MidnightBSD

Advisories for wordpress

CVE-2004-1559 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in Wordpress 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) redirect_to, text, popupurl, or popuptitle parameters to wp-login.php, (2) redirect_url parameter to admin-header.php, (3) popuptitle, popupurl, content, or post_title parameters to bookmarklet.php, (4) cat_ID parameter to categories.php, (5) s parameter to edit.php, or (6) s or mode parameter to edit-comments.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
wordpress wordpress 1.2
CVE-2004-1584 MEDIUM

CRLF injection vulnerability in wp-login.php in WordPress 1.2 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the text parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
wordpress wordpress 1.2
CVE-2005-1102 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in template-functions-post.php in WordPress 1.5 and earlier allow remote attackers to execute arbitrary commands via the (1) content or (2) title of the post.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2005-1687 HIGH

SQL injection vulnerability in wp-trackback.php in Wordpress 1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the tb_id parameter.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
wordpress wordpress 1.5
CVE-2005-1688 MEDIUM

Wordpress 1.5 and earlier allows remote attackers to obtain sensitive information via a direct request to files in (1) wp-content/themes/, (2) wp-includes/, or (3) wp-admin/, which reveal the path in an error message.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-425,CWE-425,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2005-1810 HIGH

SQL injection vulnerability in template-functions-category.php in WordPress 1.5.1 allows remote attackers to execute arbitrary SQL commands via the $cat_ID variable, as demonstrated using the cat parameter to index.php.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
wordpress wordpress 1.5.1
CVE-2005-2107 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in post.php in WordPress 1.5.1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) p or (2) comment parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
wordpress wordpress 1.2
wordpress wordpress 1.5.1
wordpress wordpress 1.0.2
wordpress wordpress 1.0
wordpress wordpress 1.5
wordpress wordpress 1.0.1
wordpress wordpress 1.5.1.2
CVE-2005-2108 HIGH

SQL injection vulnerability in XMLRPC server in WordPress 1.5.1.2 and earlier allows remote attackers to execute arbitrary SQL commands via input that is not filtered in the HTTP_RAW_POST_DATA variable, which stores the data in an XML file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
wordpress wordpress 1.2
wordpress wordpress 1.5.1
wordpress wordpress 1.0.2
wordpress wordpress 1.0
wordpress wordpress 1.5
wordpress wordpress 1.0.1
wordpress wordpress 1.5.1.2
CVE-2005-2109 MEDIUM

wp-login.php in WordPress 1.5.1.2 and earlier allows remote attackers to change the content of the forgotten password e-mail message via the message variable, which is not initialized before use.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
wordpress wordpress 1.2
wordpress wordpress 1.5.1
wordpress wordpress 1.0.2
wordpress wordpress 1.0
wordpress wordpress 1.5
wordpress wordpress 1.0.1
wordpress wordpress 1.5.1.2
CVE-2005-2110 MEDIUM

WordPress 1.5.1.2 and earlier allows remote attackers to obtain sensitive information via (1) a direct request to menu-header.php or a "1" value in the feed parameter to (2) wp-atom.php, (3) wp-rss.php, or (4) wp-rss2.php, which reveal the path in an error message. NOTE: vector [1] was later reported to also affect WordPress 2.0.1.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
wordpress wordpress 1.2
wordpress wordpress 1.5.1
wordpress wordpress 1.0.2
wordpress wordpress 1.0
wordpress wordpress 1.5
wordpress wordpress 1.0.1
wordpress wordpress 1.5.1.2
CVE-2005-2612 HIGH

Direct code injection vulnerability in WordPress 1.5.1.3 and earlier allows remote attackers to execute arbitrary PHP code via the cache_lastpostdate[server] cookie.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
wordpress wordpress 1.2
wordpress wordpress 1.5.1.3
wordpress wordpress 1.5.1
wordpress wordpress 1.0.2
wordpress wordpress 1.0
wordpress wordpress 1.5
wordpress wordpress 1.0.1
wordpress wordpress 1.5.1.2
CVE-2005-4463 MEDIUM

WordPress before 1.5.2 allows remote attackers to obtain sensitive information via a direct request to (1) wp-includes/vars.php, (2) wp-content/plugins/hello.php, (3) wp-admin/upgrade-functions.php, (4) wp-admin/edit-form.php, (5) wp-settings.php, and (6) wp-admin/edit-form-comment.php, which leaks the path in an error message related to undefined functions or failed includes. NOTE: the wp-admin/menu-header.php vector is already covered by CVE-2005-2110. NOTE: the vars.php, edit-form.php, wp-settings.php, and edit-form-comment.php vectors were also reported to affect WordPress 2.0.1.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
wordpress wordpress 1.2
wordpress wordpress 1.5.1.3
wordpress wordpress 1.5.1
wordpress wordpress 1.0.2
wordpress wordpress 2.0.1
wordpress wordpress 1.0
wordpress wordpress 1.5
wordpress wordpress 1.0.1
wordpress wordpress 1.5.1.2
CVE-2006-0733 LOW

Cross-site scripting (XSS) vulnerability in WordPress 2.0.0 allows remote attackers to inject arbitrary web script or HTML via scriptable attributes such as (1) onfocus and (2) onblur in the "author's website" field. NOTE: followup comments to the researcher's web log suggest that this issue is only exploitable by the same user who injects the XSS, so this might not be a vulnerability

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
wordpress wordpress 2.0
CVE-2006-0985 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in the "post comment" functionality of WordPress 2.0.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) website, and (3) comment parameters.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
wordpress wordpress 1.2
wordpress wordpress 1.5.1.3
wordpress wordpress 1.5.1
wordpress wordpress 2.0
wordpress wordpress 1.0.2
wordpress wordpress 2.0.1
wordpress wordpress 1.0
wordpress wordpress 1.5
wordpress wordpress 1.0.1
wordpress wordpress 1.5.1.2
CVE-2006-0986 MEDIUM

WordPress 2.0.1 and earlier allows remote attackers to obtain sensitive information via a direct request to (1) default-filters.php, (2) template-loader.php, (3) rss-functions.php, (4) locale.php, (5) wp-db.php, and (6) kses.php in the wp-includes/ directory; and (7) edit-form-advanced.php, (8) admin-functions.php, (9) edit-link-form.php, (10) edit-page-form.php, (11) admin-footer.php, and (12) menu.php in the wp-admin directory; and possibly (13) list directory contents of the wp-includes directory. NOTE: the vars.php, edit-form.php, wp-settings.php, and edit-form-comment.php vectors are already covered by CVE-2005-4463. The menu-header.php vector is already covered by CVE-2005-2110. Other vectors might be covered by CVE-2005-1688. NOTE: if the typical installation of WordPress does not list any site-specific files to wp-includes, then vector [13] is not an exposure.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
wordpress wordpress 1.2
wordpress wordpress 1.5.1.3
wordpress wordpress 1.5.1
wordpress wordpress 2.0
wordpress wordpress 1.0.2
wordpress wordpress 2.0.1
wordpress wordpress 1.0
wordpress wordpress 1.5
wordpress wordpress 1.0.1
wordpress wordpress 1.5.1.2
CVE-2006-1012 HIGH

SQL injection vulnerability in WordPress 1.5.2, and possibly other versions before 2.0, allows remote attackers to execute arbitrary SQL commands via the User-Agent field in an HTTP header for a comment.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
wordpress wordpress 1.5.2
CVE-2006-1263 MEDIUM

Multiple "unannounced" cross-site scripting (XSS) vulnerabilities in WordPress before 2.0.2 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
wordpress wordpress 1.2
wordpress wordpress 1.5.1.3
wordpress wordpress 0.7
wordpress wordpress 1.5.2
wordpress wordpress 0.6.2
wordpress wordpress 1.5
wordpress wordpress 1.5.1.2
wordpress wordpress 0.71
wordpress wordpress 1.5.1
wordpress wordpress 2.0
wordpress wordpress 1.2.2
wordpress wordpress 2.0.1
wordpress wordpress 0.6.2.1
wordpress wordpress 1.2.1
CVE-2006-1796 MEDIUM

Cross-site scripting (XSS) vulnerability in the paging links functionality in template-functions-links.php in Wordpress 1.5.2, and possibly other versions before 2.0.1, allows remote attackers to inject arbitrary web script or HTML to Internet Explorer users via the request URI ($_SERVER['REQUEST_URI']).

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
wordpress wordpress 1.2
wordpress wordpress 1.5.1.3
wordpress wordpress 0.7
wordpress wordpress 1.5.2
wordpress wordpress 0.6.2
wordpress wordpress 1.5
wordpress wordpress 1.5.1.2
wordpress wordpress 0.71
wordpress wordpress 1.5.1
wordpress wordpress 2.0
wordpress wordpress 1.0.2
wordpress wordpress 1.2.2
wordpress wordpress 1.0
wordpress wordpress 0.6.2.1
wordpress wordpress 1.2.1
wordpress wordpress *
wordpress wordpress 1.0.1
CVE-2006-2667 HIGH

Direct static code injection vulnerability in WordPress 2.0.2 and earlier allows remote attackers to execute arbitrary commands by inserting a carriage return and PHP code when updating a profile, which is appended after a special comment sequence into files in (1) wp-content/cache/userlogins/ (2) wp-content/cache/users/ which are later included by cache.php, as demonstrated using the displayname argument.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2006-2702 MEDIUM

vars.php in WordPress 2.0.2, possibly when running on Mac OS X, allows remote attackers to spoof their IP address via a PC_REMOTE_ADDR HTTP header, which vars.php uses to redefine $_SERVER['REMOTE_ADDR'].

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
wordpress wordpress 2.0.2
CVE-2006-3389 MEDIUM

index.php in WordPress 2.0.3 allows remote attackers to obtain sensitive information, such as SQL table prefixes, via an invalid paged parameter, which displays the information in an SQL error message. NOTE: this issue has been disputed by a third party who states that the issue does not leak any target-specific information.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
wordpress wordpress 2.0.3
CVE-2006-3390 MEDIUM

WordPress 2.0.3 allows remote attackers to obtain the installation path via a direct request to various files, such as those in the (1) wp-admin, (2) wp-content, and (3) wp-includes directories, possibly due to uninitialized variables.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
wordpress wordpress 2.0.3
CVE-2007-1622 MEDIUM

Cross-site scripting (XSS) vulnerability in wp-admin/vars.php in WordPress before 2.0.10 RC2, and before 2.1.3 RC2 in the 2.1 series, allows remote authenticated users with theme privileges to inject arbitrary web script or HTML via the PATH_INFO in the administration interface, related to loose regular expression processing of PHP_SELF.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
wordpress wordpress 2.0.3
wordpress wordpress 2.0.4
wordpress wordpress 2.1
wordpress wordpress 2.0.6
wordpress wordpress 2.0.7
wordpress wordpress 2.0.10
wordpress wordpress 2.1.1
wordpress wordpress 2.1.2
wordpress wordpress 2.0.10_rc1
wordpress wordpress 2.0
wordpress wordpress 2.0.1
wordpress wordpress 2.0.5
wordpress wordpress 2.1.3_rc1
wordpress wordpress 2.0.2
CVE-2007-1732 LOW

Cross-site scripting (XSS) vulnerability in an mt import in wp-admin/admin.php in WordPress 2.1.2 allows remote authenticated administrators to inject arbitrary web script or HTML via the demo parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: another researcher disputes this issue, stating that this is legitimate functionality for administrators. However, it has been patched by at least one vendor

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress 2.1.2
CVE-2007-6013 MEDIUM

Wordpress 1.5 through 2.3.1 uses cookie values based on the MD5 hash of a password MD5 hash, which allows attackers to bypass authentication by obtaining the MD5 hash from the user database, then generating the authentication cookie from that hash.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-327,

Products Affected

Vendor Product Version
fedoraproject fedora 7
wordpress wordpress *
fedoraproject fedora 8
CVE-2010-0682 MEDIUM

WordPress 2.9 before 2.9.2 allows remote authenticated users to read trash posts from other authors via a direct request with a modified p parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
wordpress wordpress 2.9.1
wordpress wordpress 2.9
CVE-2010-4257 MEDIUM

SQL injection vulnerability in the do_trackbacks function in wp-includes/comment.php in WordPress before 3.0.2 allows remote authenticated users to execute arbitrary SQL commands via the Send Trackbacks field.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-89,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2010-4536 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in KSES, as used in WordPress before 3.0.4, allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) the & (ampersand) character, (2) the case of an attribute name, (3) a padded entity, and (4) an entity that is not in normalized form.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2011-0700 LOW

Multiple cross-site scripting (XSS) vulnerabilities in WordPress before 3.0.5 allow remote authenticated users to inject arbitrary web script or HTML via vectors related to (1) the Quick/Bulk Edit title (aka post title or post_title), (2) post_status, (3) comment_status, (4) ping_status, and (5) escaping of tags within the tags meta box.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2011-0701 MEDIUM

wp-admin/async-upload.php in the media uploader in WordPress before 3.0.5 allows remote authenticated users to read (1) draft posts or (2) private posts via a modified attachment_id parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2011-3122 HIGH

Unspecified vulnerability in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Media security."

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
wordpress wordpress 3.1
wordpress wordpress 3.1.1
wordpress wordpress 3.1.2
wordpress wordpress 3.2
CVE-2011-3125 HIGH

Unspecified vulnerability in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Various security hardening."

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
wordpress wordpress 3.1
wordpress wordpress 3.1.1
wordpress wordpress 3.1.2
wordpress wordpress 3.2
CVE-2011-3126 MEDIUM

WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 allows remote attackers to determine usernames of non-authors via canonical redirects.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
wordpress wordpress 3.1
wordpress wordpress 3.1.1
wordpress wordpress 3.1.2
wordpress wordpress 3.2
CVE-2011-3127 MEDIUM

WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 does not prevent rendering for (1) admin or (2) login pages inside a frame in a third-party HTML document, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
wordpress wordpress 3.1
wordpress wordpress 3.1.1
wordpress wordpress 3.1.2
wordpress wordpress 3.2
CVE-2011-3128 MEDIUM

WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 treats unattached attachments as published, which might allow remote attackers to obtain sensitive data via vectors related to wp-includes/post.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
wordpress wordpress 3.1
wordpress wordpress 3.1.1
wordpress wordpress 3.1.2
wordpress wordpress 3.2
CVE-2011-3129 HIGH

The file upload functionality in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2, when running "on hosts with dangerous security settings," has unknown impact and attack vectors, possibly related to dangerous filenames.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
wordpress wordpress 3.1
wordpress wordpress 3.1.1
wordpress wordpress 3.1.2
wordpress wordpress 3.2
CVE-2011-3130 HIGH

wp-includes/taxonomy.php in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Taxonomy query hardening," possibly involving SQL injection.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
wordpress wordpress 3.1
wordpress wordpress 3.1.1
wordpress wordpress 3.1.2
wordpress wordpress 3.2
CVE-2011-3818 MEDIUM

WordPress 2.9.2 and 3.0.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by wp-admin/includes/user.php and certain other files.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
wordpress wordpress 3.0.4
wordpress wordpress 2.9.2
CVE-2011-4669 HIGH

SQL injection vulnerability in wp-users.php in WordPress Users plugin 1.3 and possibly earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the uid parameter to index.php.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
wordpress wordpress-users 1.1
wordpress wordpress-users 1.2
wordpress wordpress-users *
wordpress wordpress-users 0.9
wordpress wordpress-users 0.2
wordpress wordpress-users 1.0
CVE-2011-4898 MEDIUM

wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier generates different error messages for requests lacking a dbname parameter depending on whether the MySQL credentials are valid, which makes it easier for remote attackers to conduct brute-force attacks via a series of requests with different uname and pwd parameters. NOTE: the vendor disputes the significance of this issue; also, it is unclear whether providing intentionally vague error messages during installation would be reasonable from a usability perspective

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
wordpress wordpress 1.5.1.3
wordpress wordpress 2.3.3
wordpress wordpress 1.5
wordpress wordpress 2.0.10
wordpress wordpress 3.1.2
wordpress wordpress 1.2.2
wordpress wordpress 1.0
wordpress wordpress 2.5
wordpress wordpress 2.8.2
wordpress wordpress 3.0.6
wordpress wordpress 0.72
wordpress wordpress 2.1.3
wordpress wordpress 2.0.4
wordpress wordpress 1.2
wordpress wordpress 2.8.4
wordpress wordpress 2.6.2
wordpress wordpress 2.1.1
wordpress wordpress 2.3.1
wordpress wordpress 3.0.1
wordpress wordpress 1.5.1
wordpress wordpress 3.1
wordpress wordpress 2.0
wordpress wordpress 2.6.5
wordpress wordpress 2.2
wordpress wordpress 3.1.4
wordpress wordpress 2.7
wordpress wordpress 2.0.8
wordpress wordpress 2.2.3
wordpress wordpress 2.6.1
wordpress wordpress 2.0.3
wordpress wordpress 2.2.2
wordpress wordpress 2.3
wordpress wordpress 2.8
wordpress wordpress 2.8.3
wordpress wordpress 2.8.6
wordpress wordpress 0.7
wordpress wordpress 2.9.1
wordpress wordpress 2.9
wordpress wordpress 3.1.3
wordpress wordpress 2.5.1
wordpress wordpress 2.8.1
wordpress wordpress 2.7.1
wordpress wordpress 3.0.3
wordpress wordpress 1.5.1.2
wordpress wordpress 3.0
wordpress wordpress 2.0.11
wordpress wordpress 3.1.1
wordpress wordpress 2.3.2
wordpress wordpress 2.6.3
wordpress wordpress 2.9.2
wordpress wordpress 3.0.5
wordpress wordpress 2.1
wordpress wordpress 0.711
wordpress wordpress 2.0.9
wordpress wordpress 1.5.2
wordpress wordpress 2.0.6
wordpress wordpress 2.0.7
wordpress wordpress 3.0.4
wordpress wordpress 3.2.1
wordpress wordpress 2.1.2
wordpress wordpress 2.8.5
wordpress wordpress 0.71
wordpress wordpress 1.0.2
wordpress wordpress 2.2.1
wordpress wordpress 3.0.2
wordpress wordpress 2.0.1
wordpress wordpress 2.0.5
wordpress wordpress 3.3
wordpress wordpress 1.2.1
wordpress wordpress 2.0.2
wordpress wordpress *
wordpress wordpress 1.0.1
wordpress wordpress 2.6
CVE-2011-4899 HIGH

wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not ensure that the specified MySQL database service is appropriate, which allows remote attackers to configure an arbitrary database via the dbhost and dbname parameters, and subsequently conduct static code injection and cross-site scripting (XSS) attacks via (1) an HTTP request or (2) a MySQL query. NOTE: the vendor disputes the significance of this issue; however, remote code execution makes the issue important in many realistic environments

