Vulnerabilities > Wordpress > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-04-18 | CVE-2011-1762 | Incorrect Default Permissions vulnerability in Wordpress A flaw exists in Wordpress related to the 'wp-admin/press-this.php 'script improperly checking user permissions when publishing posts. | 6.5 |
2022-01-06 | CVE-2022-21662 | Cross-site Scripting vulnerability in multiple products WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. | 5.4 |
2021-09-09 | CVE-2021-39201 | WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. | 5.4 |
2021-09-09 | CVE-2021-39202 | Unspecified vulnerability in Wordpress 5.8 WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. | 5.4 |
2021-09-09 | CVE-2021-39203 | Unspecified vulnerability in Wordpress 5.8 WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. | 6.5 |
2021-04-15 | CVE-2021-29450 | Wordpress is an open source CMS. | 4.3 |
2021-04-15 | CVE-2021-29447 | Wordpress is an open source CMS. | 6.5 |
2020-11-02 | CVE-2020-28040 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products WordPress before 5.5.2 allows CSRF attacks that change a theme's background image. | 4.3 |
2020-11-02 | CVE-2020-28038 | Cross-site Scripting vulnerability in multiple products WordPress before 5.5.2 allows stored XSS via post slugs. | 6.1 |
2020-11-02 | CVE-2020-28034 | Cross-site Scripting vulnerability in multiple products WordPress before 5.5.2 allows XSS associated with global variables. | 6.1 |