Vulnerabilities > Wordpress > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-04-18 CVE-2011-1762 Incorrect Default Permissions vulnerability in Wordpress
A flaw exists in Wordpress related to the 'wp-admin/press-this.php 'script improperly checking user permissions when publishing posts.
network
low complexity
wordpress CWE-276
6.5
2022-01-06 CVE-2022-21662 Cross-site Scripting vulnerability in multiple products
WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database.
network
low complexity
wordpress debian CWE-79
5.4
2021-09-09 CVE-2021-39201 WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database.
network
low complexity
wordpress debian
5.4
2021-09-09 CVE-2021-39202 Unspecified vulnerability in Wordpress 5.8
WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database.
network
low complexity
wordpress
5.4
2021-09-09 CVE-2021-39203 Unspecified vulnerability in Wordpress 5.8
WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database.
network
low complexity
wordpress
6.5
2021-04-15 CVE-2021-29450 Wordpress is an open source CMS.
network
low complexity
wordpress debian
4.3
2021-04-15 CVE-2021-29447 Wordpress is an open source CMS.
network
low complexity
wordpress debian
6.5
2020-11-02 CVE-2020-28040 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
WordPress before 5.5.2 allows CSRF attacks that change a theme's background image.
network
low complexity
wordpress debian canonical CWE-352
4.3
2020-11-02 CVE-2020-28038 Cross-site Scripting vulnerability in multiple products
WordPress before 5.5.2 allows stored XSS via post slugs.
network
low complexity
wordpress fedoraproject debian CWE-79
6.1
2020-11-02 CVE-2020-28034 Cross-site Scripting vulnerability in multiple products
WordPress before 5.5.2 allows XSS associated with global variables.
network
low complexity
wordpress fedoraproject debian CWE-79
6.1