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
wordpress wordpress 1.5.1.3
wordpress wordpress 2.3.3
wordpress wordpress 1.5
wordpress wordpress 2.0.10
wordpress wordpress 3.1.2
wordpress wordpress 1.2.2
wordpress wordpress 1.0
wordpress wordpress 2.5
wordpress wordpress 2.8.2
wordpress wordpress 3.0.6
wordpress wordpress 0.72
wordpress wordpress 2.1.3
wordpress wordpress 2.0.4
wordpress wordpress 1.2
wordpress wordpress 2.8.4
wordpress wordpress 2.6.2
wordpress wordpress 2.1.1
wordpress wordpress 2.3.1
wordpress wordpress 3.0.1
wordpress wordpress 1.5.1
wordpress wordpress 3.1
wordpress wordpress 2.0
wordpress wordpress 2.6.5
wordpress wordpress 2.2
wordpress wordpress 3.1.4
wordpress wordpress 2.7
wordpress wordpress 2.0.8
wordpress wordpress 2.2.3
wordpress wordpress 2.6.1
wordpress wordpress 2.0.3
wordpress wordpress 2.2.2
wordpress wordpress 2.3
wordpress wordpress 2.8
wordpress wordpress 2.8.3
wordpress wordpress 2.8.6
wordpress wordpress 0.7
wordpress wordpress 2.9.1
wordpress wordpress 2.9
wordpress wordpress 3.1.3
wordpress wordpress 2.5.1
wordpress wordpress 2.8.1
wordpress wordpress 2.7.1
wordpress wordpress 3.0.3
wordpress wordpress 1.5.1.2
wordpress wordpress 3.0
wordpress wordpress 2.0.11
wordpress wordpress 3.1.1
wordpress wordpress 2.3.2
wordpress wordpress 2.6.3
wordpress wordpress 2.9.2
wordpress wordpress 3.0.5
wordpress wordpress 2.1
wordpress wordpress 0.711
wordpress wordpress 2.0.9
wordpress wordpress 1.5.2
wordpress wordpress 2.0.6
wordpress wordpress 2.0.7
wordpress wordpress 3.0.4
wordpress wordpress 3.2.1
wordpress wordpress 2.1.2
wordpress wordpress 2.8.5
wordpress wordpress 0.71
wordpress wordpress 1.0.2
wordpress wordpress 2.2.1
wordpress wordpress 3.0.2
wordpress wordpress 2.0.1
wordpress wordpress 2.0.5
wordpress wordpress 3.3
wordpress wordpress 1.2.1
wordpress wordpress 2.0.2
wordpress wordpress *
wordpress wordpress 1.0.1
wordpress wordpress 2.6
CVE-2011-4956 MEDIUM

Cross-site scripting (XSS) vulnerability in WordPress before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress 1.5.1.3
wordpress wordpress 2.3.3
wordpress wordpress 1.2.3
wordpress wordpress 1.5
wordpress wordpress 2.0.10
wordpress wordpress 1.2.4
wordpress wordpress 1.2.2
wordpress wordpress 1.0
wordpress wordpress 2.5
wordpress wordpress 1.2.5
wordpress wordpress 2.8.2
wordpress wordpress 3.0.6
wordpress wordpress 2.1.3
wordpress wordpress 2.0.4
wordpress wordpress 1.2
wordpress wordpress 2.8.4
wordpress wordpress 2.6.2
wordpress wordpress 1.1.1
wordpress wordpress 2.1.1
wordpress wordpress 2.8.5.1
wordpress wordpress 2.3.1
wordpress wordpress 3.0.1
wordpress wordpress 1.5.1
wordpress wordpress 2.0
wordpress wordpress 2.6.5
wordpress wordpress 2.2
wordpress wordpress 2.7
wordpress wordpress 2.0.8
wordpress wordpress 2.2.3
wordpress wordpress 2.6.1
wordpress wordpress 2.2.2
wordpress wordpress 2.3
wordpress wordpress 2.8
wordpress wordpress 2.8.3
wordpress wordpress 2.8.6
wordpress wordpress 2.9.1
wordpress wordpress 2.9
wordpress wordpress 2.5.1
wordpress wordpress 2.9.1.1
wordpress wordpress 2.8.1
wordpress wordpress 2.7.1
wordpress wordpress 3.0.3
wordpress wordpress 1.5.1.2
wordpress wordpress 3.0
wordpress wordpress 2.0.11
wordpress wordpress 1.5.1.1
wordpress wordpress 2.3.2
wordpress wordpress 1.3
wordpress wordpress 2.8.5.2
wordpress wordpress 2.6.3
wordpress wordpress 2.9.2
wordpress wordpress 3.0.5
wordpress wordpress 1.3.3
wordpress wordpress 2.1
wordpress wordpress 2.0.9
wordpress wordpress 1.5.2
wordpress wordpress 2.0.6
wordpress wordpress 2.0.7
wordpress wordpress 3.0.4
wordpress wordpress 2.1.2
wordpress wordpress 2.8.5
wordpress wordpress 0.71
wordpress wordpress 1.0.2
wordpress wordpress 2.2.1
wordpress wordpress 3.0.2
wordpress wordpress 2.0.1
wordpress wordpress 1.3.2
wordpress wordpress 2.0.5
wordpress wordpress 1.2.1
wordpress wordpress 2.0.2
wordpress wordpress *
wordpress wordpress 1.0.1
wordpress wordpress 2.6
CVE-2011-4957 MEDIUM

The make_clickable function in wp-includes/formatting.php in WordPress before 3.1.1 does not properly check URLs before passing them to the PCRE library, which allows remote attackers to cause a denial of service (crash) via a comment with a crafted URL that triggers many recursive calls.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
wordpress wordpress 1.5.1.3
wordpress wordpress 2.3.3
wordpress wordpress 1.2.3
wordpress wordpress 1.5
wordpress wordpress 2.0.10
wordpress wordpress 1.2.4
wordpress wordpress 1.2.2
wordpress wordpress 1.0
wordpress wordpress 2.5
wordpress wordpress 1.2.5
wordpress wordpress 2.8.2
wordpress wordpress 3.0.6
wordpress wordpress 2.1.3
wordpress wordpress 2.0.4
wordpress wordpress 1.2
wordpress wordpress 2.8.4
wordpress wordpress 2.6.2
wordpress wordpress 1.1.1
wordpress wordpress 2.1.1
wordpress wordpress 2.8.5.1
wordpress wordpress 2.3.1
wordpress wordpress 3.0.1
wordpress wordpress 1.5.1
wordpress wordpress 2.0
wordpress wordpress 2.6.5
wordpress wordpress 2.2
wordpress wordpress 2.7
wordpress wordpress 2.0.8
wordpress wordpress 2.2.3
wordpress wordpress 2.6.1
wordpress wordpress 2.2.2
wordpress wordpress 2.3
wordpress wordpress 2.8
wordpress wordpress 2.8.3
wordpress wordpress 2.8.6
wordpress wordpress 2.9.1
wordpress wordpress 2.9
wordpress wordpress 2.5.1
wordpress wordpress 2.9.1.1
wordpress wordpress 2.8.1
wordpress wordpress 2.7.1
wordpress wordpress 3.0.3
wordpress wordpress 1.5.1.2
wordpress wordpress 3.0
wordpress wordpress 2.0.11
wordpress wordpress 1.5.1.1
wordpress wordpress 2.3.2
wordpress wordpress 1.3
wordpress wordpress 2.8.5.2
wordpress wordpress 2.6.3
wordpress wordpress 2.9.2
wordpress wordpress 3.0.5
wordpress wordpress 1.3.3
wordpress wordpress 2.1
wordpress wordpress 2.0.9
wordpress wordpress 1.5.2
wordpress wordpress 2.0.6
wordpress wordpress 2.0.7
wordpress wordpress 3.0.4
wordpress wordpress 2.1.2
wordpress wordpress 2.8.5
wordpress wordpress 0.71
wordpress wordpress 1.0.2
wordpress wordpress 2.2.1
wordpress wordpress 3.0.2
wordpress wordpress 2.0.1
wordpress wordpress 1.3.2
wordpress wordpress 2.0.5
wordpress wordpress 1.2.1
wordpress wordpress 2.0.2
wordpress wordpress *
wordpress wordpress 1.0.1
wordpress wordpress 2.6
CVE-2011-5182 MEDIUM

Cross-site scripting (XSS) vulnerability in lanoba-social-plugin/index.php in the Lanoba Social plugin 1.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via the action parameter. NOTE: the vendor disputes this issue, stating "Lanoba's plug in does sanitize user input, and because that input is never sent to the browser, an attacker has no way of executing script or code on a user's behalf.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress lanoba_social_plugin 1.0
CVE-2012-0287 LOW

Cross-site scripting (XSS) vulnerability in wp-comments-post.php in WordPress 3.3.x before 3.3.1, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via the query string in a POST operation that is not properly handled by the "Duplicate comment detected" feature.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress 3.3
CVE-2012-0782 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) dbhost, (2) dbname, or (3) uname parameter. NOTE: the vendor disputes the significance of this issue; also, it is unclear whether this specific XSS scenario has security relevance

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress 1.5.1.3
wordpress wordpress 2.3.3
wordpress wordpress 1.5
wordpress wordpress 2.0.10
wordpress wordpress 3.1.2
wordpress wordpress 1.2.2
wordpress wordpress 1.0
wordpress wordpress 2.5
wordpress wordpress 2.8.2
wordpress wordpress 3.0.6
wordpress wordpress 0.72
wordpress wordpress 2.1.3
wordpress wordpress 2.0.4
wordpress wordpress 1.2
wordpress wordpress 2.8.4
wordpress wordpress 2.6.2
wordpress wordpress 2.1.1
wordpress wordpress 2.3.1
wordpress wordpress 3.0.1
wordpress wordpress 1.5.1
wordpress wordpress 3.1
wordpress wordpress 2.0
wordpress wordpress 2.6.5
wordpress wordpress 2.2
wordpress wordpress 3.1.4
wordpress wordpress 2.7
wordpress wordpress 2.0.8
wordpress wordpress 2.2.3
wordpress wordpress 2.6.1
wordpress wordpress 2.0.3
wordpress wordpress 2.2.2
wordpress wordpress 2.3
wordpress wordpress 2.8
wordpress wordpress 2.8.3
wordpress wordpress 2.8.6
wordpress wordpress 0.7
wordpress wordpress 2.9.1
wordpress wordpress 2.9
wordpress wordpress 3.1.3
wordpress wordpress 2.5.1
wordpress wordpress 2.8.1
wordpress wordpress 2.7.1
wordpress wordpress 3.0.3
wordpress wordpress 1.5.1.2
wordpress wordpress 3.0
wordpress wordpress 2.0.11
wordpress wordpress 3.1.1
wordpress wordpress 2.3.2
wordpress wordpress 2.6.3
wordpress wordpress 2.9.2
wordpress wordpress 3.0.5
wordpress wordpress 2.1
wordpress wordpress 0.711
wordpress wordpress 2.0.9
wordpress wordpress 1.5.2
wordpress wordpress 2.0.6
wordpress wordpress 2.0.7
wordpress wordpress 3.0.4
wordpress wordpress 3.2.1
wordpress wordpress 2.1.2
wordpress wordpress 2.8.5
wordpress wordpress 0.71
wordpress wordpress 1.0.2
wordpress wordpress 2.2.1
wordpress wordpress 3.0.2
wordpress wordpress 2.0.1
wordpress wordpress 2.0.5
wordpress wordpress 3.3
wordpress wordpress 1.2.1
wordpress wordpress 2.0.2
wordpress wordpress *
wordpress wordpress 1.0.1
wordpress wordpress 2.6
CVE-2012-0937 MEDIUM

wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not limit the number of MySQL queries sent to external MySQL database servers, which allows remote attackers to use WordPress as a proxy for brute-force attacks or denial of service attacks via the dbhost parameter, a different vulnerability than CVE-2011-4898. NOTE: the vendor disputes the significance of this issue because an incomplete WordPress installation might be present on the network for only a short time

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
wordpress wordpress 1.5.1.3
wordpress wordpress 2.3.3
wordpress wordpress 1.5
wordpress wordpress 2.0.10
wordpress wordpress 3.1.2
wordpress wordpress 1.2.2
wordpress wordpress 1.0
wordpress wordpress 2.5
wordpress wordpress 2.8.2
wordpress wordpress 3.0.6
wordpress wordpress 0.72
wordpress wordpress 2.1.3
wordpress wordpress 2.0.4
wordpress wordpress 1.2
wordpress wordpress 2.8.4
wordpress wordpress 2.6.2
wordpress wordpress 2.1.1
wordpress wordpress 2.3.1
wordpress wordpress 3.0.1
wordpress wordpress 1.5.1
wordpress wordpress 3.1
wordpress wordpress 2.0
wordpress wordpress 2.6.5
wordpress wordpress 2.2
wordpress wordpress 3.1.4
wordpress wordpress 2.7
wordpress wordpress 2.0.8
wordpress wordpress 2.2.3
wordpress wordpress 2.6.1
wordpress wordpress 2.0.3
wordpress wordpress 2.2.2
wordpress wordpress 2.3
wordpress wordpress 2.8
wordpress wordpress 2.8.3
wordpress wordpress 2.8.6
wordpress wordpress 0.7
wordpress wordpress 2.9.1
wordpress wordpress 2.9
wordpress wordpress 3.1.3
wordpress wordpress 2.5.1
wordpress wordpress 2.8.1
wordpress wordpress 2.7.1
wordpress wordpress 3.0.3
wordpress wordpress 1.5.1.2
wordpress wordpress 3.0
wordpress wordpress 2.0.11
wordpress wordpress 3.1.1
wordpress wordpress 2.3.2
wordpress wordpress 2.6.3
wordpress wordpress 2.9.2
wordpress wordpress 3.0.5
wordpress wordpress 2.1
wordpress wordpress 0.711
wordpress wordpress 2.0.9
wordpress wordpress 1.5.2
wordpress wordpress 2.0.6
wordpress wordpress 2.0.7
wordpress wordpress 3.0.4
wordpress wordpress 3.2.1
wordpress wordpress 2.1.2
wordpress wordpress 2.8.5
wordpress wordpress 0.71
wordpress wordpress 1.0.2
wordpress wordpress 2.2.1
wordpress wordpress 3.0.2
wordpress wordpress 2.0.1
wordpress wordpress 2.0.5
wordpress wordpress 3.3
wordpress wordpress 1.2.1
wordpress wordpress 2.0.2
wordpress wordpress *
wordpress wordpress 1.0.1
wordpress wordpress 2.6
CVE-2012-1936 MEDIUM

The wp_create_nonce function in wp-includes/pluggable.php in WordPress 3.3.1 and earlier associates a nonce with a user account instead of a user session, which might make it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks on specific actions and objects by sniffing the network, as demonstrated by attacks against the wp-admin/admin-ajax.php and wp-admin/user-new.php scripts. NOTE: the vendor reportedly disputes the significance of this issue because wp_create_nonce operates as intended, even if it is arguably inconsistent with certain CSRF protection details advocated by external organizations

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
wordpress wordpress 1.5.1.3
wordpress wordpress 2.3.3
wordpress wordpress 1.2.3
wordpress wordpress 1.5
wordpress wordpress 2.0.10
wordpress wordpress 3.1.2
wordpress wordpress 1.2.4
wordpress wordpress 1.2.2
wordpress wordpress 1.0
wordpress wordpress 2.5
wordpress wordpress 1.2.5
wordpress wordpress 2.8.2
wordpress wordpress 3.0.6
wordpress wordpress 2.1.3
wordpress wordpress 2.0.4
wordpress wordpress 1.2
wordpress wordpress 2.8.4
wordpress wordpress 2.6.2
wordpress wordpress 1.1.1
wordpress wordpress 2.1.1
wordpress wordpress 2.8.5.1
wordpress wordpress 2.3.1
wordpress wordpress 3.0.1
wordpress wordpress 1.5.1
wordpress wordpress 3.1
wordpress wordpress 2.0
wordpress wordpress 2.6.5
wordpress wordpress 3.2
wordpress wordpress 2.2
wordpress wordpress 3.1.4
wordpress wordpress 2.7
wordpress wordpress 2.0.8
wordpress wordpress 2.2.3
wordpress wordpress 2.6.1
wordpress wordpress 2.2.2
wordpress wordpress 2.3
wordpress wordpress 2.8
wordpress wordpress 2.8.3
wordpress wordpress 2.8.6
wordpress wordpress 2.9.1
wordpress wordpress 2.9
wordpress wordpress 3.1.3
wordpress wordpress 2.5.1
wordpress wordpress 2.9.1.1
wordpress wordpress 2.8.1
wordpress wordpress 2.7.1
wordpress wordpress 3.0.3
wordpress wordpress 1.5.1.2
wordpress wordpress 3.0
wordpress wordpress 2.0.11
wordpress wordpress 3.1.1
wordpress wordpress 1.5.1.1
wordpress wordpress 2.3.2
wordpress wordpress 1.3
wordpress wordpress 2.8.5.2
wordpress wordpress 2.6.3
wordpress wordpress 2.9.2
wordpress wordpress 3.0.5
wordpress wordpress 1.3.3
wordpress wordpress 2.1
wordpress wordpress 2.0.9
wordpress wordpress 1.5.2
wordpress wordpress 2.0.6
wordpress wordpress 2.0.7
wordpress wordpress 3.0.4
wordpress wordpress 3.2.1
wordpress wordpress 2.1.2
wordpress wordpress 2.8.5
wordpress wordpress 1.0.2
wordpress wordpress 2.2.1
wordpress wordpress 3.0.2
wordpress wordpress 2.0.1
wordpress wordpress 1.3.2
wordpress wordpress 2.0.5
wordpress wordpress 3.3
wordpress wordpress 1.2.1
wordpress wordpress 2.0.2
wordpress wordpress *
wordpress wordpress 1.0.1
wordpress wordpress 2.6
CVE-2012-2399 HIGH

Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFupload 2.2.0.1 and earlier, as used in WordPress before 3.5.2, TinyMCE Image Manager 1.1 and earlier, and other products allows remote attackers to inject arbitrary web script or HTML via the buttonText parameter, a different vulnerability than CVE-2012-3414.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
wordpress wordpress 1.5.1.3
wordpress wordpress 2.3.3
wordpress wordpress 1.2.3
wordpress wordpress 1.5
wordpress wordpress 2.0.10
wordpress wordpress 3.1.2
wordpress wordpress 1.2.4
wordpress wordpress 1.2.2
wordpress wordpress 1.0
wordpress wordpress 2.5
wordpress wordpress 1.2.5
wordpress wordpress 2.8.2
wordpress wordpress 3.0.6
wordpress wordpress 2.1.3
wordpress wordpress 2.0.4
wordpress wordpress 1.2
wordpress wordpress 2.8.4
wordpress wordpress 2.6.2
wordpress wordpress 1.1.1
wordpress wordpress 2.1.1
wordpress wordpress 2.8.5.1
wordpress wordpress 2.3.1
wordpress wordpress 3.0.1
wordpress wordpress 1.5.1
wordpress wordpress 3.1
wordpress wordpress 2.0
wordpress wordpress 2.6.5
wordpress wordpress 2.2
wordpress wordpress 2.7
wordpress wordpress 2.0.8
wordpress wordpress 2.2.3
wordpress wordpress 2.6.1
wordpress wordpress 2.2.2
wordpress wordpress 2.3
wordpress wordpress 2.8
wordpress wordpress 2.8.3
wordpress wordpress 2.8.6
wordpress wordpress 2.9.1
wordpress wordpress 2.9
wordpress wordpress 3.1.3
wordpress wordpress 2.5.1
wordpress wordpress 2.9.1.1
wordpress wordpress 2.8.1
wordpress wordpress 2.7.1
wordpress wordpress 3.0.3
wordpress wordpress 1.5.1.2
wordpress wordpress 3.0
wordpress wordpress 2.0.11
wordpress wordpress 3.1.1
wordpress wordpress 1.5.1.1
wordpress wordpress 2.3.2
wordpress wordpress 1.3
wordpress wordpress 2.8.5.2
wordpress wordpress 2.6.3
wordpress wordpress 2.9.2
wordpress wordpress 3.0.5
wordpress wordpress 1.3.3
wordpress wordpress 2.1
wordpress wordpress 2.0.9
wordpress wordpress 1.5.2
wordpress wordpress 2.0.6
wordpress wordpress 2.0.7
wordpress wordpress 3.0.4
wordpress wordpress 2.1.2
wordpress wordpress 2.8.5
wordpress wordpress 0.71
wordpress wordpress 1.0.2
wordpress wordpress 2.2.1
wordpress wordpress 3.0.2
wordpress wordpress 2.0.1
wordpress wordpress 1.3.2
wordpress wordpress 2.0.5
wordpress wordpress 3.3
wordpress wordpress 1.2.1
wordpress wordpress 2.0.2
wordpress wordpress *
wordpress wordpress 1.0.1
wordpress wordpress 2.6
CVE-2012-2400 HIGH

