Vulnerabilities > Wordpress

DATE CVE VULNERABILITY TITLE RISK
2022-12-05 CVE-2022-43497 Cross-site Scripting vulnerability in Wordpress
Cross-site scripting vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to inject an arbitrary script.
network
low complexity
wordpress CWE-79
6.1
2022-12-05 CVE-2022-43500 Cross-site Scripting vulnerability in Wordpress
Cross-site scripting vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to inject an arbitrary script.
network
low complexity
wordpress CWE-79
6.1
2022-12-05 CVE-2022-43504 Improper Authentication vulnerability in Wordpress
Improper authentication vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to obtain the email address of the user who posted a blog using the WordPress Post by Email Feature.
network
low complexity
wordpress CWE-287
5.3
2022-04-18 CVE-2011-1762 Incorrect Default Permissions vulnerability in Wordpress
A flaw exists in Wordpress related to the 'wp-admin/press-this.php 'script improperly checking user permissions when publishing posts.
network
low complexity
wordpress CWE-276
6.5
2022-01-06 CVE-2022-21661 SQL Injection vulnerability in multiple products
WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database.
network
low complexity
wordpress fedoraproject debian CWE-89
7.5
2022-01-06 CVE-2022-21662 Cross-site Scripting vulnerability in multiple products
WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database.
network
low complexity
wordpress debian CWE-79
5.4
2022-01-06 CVE-2022-21663 Deserialization of Untrusted Data vulnerability in multiple products
WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database.
network
low complexity
wordpress debian fedoraproject CWE-502
7.2
2022-01-06 CVE-2022-21664 SQL Injection vulnerability in multiple products
WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database.
network
low complexity
wordpress debian fedoraproject CWE-89
8.8
2021-11-25 CVE-2021-44223 Unspecified vulnerability in Wordpress
WordPress before 5.8 lacks support for the Update URI plugin header.
network
low complexity
wordpress
critical
9.8
2021-09-09 CVE-2021-39201 WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database.
network
low complexity
wordpress debian
5.4