feature. network low complexity wordpress CWE-287	5.3
2022-04-18	CVE-2011-1762	Incorrect Default Permissions vulnerability in Wordpress A flaw exists in Wordpress related to the 'wp-admin/press-this.php 'script improperly checking user permissions when publishing posts. network low complexity wordpress CWE-276	4.0
2022-01-06	CVE-2022-21661	SQL Injection vulnerability in multiple products WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. network low complexity wordpress fedoraproject debian CWE-89	7.5
2022-01-06	CVE-2022-21662	Cross-site Scripting vulnerability in multiple products WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. network low complexity wordpress debian CWE-79	5.4
2022-01-06	CVE-2022-21663	Deserialization of Untrusted Data vulnerability in multiple products WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. network low complexity wordpress debian fedoraproject CWE-502	7.2
2022-01-06	CVE-2022-21664	SQL Injection vulnerability in multiple products WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. network low complexity wordpress debian fedoraproject CWE-89	8.8
2021-11-25	CVE-2021-44223	Unspecified vulnerability in Wordpress WordPress before 5.8 lacks support for the Update URI plugin header. network low complexity wordpress	7.5

Vulnerabilities > Wordpress {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Wordpress"}]}

Vulnerabilities > Wordpress