Unspecified vulnerability in wp-includes/js/swfobject.js in WordPress before 3.3.2 has unknown impact and attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
wordpress wordpress 1.5.1.3
wordpress wordpress 2.3.3
wordpress wordpress 1.2.3
wordpress wordpress 1.5
wordpress wordpress 2.0.10
wordpress wordpress 3.1.2
wordpress wordpress 1.2.4
wordpress wordpress 1.2.2
wordpress wordpress 1.0
wordpress wordpress 2.5
wordpress wordpress 1.2.5
wordpress wordpress 2.8.2
wordpress wordpress 3.0.6
wordpress wordpress 2.1.3
wordpress wordpress 2.0.4
wordpress wordpress 1.2
wordpress wordpress 2.8.4
wordpress wordpress 2.6.2
wordpress wordpress 1.1.1
wordpress wordpress 2.1.1
wordpress wordpress 2.8.5.1
wordpress wordpress 2.3.1
wordpress wordpress 3.0.1
wordpress wordpress 1.5.1
wordpress wordpress 3.1
wordpress wordpress 2.0
wordpress wordpress 2.6.5
wordpress wordpress 2.2
wordpress wordpress 2.7
wordpress wordpress 2.0.8
wordpress wordpress 2.2.3
wordpress wordpress 2.6.1
wordpress wordpress 2.2.2
wordpress wordpress 2.3
wordpress wordpress 2.8
wordpress wordpress 2.8.3
wordpress wordpress 2.8.6
wordpress wordpress 2.9.1
wordpress wordpress 2.9
wordpress wordpress 3.1.3
wordpress wordpress 2.5.1
wordpress wordpress 2.9.1.1
wordpress wordpress 2.8.1
wordpress wordpress 2.7.1
wordpress wordpress 3.0.3
wordpress wordpress 1.5.1.2
wordpress wordpress 3.0
wordpress wordpress 2.0.11
wordpress wordpress 3.1.1
wordpress wordpress 1.5.1.1
wordpress wordpress 2.3.2
wordpress wordpress 1.3
wordpress wordpress 2.8.5.2
wordpress wordpress 2.6.3
wordpress wordpress 2.9.2
wordpress wordpress 3.0.5
wordpress wordpress 1.3.3
wordpress wordpress 2.1
wordpress wordpress 2.0.9
wordpress wordpress 1.5.2
wordpress wordpress 2.0.6
wordpress wordpress 2.0.7
wordpress wordpress 3.0.4
wordpress wordpress 2.1.2
wordpress wordpress 2.8.5
wordpress wordpress 0.71
wordpress wordpress 1.0.2
wordpress wordpress 2.2.1
wordpress wordpress 3.0.2
wordpress wordpress 2.0.1
wordpress wordpress 1.3.2
wordpress wordpress 2.0.5
wordpress wordpress 3.3
wordpress wordpress 1.2.1
wordpress wordpress 2.0.2
wordpress wordpress *
wordpress wordpress 1.0.1
wordpress wordpress 2.6
CVE-2012-2401 MEDIUM

Plupload before 1.5.4, as used in wp-includes/js/plupload/ in WordPress before 3.3.2 and other products, enables scripting regardless of the domain from which the SWF content was loaded, which allows remote attackers to bypass the Same Origin Policy via crafted content.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
wordpress wordpress 1.5.1.3
wordpress wordpress 2.3.3
moxiecode plupload 1.5.1
wordpress wordpress 1.2.3
wordpress wordpress 1.5
wordpress wordpress 2.0.10
wordpress wordpress 3.1.2
wordpress wordpress 1.2.4
wordpress wordpress 1.2.2
wordpress wordpress 1.0
wordpress wordpress 2.5
wordpress wordpress 1.2.5
wordpress wordpress 2.8.2
wordpress wordpress 3.0.6
wordpress wordpress 2.1.3
wordpress wordpress 2.0.4
wordpress wordpress 1.2
wordpress wordpress 2.8.4
moxiecode plupload 1.4.3
wordpress wordpress 2.6.2
wordpress wordpress 1.1.1
wordpress wordpress 2.1.1
wordpress wordpress 2.8.5.1
wordpress wordpress 2.3.1
moxiecode plupload 1.4.0
wordpress wordpress 3.0.1
moxiecode plupload 1.5.0
wordpress wordpress 1.5.1
wordpress wordpress 3.1
wordpress wordpress 2.0
wordpress wordpress 2.6.5
moxiecode plupload *
wordpress wordpress 2.2
moxiecode plupload 1.5.2
wordpress wordpress 2.7
wordpress wordpress 2.0.8
wordpress wordpress 2.2.3
wordpress wordpress 2.6.1
wordpress wordpress 2.2.2
wordpress wordpress 2.3
wordpress wordpress 2.8
wordpress wordpress 2.8.3
wordpress wordpress 2.8.6
wordpress wordpress 2.9.1
wordpress wordpress 2.9
wordpress wordpress 3.1.3
wordpress wordpress 2.5.1
wordpress wordpress 2.9.1.1
wordpress wordpress 2.8.1
wordpress wordpress 2.7.1
wordpress wordpress 3.0.3
wordpress wordpress 1.5.1.2
wordpress wordpress 3.0
wordpress wordpress 2.0.11
wordpress wordpress 3.1.1
wordpress wordpress 1.5.1.1
wordpress wordpress 2.3.2
wordpress wordpress 1.3
wordpress wordpress 2.8.5.2
wordpress wordpress 2.6.3
moxiecode plupload 1.4.1
wordpress wordpress 2.9.2
wordpress wordpress 3.0.5
wordpress wordpress 1.3.3
wordpress wordpress 2.1
wordpress wordpress 2.0.9
wordpress wordpress 1.5.2
wordpress wordpress 2.0.6
wordpress wordpress 2.0.7
moxiecode plupload 1.4.2
wordpress wordpress 3.0.4
wordpress wordpress 2.1.2
wordpress wordpress 2.8.5
wordpress wordpress 0.71
wordpress wordpress 1.0.2
wordpress wordpress 2.2.1
wordpress wordpress 3.0.2
wordpress wordpress 2.0.1
wordpress wordpress 1.3.2
wordpress wordpress 2.0.5
wordpress wordpress 3.3
wordpress wordpress 1.2.1
wordpress wordpress 2.0.2
wordpress wordpress *
wordpress wordpress 1.0.1
wordpress wordpress 2.6
CVE-2012-2402 MEDIUM

wp-admin/plugins.php in WordPress before 3.3.2 allows remote authenticated site administrators to bypass intended access restrictions and deactivate network-wide plugins via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
wordpress wordpress 1.5.1.3
wordpress wordpress 2.3.3
wordpress wordpress 1.2.3
wordpress wordpress 1.5
wordpress wordpress 2.0.10
wordpress wordpress 3.1.2
wordpress wordpress 1.2.4
wordpress wordpress 1.2.2
wordpress wordpress 1.0
wordpress wordpress 2.5
wordpress wordpress 1.2.5
wordpress wordpress 2.8.2
wordpress wordpress 3.0.6
wordpress wordpress 2.1.3
wordpress wordpress 2.0.4
wordpress wordpress 1.2
wordpress wordpress 2.8.4
wordpress wordpress 2.6.2
wordpress wordpress 1.1.1
wordpress wordpress 2.1.1
wordpress wordpress 2.8.5.1
wordpress wordpress 2.3.1
wordpress wordpress 3.0.1
wordpress wordpress 1.5.1
wordpress wordpress 3.1
wordpress wordpress 2.0
wordpress wordpress 2.6.5
wordpress wordpress 2.2
wordpress wordpress 2.7
wordpress wordpress 2.0.8
wordpress wordpress 2.2.3
wordpress wordpress 2.6.1
wordpress wordpress 2.2.2
wordpress wordpress 2.3
wordpress wordpress 2.8
wordpress wordpress 2.8.3
wordpress wordpress 2.8.6
wordpress wordpress 2.9.1
wordpress wordpress 2.9
wordpress wordpress 3.1.3
wordpress wordpress 2.5.1
wordpress wordpress 2.9.1.1
wordpress wordpress 2.8.1
wordpress wordpress 2.7.1
wordpress wordpress 3.0.3
wordpress wordpress 1.5.1.2
wordpress wordpress 3.0
wordpress wordpress 2.0.11
wordpress wordpress 3.1.1
wordpress wordpress 1.5.1.1
wordpress wordpress 2.3.2
wordpress wordpress 1.3
wordpress wordpress 2.8.5.2
wordpress wordpress 2.6.3
wordpress wordpress 2.9.2
wordpress wordpress 3.0.5
wordpress wordpress 1.3.3
wordpress wordpress 2.1
wordpress wordpress 2.0.9
wordpress wordpress 1.5.2
wordpress wordpress 2.0.6
wordpress wordpress 2.0.7
wordpress wordpress 3.0.4
wordpress wordpress 2.1.2
wordpress wordpress 2.8.5
wordpress wordpress 0.71
wordpress wordpress 1.0.2
wordpress wordpress 2.2.1
wordpress wordpress 3.0.2
wordpress wordpress 2.0.1
wordpress wordpress 1.3.2
wordpress wordpress 2.0.5
wordpress wordpress 3.3
wordpress wordpress 1.2.1
wordpress wordpress 2.0.2
wordpress wordpress *
wordpress wordpress 1.0.1
wordpress wordpress 2.6
CVE-2012-2403 MEDIUM

wp-includes/formatting.php in WordPress before 3.3.2 attempts to enable clickable links inside attributes, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress 1.5.1.3
wordpress wordpress 2.3.3
wordpress wordpress 1.2.3
wordpress wordpress 1.5
wordpress wordpress 2.0.10
wordpress wordpress 3.1.2
wordpress wordpress 1.2.4
wordpress wordpress 1.2.2
wordpress wordpress 1.0
wordpress wordpress 2.5
wordpress wordpress 1.2.5
wordpress wordpress 2.8.2
wordpress wordpress 3.0.6
wordpress wordpress 2.1.3
wordpress wordpress 2.0.4
wordpress wordpress 1.2
wordpress wordpress 2.8.4
wordpress wordpress 2.6.2
wordpress wordpress 1.1.1
wordpress wordpress 2.1.1
wordpress wordpress 2.8.5.1
wordpress wordpress 2.3.1
wordpress wordpress 3.0.1
wordpress wordpress 1.5.1
wordpress wordpress 3.1
wordpress wordpress 2.0
wordpress wordpress 2.6.5
wordpress wordpress 2.2
wordpress wordpress 2.7
wordpress wordpress 2.0.8
wordpress wordpress 2.2.3
wordpress wordpress 2.6.1
wordpress wordpress 2.2.2
wordpress wordpress 2.3
wordpress wordpress 2.8
wordpress wordpress 2.8.3
wordpress wordpress 2.8.6
wordpress wordpress 2.9.1
wordpress wordpress 2.9
wordpress wordpress 3.1.3
wordpress wordpress 2.5.1
wordpress wordpress 2.9.1.1
wordpress wordpress 2.8.1
wordpress wordpress 2.7.1
wordpress wordpress 3.0.3
wordpress wordpress 1.5.1.2
wordpress wordpress 3.0
wordpress wordpress 2.0.11
wordpress wordpress 3.1.1
wordpress wordpress 1.5.1.1
wordpress wordpress 2.3.2
wordpress wordpress 1.3
wordpress wordpress 2.8.5.2
wordpress wordpress 2.6.3
wordpress wordpress 2.9.2
wordpress wordpress 3.0.5
wordpress wordpress 1.3.3
wordpress wordpress 2.1
wordpress wordpress 2.0.9
wordpress wordpress 1.5.2
wordpress wordpress 2.0.6
wordpress wordpress 2.0.7
wordpress wordpress 3.0.4
wordpress wordpress 2.1.2
wordpress wordpress 2.8.5
wordpress wordpress 0.71
wordpress wordpress 1.0.2
wordpress wordpress 2.2.1
wordpress wordpress 3.0.2
wordpress wordpress 2.0.1
wordpress wordpress 1.3.2
wordpress wordpress 2.0.5
wordpress wordpress 3.3
wordpress wordpress 1.2.1
wordpress wordpress 2.0.2
wordpress wordpress *
wordpress wordpress 1.0.1
wordpress wordpress 2.6
CVE-2012-2404 MEDIUM

wp-comments-post.php in WordPress before 3.3.2 supports offsite redirects, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress 1.5.1.3
wordpress wordpress 2.3.3
wordpress wordpress 1.2.3
wordpress wordpress 1.5
wordpress wordpress 2.0.10
wordpress wordpress 3.1.2
wordpress wordpress 1.2.4
wordpress wordpress 1.2.2
wordpress wordpress 1.0
wordpress wordpress 2.5
wordpress wordpress 1.2.5
wordpress wordpress 2.8.2
wordpress wordpress 3.0.6
wordpress wordpress 2.1.3
wordpress wordpress 2.0.4
wordpress wordpress 1.2
wordpress wordpress 2.8.4
wordpress wordpress 2.6.2
wordpress wordpress 1.1.1
wordpress wordpress 2.1.1
wordpress wordpress 2.8.5.1
wordpress wordpress 2.3.1
wordpress wordpress 3.0.1
wordpress wordpress 1.5.1
wordpress wordpress 3.1
wordpress wordpress 2.0
wordpress wordpress 2.6.5
wordpress wordpress 2.2
wordpress wordpress 2.7
wordpress wordpress 2.0.8
wordpress wordpress 2.2.3
wordpress wordpress 2.6.1
wordpress wordpress 2.2.2
wordpress wordpress 2.3
wordpress wordpress 2.8
wordpress wordpress 2.8.3
wordpress wordpress 2.8.6
wordpress wordpress 2.9.1
wordpress wordpress 2.9
wordpress wordpress 3.1.3
wordpress wordpress 2.5.1
wordpress wordpress 2.9.1.1
wordpress wordpress 2.8.1
wordpress wordpress 2.7.1
wordpress wordpress 3.0.3
wordpress wordpress 1.5.1.2
wordpress wordpress 3.0
wordpress wordpress 2.0.11
wordpress wordpress 3.1.1
wordpress wordpress 1.5.1.1
wordpress wordpress 2.3.2
wordpress wordpress 1.3
wordpress wordpress 2.8.5.2
wordpress wordpress 2.6.3
wordpress wordpress 2.9.2
wordpress wordpress 3.0.5
wordpress wordpress 1.3.3
wordpress wordpress 2.1
wordpress wordpress 2.0.9
wordpress wordpress 1.5.2
wordpress wordpress 2.0.6
wordpress wordpress 2.0.7
wordpress wordpress 3.0.4
wordpress wordpress 2.1.2
wordpress wordpress 2.8.5
wordpress wordpress 0.71
wordpress wordpress 1.0.2
wordpress wordpress 2.2.1
wordpress wordpress 3.0.2
wordpress wordpress 2.0.1
wordpress wordpress 1.3.2
wordpress wordpress 2.0.5
wordpress wordpress 3.3
wordpress wordpress 1.2.1
wordpress wordpress 2.0.2
wordpress wordpress *
wordpress wordpress 1.0.1
wordpress wordpress 2.6
CVE-2012-2633 MEDIUM

Cross-site scripting (XSS) vulnerability in wassup.php in the WassUp plugin before 1.8.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wassup_plugin 1.4
wordpress wassup_plugin 1.7.2
wordpress wassup_plugin 1.7.2.1
wordpress wassup_plugin 1.8.1
wordpress wassup_plugin *
wordpress wassup_plugin 1.4.3
wordpress wassup_plugin 1.8
wordpress wassup_plugin 1.8.2
CVE-2012-3578 MEDIUM

Unrestricted file upload vulnerability in html/Upload.php in the FCChat Widget plugin 2.2.13.1 and earlier for WordPress allows remote attackers to execute arbitrary code by uploading a file with a file with an executable extension followed by a safe extension, then accessing it via a direct request to the file in html/images.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
wordpress fcchat_widget *
CVE-2012-3588 MEDIUM

Directory traversal vulnerability in preview.php in the Plugin Newsletter plugin 1.5 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the data parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
wordpress plugin_newsletter_plugin 1.5
CVE-2012-5868 LOW

WordPress 3.4.2 does not invalidate a wordpress_sec session cookie upon an administrator's logout action, which makes it easier for remote attackers to discover valid session identifiers via a brute-force attack, or modify data via a replay attack.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
wordpress wordpress 3.4.2
CVE-2012-6527 LOW

Cross-site scripting (XSS) vulnerability in the My Calendar plugin before 1.10.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
joedolson my_calendar 1.6.1
joedolson my_calendar 1.4.1
joedolson my_calendar 1.6.0
joedolson my_calendar 1.8.5
joedolson my_calendar 1.7.3
joedolson my_calendar 1.4.6
joedolson my_calendar 1.7.1
joedolson my_calendar 1.9.1
joedolson my_calendar 1.5.1
joedolson my_calendar 1.5.4
joedolson my_calendar 1.8.6
joedolson my_calendar 1.8.3
joedolson my_calendar 1.9.2
joedolson my_calendar 1.4.3
joedolson my_calendar 1.10.0
joedolson my_calendar 1.9.3
joedolson my_calendar 1.7.0
joedolson my_calendar 1.9.7
joedolson my_calendar 1.7.4
joedolson my_calendar 1.2.0
joedolson my_calendar 1.4.5
joedolson my_calendar 1.7.8
joedolson my_calendar 1.4.8
joedolson my_calendar 1.8.8
joedolson my_calendar 1.4.7
joedolson my_calendar 1.5.2
joedolson my_calendar 1.9.0
joedolson my_calendar 1.8.2
joedolson my_calendar 1.5.0
joedolson my_calendar 1.6.2
joedolson my_calendar 1.5.3
joedolson my_calendar 1.7.7
joedolson my_calendar 1.1.0
joedolson my_calendar 1.4.10
joedolson my_calendar 1.8.7
joedolson my_calendar 1.8.1
joedolson my_calendar 1.4.9
wordpress wordpress -
joedolson my_calendar 1.9.6
joedolson my_calendar 1.9.4
joedolson my_calendar 1.9.5
joedolson my_calendar 1.4.0
joedolson my_calendar 1.9.8
joedolson my_calendar 1.7.6
joedolson my_calendar 1.8.9
joedolson my_calendar 1.4.2
joedolson my_calendar *
joedolson my_calendar 1.4.4
joedolson my_calendar 1.8.4
joedolson my_calendar 1.8.0
joedolson my_calendar 1.2.1
joedolson my_calendar 1.7.2
joedolson my_calendar 1.6.3
CVE-2012-6633 MEDIUM

Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php in WordPress before 3.3.3 allows remote attackers to inject arbitrary web script or HTML via an editable slug field.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress 3.1.3
wordpress wordpress 3.0.3
wordpress wordpress 3.0.4
wordpress wordpress 3.2.1
wordpress wordpress 3.0
wordpress wordpress 3.0.1
wordpress wordpress 3.1
wordpress wordpress 3.1.1
wordpress wordpress 3.1.2
wordpress wordpress 3.2
wordpress wordpress 3.0.2
wordpress wordpress 3.3.1
wordpress wordpress 3.1.4
wordpress wordpress 3.3
wordpress wordpress *
wordpress wordpress 3.0.6
wordpress wordpress 3.0.5
CVE-2012-6634 MEDIUM

wp-admin/media-upload.php in WordPress before 3.3.3 allows remote attackers to obtain sensitive information or bypass intended media-attachment restrictions via a post_id value.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
wordpress wordpress 3.1.3
wordpress wordpress 3.0.3
wordpress wordpress 3.0.4
wordpress wordpress 3.2.1
wordpress wordpress 3.0
wordpress wordpress 3.0.1
wordpress wordpress 3.1
wordpress wordpress 3.1.1
wordpress wordpress 3.1.2
wordpress wordpress 3.2
wordpress wordpress 3.0.2
wordpress wordpress 3.3.1
wordpress wordpress 3.1.4
wordpress wordpress 3.3
wordpress wordpress *
wordpress wordpress 3.0.6
wordpress wordpress 3.0.5
CVE-2012-6635 MEDIUM

wp-admin/includes/class-wp-posts-list-table.php in WordPress before 3.3.3 does not properly restrict excerpt-view access, which allows remote authenticated users to obtain sensitive information by visiting a draft.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
wordpress wordpress 3.1.3
wordpress wordpress 3.0.3
wordpress wordpress 3.0.4
wordpress wordpress 3.2.1
wordpress wordpress 3.0
wordpress wordpress 3.0.1
wordpress wordpress 3.1
wordpress wordpress 3.1.1
wordpress wordpress 3.1.2
wordpress wordpress 3.2
wordpress wordpress 3.0.2
wordpress wordpress 3.3.1
wordpress wordpress 3.1.4
wordpress wordpress 3.3
wordpress wordpress *
wordpress wordpress 3.0.6
wordpress wordpress 3.0.5
CVE-2012-6707 MEDIUM

WordPress through 4.8.2 uses a weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. NOTE: the approach to changing this may not be fully compatible with certain use cases, such as migration of a WordPress site from a web host that uses a recent PHP version to a different web host that uses PHP 5.2. These use cases are plausible (but very unlikely) based on statistics showing widespread deployment of WordPress with obsolete PHP versions.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-326,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2013-0235 MEDIUM

The XMLRPC API in WordPress before 3.5.1 allows remote attackers to send HTTP requests to intranet servers, and conduct port-scanning attacks, by specifying a crafted source URL for a pingback, related to a Server-Side Request Forgery (SSRF) issue.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
wordpress wordpress 1.5.1.3
wordpress wordpress 2.3.3
wordpress wordpress 1.2.3
wordpress wordpress 1.5
wordpress wordpress 2.0.10
wordpress wordpress 3.4.1
wordpress wordpress 1.2.4
wordpress wordpress 1.2.2
wordpress wordpress 1.0
wordpress wordpress 2.5
wordpress wordpress 1.2.5
wordpress wordpress 2.8.2
wordpress wordpress 3.4.2
wordpress wordpress 2.1.3
wordpress wordpress 2.0.4
wordpress wordpress 1.2
wordpress wordpress 2.8.4
wordpress wordpress 2.6.2
wordpress wordpress 1.1.1
wordpress wordpress 2.1.1
wordpress wordpress 2.8.5.1
wordpress wordpress 2.3.1
wordpress wordpress 1.5.1
wordpress wordpress 2.0
wordpress wordpress 2.6.5
wordpress wordpress 2.2
wordpress wordpress 2.7
wordpress wordpress 2.0.8
wordpress wordpress 2.2.3
wordpress wordpress 2.6.1
wordpress wordpress 2.2.2
wordpress wordpress 3.3.2
wordpress wordpress 2.3
wordpress wordpress 2.8
wordpress wordpress 2.8.3
wordpress wordpress 2.8.6
wordpress wordpress 2.9.1
wordpress wordpress 2.9
wordpress wordpress 2.5.1
wordpress wordpress 2.9.1.1
wordpress wordpress 2.8.1
wordpress wordpress 2.7.1
wordpress wordpress 1.5.1.2
wordpress wordpress 2.0.11
wordpress wordpress 1.5.1.1
wordpress wordpress 2.3.2
wordpress wordpress 1.3
wordpress wordpress 2.8.5.2
wordpress wordpress 1.6.2
wordpress wordpress 3.4.0
wordpress wordpress 2.6.3
wordpress wordpress 2.9.2
wordpress wordpress 1.3.3
wordpress wordpress 2.1
wordpress wordpress 2.0.9
wordpress wordpress 1.5.2
wordpress wordpress 2.0.6
wordpress wordpress 3.3.3
wordpress wordpress 2.0.7
wordpress wordpress 2.1.2
wordpress wordpress 2.8.5
wordpress wordpress 0.71
wordpress wordpress 1.0.2
wordpress wordpress 2.2.1
wordpress wordpress 2.0.1
wordpress wordpress 1.3.2
wordpress wordpress 3.3.1
wordpress wordpress 2.0.5
wordpress wordpress 3.3
wordpress wordpress 1.2.1
wordpress wordpress 2.0.2
wordpress wordpress *
wordpress wordpress 1.0.1
wordpress wordpress 2.6
CVE-2013-0236 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in WordPress before 3.5.1 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) gallery shortcodes or (2) the content of a post.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress 1.5.1.3
wordpress wordpress 2.3.3
wordpress wordpress 1.2.3
wordpress wordpress 1.5
wordpress wordpress 2.0.10
wordpress wordpress 3.4.1
wordpress wordpress 1.2.4
wordpress wordpress 1.2.2
wordpress wordpress 1.0
wordpress wordpress 2.5
wordpress wordpress 1.2.5
wordpress wordpress 2.8.2
wordpress wordpress 3.4.2
wordpress wordpress 2.1.3
wordpress wordpress 2.0.4
wordpress wordpress 1.2
wordpress wordpress 2.8.4
wordpress wordpress 2.6.2
wordpress wordpress 1.1.1
wordpress wordpress 2.1.1
wordpress wordpress 2.8.5.1
wordpress wordpress 2.3.1
wordpress wordpress 1.5.1
wordpress wordpress 2.0
wordpress wordpress 2.6.5
wordpress wordpress 2.2
wordpress wordpress 2.7
wordpress wordpress 2.0.8
wordpress wordpress 2.2.3
wordpress wordpress 2.6.1
wordpress wordpress 2.2.2
wordpress wordpress 3.3.2
wordpress wordpress 2.3
wordpress wordpress 2.8
wordpress wordpress 2.8.3
wordpress wordpress 2.8.6
wordpress wordpress 2.9.1
wordpress wordpress 2.9
wordpress wordpress 2.5.1
wordpress wordpress 2.9.1.1
wordpress wordpress 2.8.1
wordpress wordpress 2.7.1
wordpress wordpress 1.5.1.2
wordpress wordpress 2.0.11
wordpress wordpress 1.5.1.1
wordpress wordpress 2.3.2
wordpress wordpress 1.3
wordpress wordpress 2.8.5.2
wordpress wordpress 1.6.2
wordpress wordpress 3.4.0
wordpress wordpress 2.6.3
wordpress wordpress 2.9.2
wordpress wordpress 1.3.3
wordpress wordpress 2.1
wordpress wordpress 2.0.9
wordpress wordpress 1.5.2
wordpress wordpress 2.0.6
wordpress wordpress 3.3.3
wordpress wordpress 2.0.7
wordpress wordpress 2.1.2
wordpress wordpress 2.8.5
wordpress wordpress 0.71
wordpress wordpress 1.0.2
wordpress wordpress 2.2.1
wordpress wordpress 2.0.1
wordpress wordpress 1.3.2
wordpress wordpress 3.3.1
wordpress wordpress 2.0.5
wordpress wordpress 3.3
wordpress wordpress 1.2.1
wordpress wordpress 2.0.2
wordpress wordpress *
wordpress wordpress 1.0.1
wordpress wordpress 2.6
CVE-2013-0237 MEDIUM

Cross-site scripting (XSS) vulnerability in Plupload.as in Moxiecode plupload before 1.5.5, as used in WordPress before 3.5.1 and other products, allows remote attackers to inject arbitrary web script or HTML via the id parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress 1.5.1.3
fedoraproject fedora 16
wordpress wordpress 2.3.3
moxiecode plupload 1.5.1
wordpress wordpress 1.2.3
wordpress wordpress 1.5
wordpress wordpress 2.0.10
wordpress wordpress 3.4.1
wordpress wordpress 1.2.4
wordpress wordpress 1.2.2
wordpress wordpress 1.0
wordpress wordpress 2.5
wordpress wordpress 1.2.5
wordpress wordpress 2.8.2
wordpress wordpress 3.4.2
wordpress wordpress 2.1.3
wordpress wordpress 2.0.4
wordpress wordpress 1.2
wordpress wordpress 2.8.4
moxiecode plupload 1.4.3
wordpress wordpress 2.6.2
wordpress wordpress 1.1.1
wordpress wordpress 2.1.1
wordpress wordpress 2.8.5.1
wordpress wordpress 2.3.1
moxiecode plupload 1.4.0
moxiecode plupload 1.5.0
wordpress wordpress 1.5.1
wordpress wordpress 2.0
wordpress wordpress 2.6.5
moxiecode plupload *
wordpress wordpress 2.2
moxiecode plupload 1.5.2
wordpress wordpress 2.7
wordpress wordpress 2.0.8
wordpress wordpress 2.2.3
wordpress wordpress 2.6.1
wordpress wordpress 2.2.2
wordpress wordpress 3.3.2
wordpress wordpress 2.3
wordpress wordpress 2.8
wordpress wordpress 2.8.3
wordpress wordpress 2.8.6
wordpress wordpress 2.9.1
wordpress wordpress 2.9
fedoraproject fedora 18
wordpress wordpress 2.5.1
wordpress wordpress 2.9.1.1
wordpress wordpress 2.8.1
wordpress wordpress 2.7.1
wordpress wordpress 1.5.1.2
wordpress wordpress 2.0.11
moxiecode plupload 1.5.3
wordpress wordpress 1.5.1.1
wordpress wordpress 2.3.2
wordpress wordpress 1.3
wordpress wordpress 2.8.5.2
wordpress wordpress 1.6.2
wordpress wordpress 3.4.0
wordpress wordpress 2.6.3
moxiecode plupload 1.4.1
wordpress wordpress 2.9.2
wordpress wordpress 1.3.3
wordpress wordpress 2.1
wordpress wordpress 2.0.9
wordpress wordpress 1.5.2
wordpress wordpress 2.0.6
wordpress wordpress 3.3.3
wordpress wordpress 2.0.7
fedoraproject fedora 17
moxiecode plupload 1.4.2
wordpress wordpress 2.1.2
wordpress wordpress 2.8.5
wordpress wordpress 0.71
wordpress wordpress 1.0.2
wordpress wordpress 2.2.1
wordpress wordpress 2.0.1
wordpress wordpress 1.3.2
wordpress wordpress 3.3.1
wordpress wordpress 2.0.5
wordpress wordpress 3.3
wordpress wordpress 1.2.1
wordpress wordpress 2.0.2
wordpress wordpress *
wordpress wordpress 1.0.1
wordpress wordpress 2.6
CVE-2013-10021 MEDIUM

A vulnerability was found in dd32 Debug Bar Plugin up to 0.8 on WordPress. It has been declared as problematic. Affected by this vulnerability is the function render of the file panels/class-debug-bar-queries.php. The manipulation leads to cross site scripting. The attack can be launched remotely. Upgrading to version 0.8.1 is able to address this issue. The patch is named 0842af8f8a556bc3e39b9ef758173b0a8a9ccbfc. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-222739.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress debug_bar *
CVE-2013-10027 MEDIUM

A vulnerability was found in Blogger Importer Plugin up to 0.5 on WordPress. It has been classified as problematic. Affected is the function start/restart of the file blogger-importer.php. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. Upgrading to version 0.6 is able to address this issue. The patch is identified as b83fa4f862b0f19a54cfee76060ec9c2e7f7ca70. It is recommended to upgrade the affected component. VDB-230658 is the identifier assigned to this vulnerability.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
wordpress blogger_importer *
CVE-2013-2173 MEDIUM

wp-includes/class-phpass.php in WordPress 3.5.1, when a password-protected post exists, allows remote attackers to cause a denial of service (CPU consumption) via a crafted value of a certain wp-postpass cookie.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
wordpress wordpress 3.5.1
CVE-2013-2199 MEDIUM

The HTTP API in WordPress before 3.5.2 allows remote attackers to send HTTP requests to intranet servers via unspecified vectors, related to a Server-Side Request Forgery (SSRF) issue, a similar vulnerability to CVE-2013-0235.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
wordpress wordpress 1.5.1.3
wordpress wordpress 2.3.3
wordpress wordpress 1.2.3
wordpress wordpress 1.5
wordpress wordpress 2.0.10
wordpress wordpress 3.4.1
wordpress wordpress 1.2.4
wordpress wordpress 1.2.2
wordpress wordpress 1.0
wordpress wordpress 2.5
wordpress wordpress 1.2.5
wordpress wordpress 2.8.2
wordpress wordpress 3.4.2
wordpress wordpress 2.1.3
wordpress wordpress 2.0.4
wordpress wordpress 1.2
wordpress wordpress 3.5.0
wordpress wordpress 2.8.4
wordpress wordpress 2.6.2
wordpress wordpress 1.1.1
wordpress wordpress 2.1.1
wordpress wordpress 2.8.5.1
wordpress wordpress 2.3.1
wordpress wordpress 1.5.1
wordpress wordpress 2.0
wordpress wordpress 2.6.5
wordpress wordpress 2.2
wordpress wordpress 2.7
wordpress wordpress 2.0.8
wordpress wordpress 2.2.3
wordpress wordpress 2.6.1
wordpress wordpress 2.2.2
wordpress wordpress 3.3.2
wordpress wordpress 2.3
wordpress wordpress 2.8
wordpress wordpress 2.8.3
wordpress wordpress 2.8.6
wordpress wordpress 2.9.1
wordpress wordpress 2.9
wordpress wordpress 2.5.1
wordpress wordpress 2.9.1.1
wordpress wordpress 2.8.1
wordpress wordpress 2.7.1
wordpress wordpress 1.5.1.2
wordpress wordpress 2.0.11
wordpress wordpress 1.5.1.1
wordpress wordpress 2.3.2
wordpress wordpress 1.3
wordpress wordpress 2.8.5.2
wordpress wordpress 1.6.2
wordpress wordpress 3.4.0
wordpress wordpress 2.6.3
wordpress wordpress 2.9.2
wordpress wordpress 1.3.3
wordpress wordpress 2.1
wordpress wordpress 2.0.9
wordpress wordpress 1.5.2
wordpress wordpress 2.0.6
wordpress wordpress 3.3.3
wordpress wordpress 2.0.7
wordpress wordpress 2.1.2
wordpress wordpress 2.8.5
wordpress wordpress 0.71
wordpress wordpress 1.0.2
wordpress wordpress 2.2.1
wordpress wordpress 2.0.1
wordpress wordpress 1.3.2
wordpress wordpress 3.3.1
wordpress wordpress 2.0.5
wordpress wordpress 3.3
wordpress wordpress 1.2.1
wordpress wordpress 2.0.2
wordpress wordpress *
wordpress wordpress 1.0.1
wordpress wordpress 2.6
CVE-2013-2200 MEDIUM

WordPress before 3.5.2 does not properly check the capabilities of roles, which allows remote authenticated users to bypass intended restrictions on publishing and authorship reassignment via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
wordpress wordpress 1.5.1.3
wordpress wordpress 2.3.3
wordpress wordpress 1.2.3
wordpress wordpress 1.5
wordpress wordpress 2.0.10
wordpress wordpress 3.4.1
wordpress wordpress 1.2.4
wordpress wordpress 1.2.2
wordpress wordpress 1.0
wordpress wordpress 2.5
wordpress wordpress 1.2.5
wordpress wordpress 2.8.2
wordpress wordpress 3.4.2
wordpress wordpress 2.1.3
wordpress wordpress 2.0.4
wordpress wordpress 1.2
wordpress wordpress 3.5.0
wordpress wordpress 2.8.4
wordpress wordpress 2.6.2
wordpress wordpress 1.1.1
wordpress wordpress 2.1.1
wordpress wordpress 2.8.5.1
wordpress wordpress 2.3.1
wordpress wordpress 1.5.1
wordpress wordpress 2.0
wordpress wordpress 2.6.5
wordpress wordpress 2.2
wordpress wordpress 2.7
wordpress wordpress 2.0.8
wordpress wordpress 2.2.3
wordpress wordpress 2.6.1
wordpress wordpress 2.2.2
wordpress wordpress 3.3.2
wordpress wordpress 2.3
wordpress wordpress 2.8
wordpress wordpress 2.8.3
wordpress wordpress 2.8.6
wordpress wordpress 2.9.1
wordpress wordpress 2.9
wordpress wordpress 2.5.1
wordpress wordpress 2.9.1.1
wordpress wordpress 2.8.1
wordpress wordpress 2.7.1
wordpress wordpress 1.5.1.2
wordpress wordpress 2.0.11
wordpress wordpress 1.5.1.1
wordpress wordpress 2.3.2
wordpress wordpress 1.3
wordpress wordpress 2.8.5.2
wordpress wordpress 1.6.2
wordpress wordpress 3.4.0
wordpress wordpress 2.6.3
wordpress wordpress 2.9.2
wordpress wordpress 1.3.3
wordpress wordpress 2.1
wordpress wordpress 2.0.9
wordpress wordpress 1.5.2
wordpress wordpress 2.0.6
wordpress wordpress 3.3.3
wordpress wordpress 2.0.7
wordpress wordpress 2.1.2
wordpress wordpress 2.8.5
wordpress wordpress 0.71
wordpress wordpress 1.0.2
wordpress wordpress 2.2.1
wordpress wordpress 2.0.1
wordpress wordpress 1.3.2
wordpress wordpress 3.3.1
wordpress wordpress 2.0.5
wordpress wordpress 3.3
wordpress wordpress 1.2.1
wordpress wordpress 2.0.2
wordpress wordpress *
wordpress wordpress 1.0.1
wordpress wordpress 2.6
CVE-2013-2201 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in WordPress before 3.5.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) uploads of media files, (2) editing of media files, (3) installation of plugins, (4) updates to plugins, (5) installation of themes, or (6) updates to themes.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress 1.5.1.3
wordpress wordpress 2.3.3
wordpress wordpress 1.2.3
wordpress wordpress 1.5
wordpress wordpress 2.0.10
wordpress wordpress 3.4.1
wordpress wordpress 1.2.4
wordpress wordpress 1.2.2
wordpress wordpress 1.0
wordpress wordpress 2.5
wordpress wordpress 1.2.5
wordpress wordpress 2.8.2
wordpress wordpress 3.4.2
wordpress wordpress 2.1.3
wordpress wordpress 2.0.4
wordpress wordpress 1.2
wordpress wordpress 3.5.0
wordpress wordpress 2.8.4
wordpress wordpress 2.6.2
wordpress wordpress 1.1.1
wordpress wordpress 2.1.1
wordpress wordpress 2.8.5.1
wordpress wordpress 2.3.1
wordpress wordpress 1.5.1
wordpress wordpress 2.0
wordpress wordpress 2.6.5
wordpress wordpress 2.2
wordpress wordpress 2.7
wordpress wordpress 2.0.8
wordpress wordpress 2.2.3
wordpress wordpress 2.6.1
wordpress wordpress 2.2.2
wordpress wordpress 3.3.2
wordpress wordpress 2.3
wordpress wordpress 2.8
wordpress wordpress 2.8.3
wordpress wordpress 2.8.6
wordpress wordpress 2.9.1
wordpress wordpress 2.9
wordpress wordpress 2.5.1
wordpress wordpress 2.9.1.1
wordpress wordpress 2.8.1
wordpress wordpress 2.7.1
wordpress wordpress 1.5.1.2
wordpress wordpress 2.0.11
wordpress wordpress 1.5.1.1
wordpress wordpress 2.3.2
wordpress wordpress 1.3
wordpress wordpress 2.8.5.2
wordpress wordpress 1.6.2
wordpress wordpress 3.4.0
wordpress wordpress 2.6.3
wordpress wordpress 2.9.2
wordpress wordpress 1.3.3
wordpress wordpress 2.1
wordpress wordpress 2.0.9
wordpress wordpress 1.5.2
wordpress wordpress 2.0.6
wordpress wordpress 3.3.3
wordpress wordpress 2.0.7
wordpress wordpress 2.1.2
wordpress wordpress 2.8.5
wordpress wordpress 0.71
wordpress wordpress 1.0.2
wordpress wordpress 2.2.1
wordpress wordpress 2.0.1
wordpress wordpress 1.3.2
wordpress wordpress 3.3.1
wordpress wordpress 2.0.5
wordpress wordpress 3.3
wordpress wordpress 1.2.1
wordpress wordpress 2.0.2
wordpress wordpress *
wordpress wordpress 1.0.1
wordpress wordpress 2.6
CVE-2013-2202 MEDIUM

