Vulnerabilities > Wordpress > Wordpress > 5.5.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-01-06 | CVE-2022-21664 | SQL Injection vulnerability in multiple products WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. | 8.8 |
2021-11-25 | CVE-2021-44223 | Unspecified vulnerability in Wordpress WordPress before 5.8 lacks support for the Update URI plugin header. | 7.5 |
2021-09-09 | CVE-2021-39200 | Information Exposure vulnerability in multiple products WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. | 4.3 |
2021-09-09 | CVE-2021-39201 | Cross-site Scripting vulnerability in multiple products WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. | 3.5 |
2021-04-28 | CVE-2020-36326 | Deserialization of Untrusted Data vulnerability in multiple products PHPMailer 6.1.8 through 6.4.0 allows object injection through Phar Deserialization via addAttachment with a UNC pathname. | 9.8 |
2018-11-16 | CVE-2018-19296 | PHPMailer before 5.2.27 and 6.x before 6.0.6 is vulnerable to an object injection attack. | 8.8 |