Vulnerabilities > Wordpress > Wordpress > 4.9.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-04-16 | CVE-2018-10100 | Open Redirect vulnerability in Wordpress Before WordPress 4.9.5, the redirection URL for the login page was not validated or sanitized if forced to use HTTPS. | 5.8 |
2018-02-06 | CVE-2018-6389 | Resource Exhaustion vulnerability in Wordpress In WordPress through 4.9.2, unauthenticated attackers can cause a denial of service (resource consumption) by using the large list of registered .js files (from wp-includes/script-loader.php) to construct a series of requests to load every file many times. | 5.0 |