WordPress before 3.5.2 allows remote attackers to read arbitrary files via an oEmbed XML provider response containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
wordpress wordpress 1.5.1.3
wordpress wordpress 2.3.3
wordpress wordpress 1.2.3
wordpress wordpress 1.5
wordpress wordpress 2.0.10
wordpress wordpress 3.4.1
wordpress wordpress 1.2.4
wordpress wordpress 1.2.2
wordpress wordpress 1.0
wordpress wordpress 2.5
wordpress wordpress 1.2.5
wordpress wordpress 2.8.2
wordpress wordpress 3.4.2
wordpress wordpress 2.1.3
wordpress wordpress 2.0.4
wordpress wordpress 1.2
wordpress wordpress 3.5.0
wordpress wordpress 2.8.4
wordpress wordpress 2.6.2
wordpress wordpress 1.1.1
wordpress wordpress 2.1.1
wordpress wordpress 2.8.5.1
wordpress wordpress 2.3.1
wordpress wordpress 1.5.1
wordpress wordpress 2.0
wordpress wordpress 2.6.5
wordpress wordpress 2.2
wordpress wordpress 2.7
wordpress wordpress 2.0.8
wordpress wordpress 2.2.3
wordpress wordpress 2.6.1
wordpress wordpress 2.2.2
wordpress wordpress 3.3.2
wordpress wordpress 2.3
wordpress wordpress 2.8
wordpress wordpress 2.8.3
wordpress wordpress 2.8.6
wordpress wordpress 2.9.1
wordpress wordpress 2.9
wordpress wordpress 2.5.1
wordpress wordpress 2.9.1.1
wordpress wordpress 2.8.1
wordpress wordpress 2.7.1
wordpress wordpress 1.5.1.2
wordpress wordpress 2.0.11
wordpress wordpress 1.5.1.1
wordpress wordpress 2.3.2
wordpress wordpress 1.3
wordpress wordpress 2.8.5.2
wordpress wordpress 1.6.2
wordpress wordpress 3.4.0
wordpress wordpress 2.6.3
wordpress wordpress 2.9.2
wordpress wordpress 1.3.3
wordpress wordpress 2.1
wordpress wordpress 2.0.9
wordpress wordpress 1.5.2
wordpress wordpress 2.0.6
wordpress wordpress 3.3.3
wordpress wordpress 2.0.7
wordpress wordpress 2.1.2
wordpress wordpress 2.8.5
wordpress wordpress 0.71
wordpress wordpress 1.0.2
wordpress wordpress 2.2.1
wordpress wordpress 2.0.1
wordpress wordpress 1.3.2
wordpress wordpress 3.3.1
wordpress wordpress 2.0.5
wordpress wordpress 3.3
wordpress wordpress 1.2.1
wordpress wordpress 2.0.2
wordpress wordpress *
wordpress wordpress 1.0.1
wordpress wordpress 2.6
CVE-2013-2203 MEDIUM

WordPress before 3.5.2, when the uploads directory forbids write access, allows remote attackers to obtain sensitive information via an invalid upload request, which reveals the absolute path in an XMLHttpRequest error message.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
wordpress wordpress 1.5.1.3
wordpress wordpress 2.3.3
wordpress wordpress 1.2.3
wordpress wordpress 1.5
wordpress wordpress 2.0.10
wordpress wordpress 3.4.1
wordpress wordpress 1.2.4
wordpress wordpress 1.2.2
wordpress wordpress 1.0
wordpress wordpress 2.5
wordpress wordpress 1.2.5
wordpress wordpress 2.8.2
wordpress wordpress 3.4.2
wordpress wordpress 2.1.3
wordpress wordpress 2.0.4
wordpress wordpress 1.2
wordpress wordpress 3.5.0
wordpress wordpress 2.8.4
wordpress wordpress 2.6.2
wordpress wordpress 1.1.1
wordpress wordpress 2.1.1
wordpress wordpress 2.8.5.1
wordpress wordpress 2.3.1
wordpress wordpress 1.5.1
wordpress wordpress 2.0
wordpress wordpress 2.6.5
wordpress wordpress 2.2
wordpress wordpress 2.7
wordpress wordpress 2.0.8
wordpress wordpress 2.2.3
wordpress wordpress 2.6.1
wordpress wordpress 2.2.2
wordpress wordpress 3.3.2
wordpress wordpress 2.3
wordpress wordpress 2.8
wordpress wordpress 2.8.3
wordpress wordpress 2.8.6
wordpress wordpress 2.9.1
wordpress wordpress 2.9
wordpress wordpress 2.5.1
wordpress wordpress 2.9.1.1
wordpress wordpress 2.8.1
wordpress wordpress 2.7.1
wordpress wordpress 1.5.1.2
wordpress wordpress 2.0.11
wordpress wordpress 1.5.1.1
wordpress wordpress 2.3.2
wordpress wordpress 1.3
wordpress wordpress 2.8.5.2
wordpress wordpress 1.6.2
wordpress wordpress 3.4.0
wordpress wordpress 2.6.3
wordpress wordpress 2.9.2
wordpress wordpress 1.3.3
wordpress wordpress 2.1
wordpress wordpress 2.0.9
wordpress wordpress 1.5.2
wordpress wordpress 2.0.6
wordpress wordpress 3.3.3
wordpress wordpress 2.0.7
wordpress wordpress 2.1.2
wordpress wordpress 2.8.5
wordpress wordpress 0.71
wordpress wordpress 1.0.2
wordpress wordpress 2.2.1
wordpress wordpress 2.0.1
wordpress wordpress 1.3.2
wordpress wordpress 3.3.1
wordpress wordpress 2.0.5
wordpress wordpress 3.3
wordpress wordpress 1.2.1
wordpress wordpress 2.0.2
wordpress wordpress *
wordpress wordpress 1.0.1
wordpress wordpress 2.6
CVE-2013-2204 MEDIUM

moxieplayer.as in Moxiecode moxieplayer, as used in the TinyMCE Media plugin in WordPress before 3.5.2 and other products, does not consider the presence of a # (pound sign) character during extraction of the QUERY_STRING, which allows remote attackers to pass arbitrary parameters to a Flash application, and conduct content-spoofing attacks, via a crafted string after a ? (question mark) character.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
wordpress wordpress 1.5.1.3
wordpress wordpress 2.3.3
wordpress wordpress 1.2.3
wordpress wordpress 1.5
wordpress wordpress 2.0.10
wordpress wordpress 3.4.1
tinymce media -
wordpress wordpress 1.2.4
wordpress wordpress 1.2.2
wordpress wordpress 1.0
wordpress wordpress 2.5
wordpress wordpress 1.2.5
wordpress wordpress 2.8.2
wordpress wordpress 3.4.2
wordpress wordpress 2.1.3
wordpress wordpress 2.0.4
wordpress wordpress 1.2
wordpress wordpress 3.5.0
wordpress wordpress 2.8.4
wordpress wordpress 2.6.2
wordpress wordpress 1.1.1
wordpress wordpress 2.1.1
wordpress wordpress 2.8.5.1
wordpress wordpress 2.3.1
wordpress wordpress 1.5.1
wordpress wordpress 2.0
wordpress wordpress 2.6.5
wordpress wordpress 2.2
wordpress wordpress 2.7
wordpress wordpress 2.0.8
wordpress wordpress 2.2.3
wordpress wordpress 2.6.1
wordpress wordpress 2.2.2
wordpress wordpress 3.3.2
wordpress wordpress 2.3
wordpress wordpress 2.8
wordpress wordpress 2.8.3
wordpress wordpress 2.8.6
wordpress wordpress 2.9.1
wordpress wordpress 2.9
wordpress wordpress 2.5.1
wordpress wordpress 2.9.1.1
wordpress wordpress 2.8.1
wordpress wordpress 2.7.1
wordpress wordpress 1.5.1.2
wordpress wordpress 2.0.11
wordpress wordpress 1.5.1.1
wordpress wordpress 2.3.2
wordpress wordpress 1.3
wordpress wordpress 2.8.5.2
wordpress wordpress 1.6.2
wordpress wordpress 3.4.0
wordpress wordpress 2.6.3
wordpress wordpress 2.9.2
wordpress wordpress 1.3.3
wordpress wordpress 2.1
wordpress wordpress 2.0.9
wordpress wordpress 1.5.2
wordpress wordpress 2.0.6
wordpress wordpress 3.3.3
wordpress wordpress 2.0.7
wordpress wordpress 2.1.2
wordpress wordpress 2.8.5
wordpress wordpress 0.71
wordpress wordpress 1.0.2
wordpress wordpress 2.2.1
wordpress wordpress 2.0.1
wordpress wordpress 1.3.2
wordpress wordpress 3.3.1
wordpress wordpress 2.0.5
wordpress wordpress 3.3
wordpress wordpress 1.2.1
wordpress wordpress 2.0.2
wordpress wordpress *
wordpress wordpress 1.0.1
wordpress wordpress 2.6
CVE-2013-2205 MEDIUM

The default configuration of SWFUpload in WordPress before 3.5.2 has an unrestrictive security.allowDomain setting, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted web site.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-16,CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress 1.5.1.3
wordpress wordpress 2.3.3
wordpress wordpress 1.2.3
wordpress wordpress 1.5
wordpress wordpress 2.0.10
wordpress wordpress 3.4.1
wordpress wordpress 1.2.4
wordpress wordpress 1.2.2
wordpress wordpress 1.0
wordpress wordpress 2.5
wordpress wordpress 1.2.5
wordpress wordpress 2.8.2
wordpress wordpress 3.4.2
wordpress wordpress 2.1.3
wordpress wordpress 2.0.4
wordpress wordpress 1.2
wordpress wordpress 3.5.0
wordpress wordpress 2.8.4
wordpress wordpress 2.6.2
wordpress wordpress 1.1.1
wordpress wordpress 2.1.1
wordpress wordpress 2.8.5.1
wordpress wordpress 2.3.1
wordpress wordpress 1.5.1
wordpress wordpress 2.0
wordpress wordpress 2.6.5
wordpress wordpress 2.2
wordpress wordpress 2.7
wordpress wordpress 2.0.8
wordpress wordpress 2.2.3
wordpress wordpress 2.6.1
wordpress wordpress 2.2.2
wordpress wordpress 3.3.2
wordpress wordpress 2.3
wordpress wordpress 2.8
wordpress wordpress 2.8.3
wordpress wordpress 2.8.6
wordpress wordpress 2.9.1
wordpress wordpress 2.9
wordpress wordpress 2.5.1
wordpress wordpress 2.9.1.1
wordpress wordpress 2.8.1
wordpress wordpress 2.7.1
wordpress wordpress 1.5.1.2
wordpress wordpress 2.0.11
wordpress wordpress 1.5.1.1
wordpress wordpress 2.3.2
wordpress wordpress 1.3
wordpress wordpress 2.8.5.2
wordpress wordpress 1.6.2
wordpress wordpress 3.4.0
wordpress wordpress 2.6.3
wordpress wordpress 2.9.2
wordpress wordpress 1.3.3
wordpress wordpress 2.1
wordpress wordpress 2.0.9
wordpress wordpress 1.5.2
wordpress wordpress 2.0.6
wordpress wordpress 3.3.3
wordpress wordpress 2.0.7
wordpress wordpress 2.1.2
wordpress wordpress 2.8.5
wordpress wordpress 0.71
wordpress wordpress 1.0.2
wordpress wordpress 2.2.1
wordpress wordpress 2.0.1
wordpress wordpress 1.3.2
wordpress wordpress 3.3.1
wordpress wordpress 2.0.5
wordpress wordpress 3.3
wordpress wordpress 1.2.1
wordpress wordpress 2.0.2
wordpress wordpress *
wordpress wordpress 1.0.1
wordpress wordpress 2.6
CVE-2013-3250 MEDIUM

Cross-site request forgery (CSRF) vulnerability in the WP Maintenance Mode plugin before 1.8.8 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that modify this plugin's settings.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
wordpress wp_maintenance_mode_plugin 1.8.6
wordpress wp_maintenance_mode_plugin 1.8.3
wordpress wp_maintenance_mode_plugin 1.8.2
wordpress wp_maintenance_mode_plugin 1.8.4
wordpress wp_maintenance_mode_plugin 1.8.5
wordpress wp_maintenance_mode_plugin 1.8.1
wordpress wp_maintenance_mode_plugin *
wordpress wp_maintenance_mode_plugin 1.8.0
CVE-2013-4338 HIGH

wp-includes/functions.php in WordPress before 3.6.1 does not properly determine whether data has been serialized, which allows remote attackers to execute arbitrary code by triggering erroneous PHP unserialize operations.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2013-4339 HIGH

WordPress before 3.6.1 does not properly validate URLs before use in an HTTP redirect, which allows remote attackers to bypass intended redirection restrictions via a crafted string.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2013-4340 LOW

wp-admin/includes/post.php in WordPress before 3.6.1 allows remote authenticated users to spoof the authorship of a post by leveraging the Author role and providing a modified user_ID parameter.

CVSS 2.0

Severity: LOW

Problem Type: CWE-264,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2013-5738 MEDIUM

The get_allowed_mime_types function in wp-includes/functions.php in WordPress before 3.6.1 does not require the unfiltered_html capability for uploads of .htm and .html files, which might make it easier for remote authenticated users to conduct cross-site scripting (XSS) attacks via a crafted file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2013-5739 LOW

The default configuration of WordPress before 3.6.1 does not prevent uploads of .swf and .exe files, which might make it easier for remote authenticated users to conduct cross-site scripting (XSS) attacks via a crafted file, related to the get_allowed_mime_types function in wp-includes/functions.php.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2013-7233 MEDIUM

Cross-site request forgery (CSRF) vulnerability in the retrospam component in wp-admin/options-discussion.php in WordPress 2.0.11 and earlier allows remote attackers to hijack the authentication of administrators for requests that move comments to the moderation list.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
wordpress wordpress 2.0.4
wordpress wordpress 2.0
wordpress wordpress 2.0.9
wordpress wordpress 2.0.1
wordpress wordpress 2.0.5
wordpress wordpress 2.0.6
wordpress wordpress 2.0.7
wordpress wordpress 2.0.10
wordpress wordpress 2.0.2
wordpress wordpress *
wordpress wordpress 2.0.8
CVE-2013-7240 MEDIUM

Directory traversal vulnerability in download-file.php in the Advanced Dewplayer plugin 1.2 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the dew_file parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
wordpress wordpress -
westerndeal advanced_dewplayer 1.2
CVE-2014-0165 MEDIUM

WordPress before 3.7.2 and 3.8.x before 3.8.2 allows remote authenticated users to publish posts by leveraging the Contributor role, related to wp-admin/includes/post.php and wp-admin/includes/class-wp-posts-list-table.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
wordpress wordpress 1.5.1.3
wordpress wordpress 2.3.3
wordpress wordpress 1.2.3
wordpress wordpress 1.5
wordpress wordpress 2.0.10
wordpress wordpress 3.4.1
wordpress wordpress 3.8
wordpress wordpress 3.1.2
wordpress wordpress 1.2.4
wordpress wordpress 1.2.2
wordpress wordpress 1.0
wordpress wordpress 2.5
wordpress wordpress 1.2.5
wordpress wordpress 3.6.1
wordpress wordpress 2.8.2
wordpress wordpress 3.4.2
wordpress wordpress 3.0.6
wordpress wordpress 2.1.3
wordpress wordpress 2.0.4
wordpress wordpress 1.2
wordpress wordpress 3.5.0
wordpress wordpress 2.8.4
wordpress wordpress 2.6.2
wordpress wordpress 1.1.1
wordpress wordpress 2.1.1
wordpress wordpress 2.8.5.1
wordpress wordpress 2.3.1
wordpress wordpress 3.0.1
wordpress wordpress 1.5.1
wordpress wordpress 3.1
wordpress wordpress 2.0
wordpress wordpress 2.6.5
wordpress wordpress 3.2
wordpress wordpress 3.5.1
wordpress wordpress 2.2
wordpress wordpress 3.1.4
wordpress wordpress 3.8.1
wordpress wordpress 2.7
wordpress wordpress 2.0.8
wordpress wordpress 2.2.3
wordpress wordpress 2.6.1
wordpress wordpress 2.2.2
wordpress wordpress 3.3.2
wordpress wordpress 2.3
wordpress wordpress 2.8
wordpress wordpress 2.8.3
wordpress wordpress 2.8.6
wordpress wordpress 2.9.1
wordpress wordpress 2.9
wordpress wordpress 3.1.3
wordpress wordpress 2.5.1
wordpress wordpress 2.9.1.1
wordpress wordpress 2.8.1
wordpress wordpress 2.7.1
wordpress wordpress 3.0.3
wordpress wordpress 1.5.1.2
wordpress wordpress 3.0
wordpress wordpress 2.0.11
wordpress wordpress 3.1.1
wordpress wordpress 1.5.1.1
wordpress wordpress 2.3.2
wordpress wordpress 1.3
wordpress wordpress 2.8.5.2
wordpress wordpress 1.6.2
wordpress wordpress 3.4.0
wordpress wordpress 2.6.3
wordpress wordpress 2.9.2
wordpress wordpress 3.0.5
wordpress wordpress 1.3.3
wordpress wordpress 2.1
wordpress wordpress 2.0.9
wordpress wordpress 1.5.2
wordpress wordpress 2.0.6
wordpress wordpress 3.3.3
wordpress wordpress 2.0.7
wordpress wordpress 3.0.4
wordpress wordpress 3.2.1
wordpress wordpress 2.1.2
wordpress wordpress 2.8.5
wordpress wordpress 3.6
wordpress wordpress 0.71
wordpress wordpress 1.0.2
wordpress wordpress 2.2.1
wordpress wordpress 3.0.2
wordpress wordpress 2.0.1
wordpress wordpress 1.3.2
wordpress wordpress 3.3.1
wordpress wordpress 2.0.5
wordpress wordpress 3.3
wordpress wordpress 1.2.1
wordpress wordpress 2.0.2
wordpress wordpress *
wordpress wordpress 1.0.1
wordpress wordpress 2.6
wordpress wordpress 3.7
CVE-2014-0166 MEDIUM

