5.6.3

DATE	CVE	VULNERABILITY TITLE	RISK
2022-01-06	CVE-2022-21663	Deserialization of Untrusted Data vulnerability in multiple products WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. network low complexity wordpress debian fedoraproject CWE-502	7.2
2022-01-06	CVE-2022-21664	SQL Injection vulnerability in multiple products WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. network low complexity wordpress debian fedoraproject CWE-89	8.8
2021-11-25	CVE-2021-44223	Unspecified vulnerability in Wordpress WordPress before 5.8 lacks support for the Update URI plugin header. network low complexity wordpress	7.5
2021-09-09	CVE-2021-39200	Information Exposure vulnerability in multiple products WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. network wordpress debian CWE-200	4.3
2021-09-09	CVE-2021-39201	Cross-site Scripting vulnerability in multiple products WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. network wordpress debian CWE-79	3.5
2021-04-28	CVE-2020-36326	Deserialization of Untrusted Data vulnerability in multiple products PHPMailer 6.1.8 through 6.4.0 allows object injection through Phar Deserialization via addAttachment with a UNC pathname. network low complexity phpmailer-project wordpress CWE-502 critical	9.8
2021-04-15	CVE-2021-29447	XXE vulnerability in multiple products Wordpress is an open source CMS. network low complexity wordpress debian CWE-611	6.5
2018-11-16	CVE-2018-19296	PHPMailer before 5.2.27 and 6.x before 6.0.6 is vulnerable to an object injection attack. network low complexity phpmailer-project debian fedoraproject wordpress	8.8