Vulnerabilities > Wordpress

DATE	CVE	VULNERABILITY TITLE	RISK
2021-09-09	CVE-2021-39201	Cross-site Scripting vulnerability in multiple products WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. network wordpress debian CWE-79	3.5
2021-09-09	CVE-2021-39202	Cross-site Scripting vulnerability in Wordpress 5.8 WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. network wordpress CWE-79	3.5
2021-09-09	CVE-2021-39203	Unspecified vulnerability in Wordpress 5.8 WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. network wordpress	6.0
2021-04-28	CVE-2020-36326	Deserialization of Untrusted Data vulnerability in multiple products PHPMailer 6.1.8 through 6.4.0 allows object injection through Phar Deserialization via addAttachment with a UNC pathname. network low complexity phpmailer-project wordpress CWE-502 critical	9.8
2021-04-27	CVE-2021-29476	Deserialization of Untrusted Data vulnerability in Wordpress Requests 1.6.0/1.6.1/1.7.0 Requests is a HTTP library written in PHP. network low complexity wordpress CWE-502	7.5
2021-04-15	CVE-2021-29450	Information Exposure vulnerability in multiple products Wordpress is an open source CMS. network low complexity wordpress debian CWE-200	4.0
2021-04-15	CVE-2021-29447	XXE vulnerability in multiple products Wordpress is an open source CMS. network low complexity wordpress debian CWE-611	6.5
2020-11-02	CVE-2020-28040	Cross-Site Request Forgery (CSRF) vulnerability in multiple products WordPress before 5.5.2 allows CSRF attacks that change a theme's background image. network low complexity wordpress debian canonical CWE-352	4.3
2020-11-02	CVE-2020-28039	is_protected_meta in wp-includes/meta.php in WordPress before 5.5.2 allows arbitrary file deletion because it does not properly determine whether a meta key is considered protected. network low complexity wordpress debian canonical critical	9.1
2020-11-02	CVE-2020-28038	Cross-site Scripting vulnerability in multiple products WordPress before 5.5.2 allows stored XSS via post slugs. network low complexity wordpress fedoraproject debian CWE-79	6.1

Vulnerabilities > Wordpress {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Wordpress"}]}

Vulnerabilities > Wordpress