The wp_validate_auth_cookie function in wp-includes/pluggable.php in WordPress before 3.7.2 and 3.8.x before 3.8.2 does not properly determine the validity of authentication cookies, which makes it easier for remote attackers to obtain access via a forged cookie.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
wordpress wordpress 1.5.1.3
wordpress wordpress 2.3.3
wordpress wordpress 1.2.3
wordpress wordpress 1.5
wordpress wordpress 2.0.10
wordpress wordpress 3.4.1
wordpress wordpress 3.8
wordpress wordpress 3.1.2
wordpress wordpress 1.2.4
wordpress wordpress 1.2.2
wordpress wordpress 1.0
wordpress wordpress 2.5
wordpress wordpress 1.2.5
wordpress wordpress 3.6.1
wordpress wordpress 2.8.2
wordpress wordpress 3.4.2
wordpress wordpress 3.0.6
wordpress wordpress 2.1.3
wordpress wordpress 2.0.4
wordpress wordpress 1.2
wordpress wordpress 3.5.0
wordpress wordpress 2.8.4
wordpress wordpress 2.6.2
wordpress wordpress 1.1.1
wordpress wordpress 2.1.1
wordpress wordpress 2.8.5.1
wordpress wordpress 2.3.1
wordpress wordpress 3.0.1
wordpress wordpress 1.5.1
wordpress wordpress 3.1
wordpress wordpress 2.0
wordpress wordpress 2.6.5
wordpress wordpress 3.2
wordpress wordpress 3.5.1
wordpress wordpress 2.2
wordpress wordpress 3.1.4
wordpress wordpress 3.8.1
wordpress wordpress 2.7
wordpress wordpress 2.0.8
wordpress wordpress 2.2.3
wordpress wordpress 2.6.1
wordpress wordpress 2.2.2
wordpress wordpress 3.3.2
wordpress wordpress 2.3
wordpress wordpress 2.8
wordpress wordpress 2.8.3
wordpress wordpress 2.8.6
wordpress wordpress 2.9.1
wordpress wordpress 2.9
wordpress wordpress 3.1.3
wordpress wordpress 2.5.1
wordpress wordpress 2.9.1.1
wordpress wordpress 2.8.1
wordpress wordpress 2.7.1
wordpress wordpress 3.0.3
wordpress wordpress 1.5.1.2
wordpress wordpress 3.0
wordpress wordpress 2.0.11
wordpress wordpress 3.1.1
wordpress wordpress 1.5.1.1
wordpress wordpress 2.3.2
wordpress wordpress 1.3
wordpress wordpress 2.8.5.2
wordpress wordpress 1.6.2
wordpress wordpress 3.4.0
wordpress wordpress 2.6.3
wordpress wordpress 2.9.2
wordpress wordpress 3.0.5
wordpress wordpress 1.3.3
wordpress wordpress 2.1
wordpress wordpress 2.0.9
wordpress wordpress 1.5.2
wordpress wordpress 2.0.6
wordpress wordpress 3.3.3
wordpress wordpress 2.0.7
wordpress wordpress 3.0.4
wordpress wordpress 3.2.1
wordpress wordpress 2.1.2
wordpress wordpress 2.8.5
wordpress wordpress 3.6
wordpress wordpress 0.71
wordpress wordpress 1.0.2
wordpress wordpress 2.2.1
wordpress wordpress 3.0.2
wordpress wordpress 2.0.1
wordpress wordpress 1.3.2
wordpress wordpress 3.3.1
wordpress wordpress 2.0.5
wordpress wordpress 3.3
wordpress wordpress 1.2.1
wordpress wordpress 2.0.2
wordpress wordpress *
wordpress wordpress 1.0.1
wordpress wordpress 2.6
wordpress wordpress 3.7
CVE-2014-5203 HIGH

wp-includes/class-wp-customize-widgets.php in the widget implementation in WordPress 3.9.x before 3.9.2 might allow remote attackers to execute arbitrary code via crafted serialized data.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
wordpress wordpress 3.9.1
wordpress wordpress 3.9.0
CVE-2014-5204 MEDIUM

wp-includes/pluggable.php in WordPress before 3.9.2 rejects invalid CSRF nonces with a different timing depending on which characters in the nonce are incorrect, which makes it easier for remote attackers to bypass a CSRF protection mechanism via a brute-force attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
debian debian_linux 7.0
wordpress wordpress 3.9.0
wordpress wordpress *
CVE-2014-5205 MEDIUM

wp-includes/pluggable.php in WordPress before 3.9.2 does not use delimiters during concatenation of action values and uid values in CSRF tokens, which makes it easier for remote attackers to bypass a CSRF protection mechanism via a brute-force attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
wordpress wordpress 3.9.0
wordpress wordpress *
CVE-2014-5240 LOW

Cross-site scripting (XSS) vulnerability in wp-includes/pluggable.php in WordPress before 3.9.2, when Multisite is enabled, allows remote authenticated administrators to inject arbitrary web script or HTML, and obtain Super Admin privileges, via a crafted avatar URL.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress 3.3.2
wordpress wordpress 3.1.3
wordpress wordpress 3.0.3
wordpress wordpress 3.0
wordpress wordpress 3.4.1
wordpress wordpress 3.8
wordpress wordpress 3.1.1
wordpress wordpress 3.1.2
wordpress wordpress 3.6.1
wordpress wordpress 3.4.2
wordpress wordpress 3.4.0
wordpress wordpress 3.0.6
wordpress wordpress 3.0.5
wordpress wordpress 3.5.0
wordpress wordpress 3.3.3
wordpress wordpress 3.9.0
wordpress wordpress 3.0.4
wordpress wordpress 3.2.1
debian debian_linux 7.0
wordpress wordpress 3.0.1
wordpress wordpress 3.6
wordpress wordpress 3.1
wordpress wordpress 3.2
wordpress wordpress 3.5.1
wordpress wordpress 3.0.2
wordpress wordpress 3.3.1
wordpress wordpress 3.1.4
wordpress wordpress 3.7.1
wordpress wordpress 3.3
wordpress wordpress 3.8.1
wordpress wordpress *
wordpress wordpress 3.7
CVE-2014-5265 MEDIUM

The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and 7.x before 7.31, permits entity declarations without considering recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
drupal drupal 7.x-dev
drupal drupal 6.27
drupal drupal 7.26
drupal drupal 7.24
wordpress wordpress 3.1.2
drupal drupal 6.1
wordpress wordpress 3.6.1
wordpress wordpress 3.4.2
drupal drupal 6.15
wordpress wordpress 3.0.6
drupal drupal 6.28
drupal drupal 6.10
drupal drupal 7.17
wordpress wordpress 3.0.1
drupal drupal 7.20
wordpress wordpress 3.1
wordpress wordpress 3.2
drupal drupal 6.18
drupal drupal 6.7
wordpress wordpress 3.8.1
wordpress wordpress 3.3.2
drupal drupal 6.0
wordpress wordpress 3.1.3
wordpress wordpress 3.0.3
drupal drupal 6.8
wordpress wordpress 3.0
drupal drupal 6.12
drupal drupal 7.4
drupal drupal 6.22
drupal drupal 7.14
drupal drupal 6.2
drupal drupal 7.16
drupal drupal 6.14
wordpress wordpress 3.3.3
drupal drupal 7.5
drupal drupal 6.19
drupal drupal 7.13
drupal drupal 7.15
debian debian_linux 7.0
drupal drupal 7.9
wordpress wordpress 3.3.1
drupal drupal 6.5
drupal drupal 7.3
drupal drupal 7.1
drupal drupal 7.10
wordpress wordpress 3.4.1
drupal drupal 6.30
drupal drupal 6.31
wordpress wordpress 3.8
drupal drupal 6.3
drupal drupal 6.26
drupal drupal 6.32
wordpress wordpress 3.5.0
drupal drupal 6.21
drupal drupal 7.23
drupal drupal 7.25
drupal drupal 6.25
wordpress wordpress 3.5.1
drupal drupal 7.18
wordpress wordpress 3.1.4
wordpress wordpress 3.7.1
drupal drupal 7.8
drupal drupal 6.16
drupal drupal 7.7
drupal drupal 6.20
drupal drupal 7.27
drupal drupal 7.29
drupal drupal 7.21
drupal drupal 7.30
drupal drupal 6.24
drupal drupal 6.6
drupal drupal 7.0
wordpress wordpress 3.1.1
drupal drupal 7.12
drupal drupal 6.13
wordpress wordpress 3.4.0
drupal drupal 7.22
wordpress wordpress 3.0.5
drupal drupal 7.6
drupal drupal 7.28
drupal drupal 6.29
wordpress wordpress 3.9.0
drupal drupal 7.2
wordpress wordpress 3.0.4
wordpress wordpress 3.2.1
drupal drupal 6.23
drupal drupal 6.9
wordpress wordpress 3.6
wordpress wordpress 3.0.2
drupal drupal 6.17
wordpress wordpress 3.3
drupal drupal 7.11
wordpress wordpress *
drupal drupal 6.4
drupal drupal 6.11
drupal drupal 7.19
wordpress wordpress 3.7
CVE-2014-5266 MEDIUM

The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and 7.x before 7.31, does not limit the number of elements in an XML document, which allows remote attackers to cause a denial of service (CPU consumption) via a large document, a different vulnerability than CVE-2014-5265.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
drupal drupal 7.x-dev
drupal drupal 6.27
drupal drupal 7.26
drupal drupal 7.24
wordpress wordpress 3.1.2
drupal drupal 6.1
wordpress wordpress 3.6.1
wordpress wordpress 3.4.2
drupal drupal 6.15
wordpress wordpress 3.0.6
drupal drupal 6.28
drupal drupal 6.10
drupal drupal 7.17
wordpress wordpress 3.0.1
drupal drupal 7.20
wordpress wordpress 3.1
wordpress wordpress 3.2
drupal drupal 6.18
drupal drupal 6.7
wordpress wordpress 3.8.1
wordpress wordpress 3.3.2
drupal drupal 6.0
wordpress wordpress 3.1.3
wordpress wordpress 3.0.3
drupal drupal 6.8
wordpress wordpress 3.0
drupal drupal 6.12
drupal drupal 7.4
drupal drupal 6.22
drupal drupal 7.14
drupal drupal 6.2
drupal drupal 7.16
drupal drupal 6.14
wordpress wordpress 3.3.3
drupal drupal 7.5
drupal drupal 6.19
drupal drupal 7.13
drupal drupal 7.15
debian debian_linux 7.0
drupal drupal 7.9
wordpress wordpress 3.3.1
drupal drupal 6.5
drupal drupal 7.3
drupal drupal 7.1
drupal drupal 7.10
wordpress wordpress 3.4.1
drupal drupal 6.30
drupal drupal 6.31
wordpress wordpress 3.8
drupal drupal 6.3
drupal drupal 6.26
drupal drupal 6.32
wordpress wordpress 3.5.0
drupal drupal 6.21
drupal drupal 7.23
drupal drupal 7.25
drupal drupal 6.25
wordpress wordpress 3.5.1
drupal drupal 7.18
wordpress wordpress 3.1.4
wordpress wordpress 3.7.1
drupal drupal 7.8
drupal drupal 6.16
drupal drupal 7.7
drupal drupal 6.20
drupal drupal 7.27
drupal drupal 7.29
drupal drupal 7.21
drupal drupal 7.30
drupal drupal 6.24
drupal drupal 6.6
drupal drupal 7.0
wordpress wordpress 3.1.1
drupal drupal 7.12
drupal drupal 6.13
wordpress wordpress 3.4.0
drupal drupal 7.22
wordpress wordpress 3.0.5
drupal drupal 7.6
drupal drupal 7.28
drupal drupal 6.29
wordpress wordpress 3.9.0
drupal drupal 7.2
wordpress wordpress 3.0.4
wordpress wordpress 3.2.1
drupal drupal 6.23
drupal drupal 6.9
wordpress wordpress 3.6
wordpress wordpress 3.0.2
drupal drupal 6.17
wordpress wordpress 3.3
drupal drupal 7.11
wordpress wordpress *
drupal drupal 6.4
drupal drupal 6.11
drupal drupal 7.19
wordpress wordpress 3.7
CVE-2014-6412 MEDIUM

WordPress before 4.4 makes it easier for remote attackers to predict password-recovery tokens via a brute-force approach.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-640,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2014-9031 MEDIUM

Cross-site scripting (XSS) vulnerability in the wptexturize function in WordPress before 3.7.5, 3.8.x before 3.8.5, and 3.9.x before 3.9.3 allows remote attackers to inject arbitrary web script or HTML via crafted use of shortcode brackets in a text field, as demonstrated by a comment or a post.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress 3.8
wordpress wordpress 3.8.4
wordpress wordpress 3.9.1
wordpress wordpress 3.9
wordpress wordpress 3.8.3
wordpress wordpress 3.8.1
wordpress wordpress *
wordpress wordpress 3.9.2
wordpress wordpress 3.8.2
CVE-2014-9032 MEDIUM

Cross-site scripting (XSS) vulnerability in the media-playlists feature in WordPress before 3.9.x before 3.9.3 and 4.x before 4.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress 3.9.1
wordpress wordpress 4.0
wordpress wordpress 3.9
wordpress wordpress 3.9.2
CVE-2014-9033 MEDIUM

Cross-site request forgery (CSRF) vulnerability in wp-login.php in WordPress 3.7.4, 3.8.4, 3.9.2, and 4.0 allows remote attackers to hijack the authentication of arbitrary users for requests that reset passwords.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
wordpress wordpress 3.8.4
wordpress wordpress 4.0
wordpress wordpress 3.7.4
wordpress wordpress 3.9.2
CVE-2014-9034 MEDIUM

wp-includes/class-phpass.php in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 allows remote attackers to cause a denial of service (CPU consumption) via a long password that is improperly handled during hashing, a similar issue to CVE-2014-9016.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-19,

Products Affected

Vendor Product Version
wordpress wordpress 3.8
wordpress wordpress 3.8.4
wordpress wordpress 3.9.1
wordpress wordpress 4.0
wordpress wordpress 3.9
wordpress wordpress 3.8.3
wordpress wordpress 3.8.1
wordpress wordpress *
wordpress wordpress 3.9.2
wordpress wordpress 3.8.2
CVE-2014-9035 MEDIUM

Cross-site scripting (XSS) vulnerability in Press This in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress 3.8.4
wordpress wordpress 3.9
wordpress wordpress 3.8.3
wordpress wordpress 3.9.2
debian debian_linux 7.0
wordpress wordpress 3.8
wordpress wordpress 3.9.1
wordpress wordpress 4.0
debian debian_linux 8.0
wordpress wordpress 3.8.1
wordpress wordpress *
wordpress wordpress 3.8.2
CVE-2014-9036 MEDIUM

Cross-site scripting (XSS) vulnerability in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted Cascading Style Sheets (CSS) token sequence in a post.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress 3.8.4
wordpress wordpress 3.9
wordpress wordpress 3.8.3
wordpress wordpress 3.9.2
debian debian_linux 7.0
wordpress wordpress 3.8
wordpress wordpress 3.9.1
wordpress wordpress 4.0
debian debian_linux 8.0
wordpress wordpress 3.8.1
wordpress wordpress *
wordpress wordpress 3.8.2
CVE-2014-9037 MEDIUM

WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 might allow remote attackers to obtain access to an account idle since 2008 by leveraging an improper PHP dynamic type comparison for an MD5 hash.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
wordpress wordpress 3.8.4
mageia_project mageia 4
wordpress wordpress 3.9
wordpress wordpress 3.8.3
mageia_project mageia 3
wordpress wordpress 3.9.2
debian debian_linux 7.0
wordpress wordpress 3.8
wordpress wordpress 3.9.1
wordpress wordpress 4.0
debian debian_linux 8.0
wordpress wordpress 3.8.1
wordpress wordpress *
wordpress wordpress 3.8.2
CVE-2014-9038 MEDIUM

wp-includes/http.php in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 allows remote attackers to conduct server-side request forgery (SSRF) attacks by referring to a 127.0.0.0/8 resource.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
wordpress wordpress 3.8
wordpress wordpress 3.8.4
wordpress wordpress 3.9.1
wordpress wordpress 4.0
wordpress wordpress 3.9
wordpress wordpress 3.8.3
wordpress wordpress 3.8.1
wordpress wordpress *
wordpress wordpress 3.9.2
wordpress wordpress 3.8.2
CVE-2014-9039 MEDIUM

wp-login.php in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 might allow remote attackers to reset passwords by leveraging access to an e-mail account that received a password-reset message.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-254,

Products Affected

Vendor Product Version
wordpress wordpress 3.8.4
mageia_project mageia 4
wordpress wordpress 3.9
wordpress wordpress 3.8.3
mageia_project mageia 3
wordpress wordpress 3.9.2
debian debian_linux 7.0
wordpress wordpress 3.8
wordpress wordpress 3.9.1
wordpress wordpress 4.0
debian debian_linux 8.0
wordpress wordpress 3.8.1
wordpress wordpress *
wordpress wordpress 3.8.2
CVE-2015-2213 HIGH

SQL injection vulnerability in the wp_untrash_post_comments function in wp-includes/post.php in WordPress before 4.2.4 allows remote attackers to execute arbitrary SQL commands via a comment that is mishandled after retrieval from the trash.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2015-3438 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in WordPress before 4.1.2, when MySQL is used without strict mode, allow remote attackers to inject arbitrary web script or HTML via a (1) four-byte UTF-8 character or (2) invalid character that reaches the database layer, as demonstrated by a crafted character in a comment.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 7.0
debian debian_linux 8.0
wordpress wordpress *
CVE-2015-3439 MEDIUM

Cross-site scripting (XSS) vulnerability in the Ephox (formerly Moxiecode) plupload.flash.swf shim 2.1.2 in Plupload, as used in WordPress 3.9.x, 4.0.x, and 4.1.x before 4.1.2 and other products, allows remote attackers to execute same-origin JavaScript functions via the target parameter, as demonstrated by executing a certain click function, related to _init.as and _fireEvent.as.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 7.0
wordpress wordpress 4.0.1
wordpress wordpress 4.1.1
wordpress wordpress 3.9.1
wordpress wordpress 3.9.3
wordpress wordpress 4.0
wordpress wordpress 3.9.0
debian debian_linux 8.0
wordpress wordpress 3.9.2
wordpress wordpress 4.1
CVE-2015-3440 MEDIUM

Cross-site scripting (XSS) vulnerability in wp-includes/wp-db.php in WordPress before 4.2.1 allows remote attackers to inject arbitrary web script or HTML via a long comment that is improperly stored because of limitations on the MySQL TEXT data type.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 7.0
debian debian_linux 8.0
wordpress wordpress *
CVE-2015-5622 LOW

Cross-site scripting (XSS) vulnerability in WordPress before 4.2.3 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the Author or Contributor role to place a crafted shortcode inside an HTML element, related to wp-includes/kses.php and wp-includes/shortcodes.php.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 8.0
wordpress wordpress *
CVE-2015-5623 MEDIUM

WordPress before 4.2.3 does not properly verify the edit_posts capability, which allows remote authenticated users to bypass intended access restrictions and create drafts by leveraging the Subscriber role, as demonstrated by a post-quickdraft-save action to wp-admin/post.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,

Products Affected

Vendor Product Version
debian debian_linux 8.0
wordpress wordpress *
CVE-2015-5714 MEDIUM

Cross-site scripting (XSS) vulnerability in WordPress before 4.3.1 allows remote attackers to inject arbitrary web script or HTML by leveraging the mishandling of unclosed HTML elements during processing of shortcode tags.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2015-5715 MEDIUM

The mw_editPost function in wp-includes/class-wp-xmlrpc-server.php in the XMLRPC subsystem in WordPress before 4.3.1 allows remote authenticated users to bypass intended access restrictions, and arrange for a private post to be published and sticky, via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2015-5730 MEDIUM

The sanitize_widget_instance function in wp-includes/class-wp-customize-widgets.php in WordPress before 4.2.4 does not use a constant-time comparison for widgets, which allows remote attackers to conduct a timing side-channel attack by measuring the delay before inequality is calculated.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2015-5731 MEDIUM

Cross-site request forgery (CSRF) vulnerability in wp-admin/post.php in WordPress before 4.2.4 allows remote attackers to hijack the authentication of administrators for requests that lock a post, and consequently cause a denial of service (editing blockage), via a get-post-lock action.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2015-5732 MEDIUM

Cross-site scripting (XSS) vulnerability in the form function in the WP_Nav_Menu_Widget class in wp-includes/default-widgets.php in WordPress before 4.2.4 allows remote attackers to inject arbitrary web script or HTML via a widget title.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2015-5733 MEDIUM

Cross-site scripting (XSS) vulnerability in the refreshAdvancedAccessibilityOfItem function in wp-admin/js/nav-menu.js in WordPress before 4.2.4 allows remote attackers to inject arbitrary web script or HTML via an accessibility-helper title.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2015-5734 MEDIUM

Cross-site scripting (XSS) vulnerability in the legacy theme preview implementation in wp-includes/theme.php in WordPress before 4.2.4 allows remote attackers to inject arbitrary web script or HTML via a crafted string.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2015-7989 LOW

Cross-site scripting (XSS) vulnerability in the user list table in WordPress before 4.3.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted e-mail address, a different vulnerability than CVE-2015-5714.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2015-8834 MEDIUM

Cross-site scripting (XSS) vulnerability in wp-includes/wp-db.php in WordPress before 4.2.2 allows remote attackers to inject arbitrary web script or HTML via a long comment that is improperly stored because of limitations on the MySQL TEXT data type. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-3440.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2016-10033 HIGH

The mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-88,CWE-88,

Products Affected

Vendor Product Version
phpmailer_project phpmailer *
wordpress wordpress *
joomla joomla! *
CVE-2016-10045 HIGH

The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal escaping performed in the mail function in PHP. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-10033.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-77,

Products Affected

Vendor Product Version
phpmailer_project phpmailer *
wordpress wordpress *
joomla joomla! *
CVE-2016-10148 MEDIUM

The wp_ajax_update_plugin function in wp-admin/includes/ajax-actions.php in WordPress before 4.6 makes a get_plugin_data call before checking the update_plugins capability, which allows remote authenticated users to bypass intended read-access restrictions via the plugin parameter to wp-admin/admin-ajax.php, a related issue to CVE-2016-6896.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-254,CWE-284,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2016-1564 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in wp-includes/class-wp-theme.php in WordPress before 4.4.1 allow remote attackers to inject arbitrary web script or HTML via a (1) stylesheet name or (2) template name to wp-admin/customize.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2016-2221 MEDIUM

Open redirect vulnerability in the wp_validate_redirect function in wp-includes/pluggable.php in WordPress before 4.4.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a malformed URL that triggers incorrect hostname parsing, as demonstrated by an https:example.com URL.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2016-2222 MEDIUM

The wp_http_validate_url function in wp-includes/http.php in WordPress before 4.4.2 allows remote attackers to conduct server-side request forgery (SSRF) attacks via a zero value in the first octet of an IPv4 address in the u parameter to wp-admin/press-this.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
wordpress wordpress 4.4.1
CVE-2016-4029 MEDIUM

WordPress before 4.5 does not consider octal and hexadecimal IP address formats when determining an intranet address, which allows remote attackers to bypass an intended SSRF protection mechanism via a crafted address.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.6 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N 3.9 4.0

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-918,

Products Affected

Vendor Product Version
debian debian_linux 8.0
wordpress wordpress *
CVE-2016-4566 MEDIUM

Cross-site scripting (XSS) vulnerability in plupload.flash.swf in Plupload before 2.1.9, as used in WordPress before 4.5.2, allows remote attackers to inject arbitrary web script or HTML via a Same-Origin Method Execution (SOME) attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress *
plupload plupload *
CVE-2016-4567 MEDIUM

Cross-site scripting (XSS) vulnerability in flash/FlashMediaElement.as in MediaElement.js before 2.21.0, as used in WordPress before 4.5.2, allows remote attackers to inject arbitrary web script or HTML via an obfuscated form of the jsinitfunction parameter, as demonstrated by "jsinitfunctio%gn."

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mediaelementjs mediaelement.js *
wordpress wordpress *
CVE-2016-5832 MEDIUM

The customizer in WordPress before 4.5.3 allows remote attackers to bypass intended redirection restrictions via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2016-5833 MEDIUM

Cross-site scripting (XSS) vulnerability in the column_title function in wp-admin/includes/class-wp-media-list-table.php in WordPress before 4.5.3 allows remote attackers to inject arbitrary web script or HTML via a crafted attachment name, a different vulnerability than CVE-2016-5834.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2016-5834 MEDIUM

Cross-site scripting (XSS) vulnerability in the wp_get_attachment_link function in wp-includes/post-template.php in WordPress before 4.5.3 allows remote attackers to inject arbitrary web script or HTML via a crafted attachment name, a different vulnerability than CVE-2016-5833.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2016-5835 MEDIUM

WordPress before 4.5.3 allows remote attackers to obtain sensitive revision-history information by leveraging the ability to read a post, related to wp-admin/includes/ajax-actions.php and wp-admin/revision.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2016-5836 MEDIUM

The oEmbed protocol implementation in WordPress before 4.5.3 allows remote attackers to cause a denial of service via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2016-5837 MEDIUM

WordPress before 4.5.3 allows remote attackers to bypass intended access restrictions and remove a category attribute from a post via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2016-5838 MEDIUM

WordPress before 4.5.3 allows remote attackers to bypass intended password-change restrictions by leveraging knowledge of a cookie.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-255,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2016-5839 MEDIUM

WordPress before 4.5.3 allows remote attackers to bypass the sanitize_file_name protection mechanism via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2016-6634 MEDIUM

Cross-site scripting (XSS) vulnerability in the network settings page in WordPress before 4.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2016-6635 MEDIUM

Cross-site request forgery (CSRF) vulnerability in the wp_ajax_wp_compression_test function in wp-admin/includes/ajax-actions.php in WordPress before 4.5 allows remote attackers to hijack the authentication of administrators for requests that change the script compression option.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2016-6896 MEDIUM

Directory traversal vulnerability in the wp_ajax_update_plugin function in wp-admin/includes/ajax-actions.php in WordPress 4.5.3 allows remote authenticated users to cause a denial of service or read certain text files via a .. (dot dot) in the plugin parameter to wp-admin/admin-ajax.php, as demonstrated by /dev/random read operations that deplete the entropy pool.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
wordpress wordpress 4.5.3
CVE-2016-6897 MEDIUM

Cross-site request forgery (CSRF) vulnerability in the wp_ajax_update_plugin function in wp-admin/includes/ajax-actions.php in WordPress before 4.6 allows remote attackers to hijack the authentication of subscribers for /dev/random read operations by leveraging a late call to the check_ajax_referer function, a related issue to CVE-2016-6896.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2016-7168 LOW

Cross-site scripting (XSS) vulnerability in the media_handle_upload function in wp-admin/includes/media.php in WordPress before 4.6.1 might allow remote attackers to inject arbitrary web script or HTML by tricking an administrator into uploading an image file that has a crafted filename.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2016-7169 MEDIUM

Directory traversal vulnerability in the File_Upload_Upgrader class in wp-admin/includes/class-file-upload-upgrader.php in the upgrade package uploader in WordPress before 4.6.1 allows remote authenticated users to access arbitrary files via a crafted urlholder parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2016-9263 LOW

WordPress through 4.8.2, when domain-based flashmediaelement.swf sandboxing is not used, allows remote attackers to conduct cross-domain Flash injection (XSF) attacks by leveraging code contained within the wp-includes/js/mediaelement/flashmediaelement.swf file.

CVSS 2.0

Severity: LOW

Problem Type: CWE-20,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2017-1000600 MEDIUM

WordPress version <4.9 contains a CWE-20 Input Validation vulnerability in thumbnail processing that can result in remote code execution. This attack appears to be exploitable via thumbnail upload by an authenticated user and may require additional plugins in order to be exploited however this has not been confirmed at this time. This issue appears to have been partially, but not completely fixed in WordPress 4.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2017-1001000 MEDIUM

The register_routes function in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in the REST API in WordPress 4.7.x before 4.7.2 does not require an integer identifier, which allows remote attackers to modify arbitrary pages via a request for wp-json/wp/v2/posts followed by a numeric value and a non-numeric value, as demonstrated by the wp-json/wp/v2/posts/123?id=123helloworld URI.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
wordpress wordpress 4.7.2
wordpress wordpress 4.7
wordpress wordpress 4.7.1
CVE-2017-14718 MEDIUM

Before version 4.8.2, WordPress was susceptible to a Cross-Site Scripting attack in the link modal via a javascript: or data: URL.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2017-14719 MEDIUM

Before version 4.8.2, WordPress was vulnerable to a directory traversal attack during unzip operations in the ZipArchive and PclZip components.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
wordpress wordpress 3.9.10
wordpress wordpress 3.7.9
wordpress wordpress 3.8.6
wordpress wordpress 4.0.6
wordpress wordpress 4.0.11
wordpress wordpress 3.7.2
wordpress wordpress 3.8.20
wordpress wordpress 4.0.15
wordpress wordpress 3.4.2
wordpress wordpress 4.1.11
wordpress wordpress 3.0.6
wordpress wordpress 4.5.4
wordpress wordpress 4.0.19
wordpress wordpress 4.3.4
wordpress wordpress 4.2.8
wordpress wordpress 3.7.4
wordpress wordpress 4.1.2
wordpress wordpress 4.0.13
wordpress wordpress 3.1
wordpress wordpress 3.5
wordpress wordpress 3.8.14
wordpress wordpress 4.0.7
wordpress wordpress 4.6.5
wordpress wordpress 3.8.1
wordpress wordpress 3.9.14
wordpress wordpress 4.4.1
wordpress wordpress 4.1.4
wordpress wordpress 4.5.2
wordpress wordpress 3.7.6
wordpress wordpress 4.2.2
wordpress wordpress 3.3.2
wordpress wordpress 3.9.18
wordpress wordpress 4.1.14
wordpress wordpress 4.4.5
wordpress wordpress 3.9.8
wordpress wordpress 3.9
wordpress wordpress 3.8.16
wordpress wordpress 3.8.3
wordpress wordpress 4.4.9
wordpress wordpress 3.0
wordpress wordpress 4.1.15
wordpress wordpress 4.6.4
wordpress wordpress 4.0
wordpress wordpress 3.4
wordpress wordpress 4.2.3
wordpress wordpress 3.7.16
wordpress wordpress 3.8.21
wordpress wordpress 4.0.8
wordpress wordpress 3.7.18
wordpress wordpress 3.8.7
wordpress wordpress 3.7.20
wordpress wordpress 4.3.5
wordpress wordpress 4.4
wordpress wordpress 4.1.9
wordpress wordpress 4.5.1
wordpress wordpress 4.0.9
wordpress wordpress 3.9.7
wordpress wordpress 3.9.3
wordpress wordpress 4.3.3
wordpress wordpress 3.4.1
wordpress wordpress 3.7.10
wordpress wordpress 3.9.6
wordpress wordpress 3.8.17
wordpress wordpress 4.2.14
wordpress wordpress 3.7.17
wordpress wordpress 4.0.17
wordpress wordpress 3.8.8
wordpress wordpress 4.1.16
wordpress wordpress 3.7.19
wordpress wordpress 4.1.7
wordpress wordpress 3.9.19
wordpress wordpress 3.8.10
wordpress wordpress 4.4.2
wordpress wordpress 4.2.4
wordpress wordpress 4.1.5
wordpress wordpress 4.2.10
wordpress wordpress 4.6.2
wordpress wordpress 3.7.1
wordpress wordpress 4.1.10
wordpress wordpress 3.8.2
wordpress wordpress 3.8.15
wordpress wordpress 4.3.2
wordpress wordpress 3.8.18
wordpress wordpress 4.5.5
wordpress wordpress 3.7.8
wordpress wordpress 4.2.6
wordpress wordpress 3.0.4
wordpress wordpress 3.2.1
wordpress wordpress 4.3.11
wordpress wordpress 3.9.9
wordpress wordpress 3.0.2
wordpress wordpress 3.9.11
wordpress wordpress 4.0.12
wordpress wordpress 3.7.13
wordpress wordpress 4.2.7
wordpress wordpress 3.7.7
wordpress wordpress 3.8.9
wordpress wordpress 4.2.16
wordpress wordpress 4.6.6
wordpress wordpress 4.7.1
wordpress wordpress 3.9.2
wordpress wordpress 4.7.4
wordpress wordpress 3.5.2
wordpress wordpress 3.1.2
wordpress wordpress 3.7.11
wordpress wordpress 3.6.1
wordpress wordpress 3.9.15
wordpress wordpress 4.7.3
wordpress wordpress 4.1.13
wordpress wordpress 4.0.16
wordpress wordpress 3.8.4
wordpress wordpress 3.7.22
wordpress wordpress 3.9.4
wordpress wordpress 3.9.16
wordpress wordpress 3.0.1
wordpress wordpress 3.2
wordpress wordpress 4.1.12
wordpress wordpress 4.1.17
wordpress wordpress 4.6
wordpress wordpress 4.2.11
wordpress wordpress 3.7.3
wordpress wordpress 3.8.19
wordpress wordpress 4.4.11
wordpress wordpress 3.1.3
wordpress wordpress 4.4.7
wordpress wordpress 3.9.5
wordpress wordpress 3.0.3
wordpress wordpress 4.5.3
wordpress wordpress 4.2.5
wordpress wordpress 3.9.13
wordpress wordpress 4.0.3
wordpress wordpress 4.6.7
wordpress wordpress 3.8.12
wordpress wordpress 4.1.18
wordpress wordpress 3.8.5
wordpress wordpress 3.7.15
wordpress wordpress 4.3.6
wordpress wordpress 4.3.9
wordpress wordpress 4.2.1
wordpress wordpress 4.1.6
wordpress wordpress 4.3
wordpress wordpress 4.2.15
wordpress wordpress 4.7.5
wordpress wordpress 3.3.3
wordpress wordpress 4.3.1
wordpress wordpress 4.2.12
wordpress wordpress 4.3.8
wordpress wordpress 4.0.1
wordpress wordpress 4.1.1
wordpress wordpress 4.4.3
wordpress wordpress 3.3.1
wordpress wordpress 4.5.7
wordpress wordpress 3.7.21
wordpress wordpress 4.0.10
wordpress wordpress 4.0.4
wordpress wordpress 4.6.1
wordpress wordpress 4.4.8
wordpress wordpress 4.1.8
wordpress wordpress 4.5.10
wordpress wordpress 4.6.3
wordpress wordpress 3.7.5
wordpress wordpress 3.8.13
wordpress wordpress 3.8
wordpress wordpress 4.2.9
wordpress wordpress 4.3.12
wordpress wordpress 4.4.6
wordpress wordpress 4.0.2
wordpress wordpress 3.9.17
wordpress wordpress 4.7.2
wordpress wordpress 4.7
wordpress wordpress 4.0.5
wordpress wordpress 3.7.12
wordpress wordpress 3.5.1
wordpress wordpress 3.1.4
wordpress wordpress 4.5.8
wordpress wordpress 3.9.20
wordpress wordpress 4.3.10
wordpress wordpress 3.8.22
wordpress wordpress 4.5.6
wordpress wordpress 4.4.4
wordpress wordpress 4.8.1
wordpress wordpress 4.5.9
wordpress wordpress 4.0.18
wordpress wordpress 4.1
wordpress wordpress 4.2
wordpress wordpress 3.1.1
wordpress wordpress 3.9.12
wordpress wordpress 3.8.11
wordpress wordpress 3.7.14
wordpress wordpress 3.0.5
wordpress wordpress 4.1.3
wordpress wordpress 4.1.19
wordpress wordpress 4.2.13
wordpress wordpress 4.0.14
wordpress wordpress 3.6
wordpress wordpress 4.8
wordpress wordpress 3.9.1
wordpress wordpress 4.3.7
wordpress wordpress 4.4.10
wordpress wordpress 4.5
wordpress wordpress 3.3
wordpress wordpress 3.7
CVE-2017-14720 MEDIUM

Before version 4.8.2, WordPress allowed a Cross-Site scripting attack in the template list view via a crafted template name.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2017-14721 MEDIUM

Before version 4.8.2, WordPress allowed Cross-Site scripting in the plugin editor via a crafted plugin name.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2017-14722 MEDIUM

Before version 4.8.2, WordPress allowed a Directory Traversal attack in the Customizer component via a crafted theme filename.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
wordpress wordpress 4.7.2
wordpress wordpress 4.7.5
wordpress wordpress 4.8
wordpress wordpress 4.7
wordpress wordpress 4.7.3
wordpress wordpress 4.8.1
wordpress wordpress 4.7.1
wordpress wordpress 4.7.4
CVE-2017-14723 HIGH

Before version 4.8.2, WordPress mishandled % characters and additional placeholder values in $wpdb->prepare, and thus did not properly address the possibility of plugins and themes enabling SQL injection attacks.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2017-14724 MEDIUM

Before version 4.8.2, WordPress was vulnerable to cross-site scripting in oEmbed discovery.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2017-14725 MEDIUM

Before version 4.8.2, WordPress was susceptible to an open redirect attack in wp-admin/edit-tag-form.php and wp-admin/user-edit.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-601,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2017-14726 MEDIUM

Before version 4.8.2, WordPress was vulnerable to a cross-site scripting attack via shortcodes in the TinyMCE visual editor.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2017-14990 MEDIUM

WordPress 4.8.2 stores cleartext wp_signups.activation_key values (but stores the analogous wp_users.user_activation_key values as hashes), which might make it easier for remote attackers to hijack unactivated user accounts by leveraging database read access (such as access gained through an unspecified SQL injection vulnerability).

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-312,

Products Affected

Vendor Product Version
wordpress wordpress 4.8.2
debian debian_linux 8.0
debian debian_linux 9.0
CVE-2017-16510 HIGH

WordPress before 4.8.3 is affected by an issue where $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi) in plugins and themes, as demonstrated by a "double prepare" approach, a different vulnerability than CVE-2017-14723.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2017-17091 MEDIUM

wp-admin/user-new.php in WordPress before 4.9.1 sets the newbloguser key to a string that can be directly derived from the user ID, which allows remote attackers to bypass intended access restrictions by entering this string.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-330,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2017-17092 LOW

wp-includes/functions.php in WordPress before 4.9.1 does not require the unfiltered_html capability for upload of .js files, which might allow remote attackers to conduct XSS attacks via a crafted file.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 7.0
debian debian_linux 8.0
debian debian_linux 9.0
wordpress wordpress *
CVE-2017-17093 LOW

wp-includes/general-template.php in WordPress before 4.9.1 does not properly restrict the lang attribute of an HTML element, which might allow attackers to conduct XSS attacks via the language setting of a site.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 7.0
debian debian_linux 8.0
debian debian_linux 9.0
wordpress wordpress *
CVE-2017-17094 LOW

wp-includes/feed.php in WordPress before 4.9.1 does not properly restrict enclosures in RSS and Atom fields, which might allow attackers to conduct XSS attacks via a crafted URL.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 7.0
debian debian_linux 8.0
debian debian_linux 9.0
wordpress wordpress *
CVE-2017-5487 MEDIUM

wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in the REST API implementation in WordPress 4.7 before 4.7.1 does not properly restrict listings of post authors, which allows remote attackers to obtain sensitive information via a wp-json/wp/v2/users request.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2017-5488 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/update-core.php in WordPress before 4.7.1 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) version header of a plugin.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2017-5489 MEDIUM

Cross-site request forgery (CSRF) vulnerability in WordPress before 4.7.1 allows remote attackers to hijack the authentication of unspecified victims via vectors involving a Flash file upload.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2017-5490 MEDIUM

Cross-site scripting (XSS) vulnerability in the theme-name fallback functionality in wp-includes/class-wp-theme.php in WordPress before 4.7.1 allows remote attackers to inject arbitrary web script or HTML via a crafted directory name of a theme, related to wp-admin/includes/class-theme-installer-skin.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2017-5491 MEDIUM

wp-mail.php in WordPress before 4.7.1 might allow remote attackers to bypass intended posting restrictions via a spoofed mail server with the mail.example.com name.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-1188,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2017-5492 MEDIUM

Cross-site request forgery (CSRF) vulnerability in the widget-editing accessibility-mode feature in WordPress before 4.7.1 allows remote attackers to hijack the authentication of unspecified victims for requests that perform a widgets-access action, related to wp-admin/includes/class-wp-screen.php and wp-admin/widgets.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2017-5493 MEDIUM

wp-includes/ms-functions.php in the Multisite WordPress API in WordPress before 4.7.1 does not properly choose random numbers for keys, which makes it easier for remote attackers to bypass intended access restrictions via a crafted (1) site signup or (2) user signup.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-338,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2017-5610 MEDIUM

wp-admin/includes/class-wp-press-this.php in Press This in WordPress before 4.7.2 does not properly restrict visibility of a taxonomy-assignment user interface, which allows remote attackers to bypass intended access restrictions by reading terms.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
wordpress wordpress *
CVE-2017-5611 HIGH

SQL injection vulnerability in wp-includes/class-wp-query.php in WP_Query in WordPress before 4.7.2 allows remote attackers to execute arbitrary SQL commands by leveraging the presence of an affected plugin or theme that mishandles a crafted post type name.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
debian debian_linux 8.0
oracle data_integrator 11.1.1.9.0
debian debian_linux 9.0
oracle data_integrator 12.2.1.3.0
wordpress wordpress *
oracle data_integrator 12.2.1.4.0
CVE-2017-5612 MEDIUM

Cross-site scripting (XSS) vulnerability in wp-admin/includes/class-wp-posts-list-table.php in the posts list table in WordPress before 4.7.2 allows remote attackers to inject arbitrary web script or HTML via a crafted excerpt.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
wordpress wordpress *
CVE-2017-6514 MEDIUM

WordPress 4.7.2 mishandles listings of post authors, which allows remote attackers to obtain sensitive information (Path Disclosure) via a /wp-json/oembed/1.0/embed?url= request, related to the "author_name":" substring.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
wordpress wordpress 4.7.2
CVE-2017-6814 LOW

In WordPress before 4.7.3, there is authenticated Cross-Site Scripting (XSS) via Media File Metadata. This is demonstrated by both (1) mishandling of the playlist shortcode in the wp_playlist_shortcode function in wp-includes/media.php and (2) mishandling of meta information in the renderTracks function in wp-includes/js/mediaelement/wp-playlist.js.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
wordpress wordpress *
CVE-2017-6815 MEDIUM

In WordPress before 4.7.3 (wp-includes/pluggable.php), control characters can trick redirect URL validation.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
wordpress wordpress *
CVE-2017-6816 MEDIUM

In WordPress before 4.7.3 (wp-admin/plugins.php), unintended files can be deleted by administrators using the plugin deletion functionality.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-863,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
wordpress wordpress *
CVE-2017-6817 LOW

In WordPress before 4.7.3 (wp-includes/embed.php), there is authenticated Cross-Site Scripting (XSS) in YouTube URL Embeds.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
wordpress wordpress *
CVE-2017-6818 MEDIUM

In WordPress before 4.7.3 (wp-admin/js/tags-box.js), there is cross-site scripting (XSS) via taxonomy term names.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2017-6819 MEDIUM

In WordPress before 4.7.3, there is cross-site request forgery (CSRF) in Press This (wp-admin/includes/class-wp-press-this.php), leading to excessive use of server resources. The CSRF can trigger an outbound HTTP request for a large file that is then parsed by Press This.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2017-8295 MEDIUM

WordPress through 4.7.4 relies on the Host HTTP header for a password-reset e-mail message, which makes it easier for remote attackers to reset arbitrary passwords by making a crafted wp-login.php?action=lostpassword request and then arranging for this message to bounce or be resent, leading to transmission of the reset key to a mailbox on an attacker-controlled SMTP server. This is related to problematic use of the SERVER_NAME variable in wp-includes/pluggable.php in conjunction with the PHP mail function. Exploitation is not achievable in all cases because it requires at least one of the following: (1) the attacker can prevent the victim from receiving any e-mail messages for an extended period of time (such as 5 days), (2) the victim's e-mail system sends an autoresponse containing the original message, or (3) the victim manually composes a reply containing the original message.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-640,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2017-9061 MEDIUM

In WordPress before 4.7.5, a cross-site scripting (XSS) vulnerability exists when attempting to upload very large files, because the error message does not properly restrict presentation of the filename.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
wordpress wordpress *
CVE-2017-9062 MEDIUM

In WordPress before 4.7.5, there is improper handling of post meta data values in the XML-RPC API.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-352,CWE-601,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
wordpress wordpress *
CVE-2017-9063 MEDIUM

In WordPress before 4.7.5, a cross-site scripting (XSS) vulnerability related to the Customizer exists, involving an invalid customization session.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
wordpress wordpress *
CVE-2017-9064 MEDIUM

In WordPress before 4.7.5, a Cross Site Request Forgery (CSRF) vulnerability exists in the filesystem credentials dialog because a nonce is not required for updating credentials.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
wordpress wordpress *
CVE-2017-9065 MEDIUM

In WordPress before 4.7.5, there is a lack of capability checks for post meta data in the XML-RPC API.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
wordpress wordpress *
CVE-2017-9066 MEDIUM

In WordPress before 4.7.5, there is insufficient redirect validation in the HTTP class, leading to SSRF.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-918,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
wordpress wordpress *
CVE-2018-1000773 MEDIUM

WordPress version 4.9.8 and earlier contains a CWE-20 Input Validation vulnerability in thumbnail processing that can result in remote code execution due to an incomplete fix for CVE-2017-1000600. This attack appears to be exploitable via thumbnail upload by an authenticated user and may require additional plugins in order to be exploited however this has not been confirmed at this time.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2018-10100 MEDIUM

Before WordPress 4.9.5, the redirection URL for the login page was not validated or sanitized if forced to use HTTPS.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-601,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
wordpress wordpress *
CVE-2018-10101 MEDIUM

Before WordPress 4.9.5, the URL validator assumed URLs with the hostname localhost were on the same host as the WordPress server.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-601,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
wordpress wordpress *
CVE-2018-10102 MEDIUM

Before WordPress 4.9.5, the version string was not escaped in the get_the_generator function, and could lead to XSS in a generator tag.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
wordpress wordpress *
CVE-2018-12895 MEDIUM

WordPress through 4.9.6 allows Author users to execute arbitrary code by leveraging directory traversal in the wp-admin/post.php thumb parameter, which is passed to the PHP unlink function and can delete the wp-config.php file. This is related to missing filename validation in the wp-includes/post.php wp_delete_attachment function. The attacker must have capabilities for files and posts that are normally available only to the Author, Editor, and Administrator roles. The attack methodology is to delete wp-config.php and then launch a new installation process to increase the attacker's privileges.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
wordpress wordpress *
CVE-2018-14028 MEDIUM

In WordPress 4.9.7, plugins uploaded via the admin area are not verified as being ZIP files. This allows for PHP files to be uploaded. Once a PHP file is uploaded, the plugin extraction fails, but the PHP file remains in a predictable wp-content/uploads location, allowing for an attacker to then execute the file. This represents a security risk in limited scenarios where an attacker (who does have the required capabilities for plugin uploads) cannot simply place arbitrary PHP code into a valid plugin ZIP file and upload that plugin, because a machine's wp-content/plugins directory permissions were set up to block all new plugins.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-434,

Products Affected

Vendor Product Version
wordpress wordpress 4.9.7
CVE-2018-19296 MEDIUM

PHPMailer before 5.2.27 and 6.x before 6.0.6 is vulnerable to an object injection attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-502,CWE-1321,

Products Affected

Vendor Product Version
fedoraproject fedora 33
fedoraproject fedora 34
debian debian_linux 8.0
debian debian_linux 9.0
phpmailer_project phpmailer *
wordpress wordpress *
CVE-2018-20147 MEDIUM

In WordPress before 4.9.9 and 5.x before 5.0.1, authors could modify metadata to bypass intended restrictions on deleting files.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-863,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
wordpress wordpress *
CVE-2018-20148 HIGH

In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could conduct PHP object injection attacks via crafted metadata in a wp.getMediaItem XMLRPC call. This is caused by mishandling of serialized data at phar:// URLs in the wp_get_attachment_thumb_file function in wp-includes/post.php.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-502,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
wordpress wordpress *
CVE-2018-20149 LOW

In WordPress before 4.9.9 and 5.x before 5.0.1, when the Apache HTTP Server is used, authors could upload crafted files that bypass intended MIME type restrictions, leading to XSS, as demonstrated by a .jpg file without JPEG data.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
wordpress wordpress *
CVE-2018-20150 MEDIUM

In WordPress before 4.9.9 and 5.x before 5.0.1, crafted URLs could trigger XSS for certain use cases involving plugins.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
wordpress wordpress *
CVE-2018-20151 MEDIUM

In WordPress before 4.9.9 and 5.x before 5.0.1, the user-activation page could be read by a search engine's web crawler if an unusual configuration were chosen. The search engine could then index and display a user's e-mail address and (rarely) the password that was generated by default.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
wordpress wordpress *
CVE-2018-20152 MEDIUM

In WordPress before 4.9.9 and 5.x before 5.0.1, authors could bypass intended restrictions on post types via crafted input.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
wordpress wordpress *
CVE-2018-20153 LOW

In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could modify new comments made by users with greater privileges, possibly causing XSS.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
wordpress wordpress *
CVE-2018-5776 MEDIUM

WordPress before 4.9.2 has XSS in the Flash fallback files in MediaElement (under wp-includes/js/mediaelement).

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2018-6389 MEDIUM

In WordPress through 4.9.2, unauthenticated attackers can cause a denial of service (resource consumption) by using the large list of registered .js files (from wp-includes/script-loader.php) to construct a series of requests to load every file many times.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-400,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2019-16217 MEDIUM

WordPress before 5.2.3 allows XSS in media uploads because wp_ajax_upload_attachment is mishandled.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2019-16218 MEDIUM

WordPress before 5.2.3 allows XSS in stored comments.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2019-16219 MEDIUM

WordPress before 5.2.3 allows XSS in shortcode previews.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2019-16220 MEDIUM

In WordPress before 5.2.3, validation and sanitization of a URL in wp_validate_redirect in wp-includes/pluggable.php could lead to an open redirect if a provided URL path does not start with a forward slash.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-601,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2019-16221 MEDIUM

WordPress before 5.2.3 allows reflected XSS in the dashboard.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2019-16222 MEDIUM

WordPress before 5.2.3 has an issue with URL sanitization in wp_kses_bad_protocol_once in wp-includes/kses.php that can lead to cross-site scripting (XSS) attacks.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2019-16223 LOW

WordPress before 5.2.3 allows XSS in post previews by authenticated users.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2019-16780 LOW

WordPress users with lower privileges (like contributors) can inject JavaScript code in the block editor using a specific payload, which is executed within the dashboard. This can lead to XSS if an admin opens the post in the editor. Execution of this attack does require an authenticated user. This has been patched in WordPress 5.3.1, along with all the previous WordPress versions from 3.7 to 5.3 via a minor release. Automatic updates are enabled by default for minor releases and we strongly recommend that you keep them enabled.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
wordpress wordpress 3.7
CVE-2019-16781 LOW

In WordPress before 5.3.1, authenticated users with lower privileges (like contributors) can inject JavaScript code in the block editor, which is executed within the dashboard. It can lead to an admin opening the affected post in the editor leading to XSS.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2019-17669 HIGH

WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because URL validation does not consider the interpretation of a name as a series of hex characters.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-918,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2019-17670 HIGH

WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because Windows paths are mishandled during certain validation of relative URLs.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-918,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2019-17671 MEDIUM

In WordPress before 5.2.4, unauthenticated viewing of certain content is possible because the static query property is mishandled.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2019-17672 MEDIUM

WordPress before 5.2.4 is vulnerable to a stored XSS attack to inject JavaScript into STYLE elements.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2019-17673 MEDIUM

WordPress before 5.2.4 is vulnerable to poisoning of the cache of JSON GET requests because certain requests lack a Vary: Origin header.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2019-17674 LOW

WordPress before 5.2.4 is vulnerable to stored XSS (cross-site scripting) via the Customizer.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2019-17675 MEDIUM

WordPress before 5.2.4 does not properly consider type confusion during validation of the referer in the admin pages, possibly leading to CSRF.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,CWE-843,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2019-20041 HIGH

wp_kses_bad_protocol in wp-includes/kses.php in WordPress before 5.3.1 mishandles the HTML5 colon named entity, allowing attackers to bypass input sanitization, as demonstrated by the javascript&colon; substring.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2019-20042 MEDIUM

In wp-includes/formatting.php in WordPress 3.7 to 5.3.0, the function wp_targeted_link_rel() can be used in a particular way to result in a stored cross-site scripting (XSS) vulnerability. This has been patched in WordPress 5.3.1, along with all the previous WordPress versions from 3.7 to 5.3 via a minor release.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2019-20043 MEDIUM

In in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in WordPress 3.7 to 5.3.0, authenticated users who do not have the rights to publish a post are able to mark posts as sticky or unsticky via the REST API. For example, the contributor role does not have such rights, but this allowed them to bypass that. This has been patched in WordPress 5.3.1, along with all the previous WordPress versions from 3.7 to 5.3 via a minor release.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-269,

Products Affected

Vendor Product Version
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2019-8942 MEDIUM

WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an _wp_attached_file Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image containing PHP code in the Exif metadata. Exploitation can leverage CVE-2019-8943.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-434,

Products Affected

Vendor Product Version
debian debian_linux 9.0
wordpress wordpress 5.0
wordpress wordpress *
CVE-2019-8943 MEDIUM

WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An attacker (who has privileges to crop an image) can write the output image to an arbitrary directory via a filename containing two image extensions and ../ sequences, such as a filename ending with the .jpg?/../../file.jpg substring.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2019-9787 MEDIUM

WordPress before 5.1.1 does not properly filter comment content, leading to Remote Code Execution by unauthenticated users in a default configuration. This occurs because CSRF protection is mishandled, and because Search Engine Optimization of A elements is performed incorrectly, leading to XSS. The XSS results in administrative access, which allows arbitrary changes to .php files. This is related to wp-admin/includes/ajax-actions.php and wp-includes/comment.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2020-11025 LOW

In affected versions of WordPress, a cross-site scripting (XSS) vulnerability in the navigation section of Customizer allows JavaScript code to be executed. Exploitation requires an authenticated user. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7
security-advisories@github.com 5.8 MEDIUM CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:N 1.3 4.0

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2020-11026 LOW

In affected versions of WordPress, files with a specially crafted name when uploaded to the Media section can lead to script execution upon accessing the file. This requires an authenticated user with privileges to upload files. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7
security-advisories@github.com 8.7 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N 2.3 5.8

CVSS 2.0

Severity: LOW

Problem Type: CWE-707,CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress 5.4
debian debian_linux 8.0
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2020-11027 MEDIUM

In affected versions of WordPress, a password reset link emailed to a user does not expire upon changing the user password. Access would be needed to the email account of the user by a malicious party for successful execution. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security-advisories@github.com 6.1 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N 1.6 4.0
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N 2.8 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-672,CWE-640,

Products Affected

Vendor Product Version
wordpress wordpress 5.4
debian debian_linux 8.0
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2020-11028 MEDIUM

In affected versions of WordPress, some private posts, which were previously public, can result in unauthenticated disclosure under a specific set of conditions. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security-advisories@github.com 5.8 MEDIUM CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:N 1.3 4.0
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,CWE-306,

Products Affected

Vendor Product Version
debian debian_linux 8.0
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2020-11029 MEDIUM

In affected versions of WordPress, a vulnerability in the stats() method of class-wp-object-cache.php can be exploited to execute cross-site scripting (XSS) attacks. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security-advisories@github.com 5.8 MEDIUM CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:N 1.3 4.0
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress 5.4
debian debian_linux 8.0
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2020-11030 LOW

In affected versions of WordPress, a special payload can be crafted that can lead to scripts getting executed within the search block of the block editor. This requires an authenticated user with the ability to add content. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security-advisories@github.com 6.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N 3.1 2.7
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7

CVSS 2.0

Severity: LOW

Problem Type: CWE-707,CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2020-25286 MEDIUM

In wp-includes/comment-template.php in WordPress before 5.4.2, comments from a post or page could sometimes be seen in the latest comments even if the post or page was not public.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2020-28032 HIGH

WordPress before 5.5.2 mishandles deserialization requests in wp-includes/Requests/Utility/FilteredIterator.php.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-502,

Products Affected

Vendor Product Version
fedoraproject fedora 33
fedoraproject fedora 31
fedoraproject fedora 32
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2020-28033 MEDIUM

WordPress before 5.5.2 mishandles embeds from disabled sites on a multisite network, as demonstrated by allowing a spam embed.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
fedoraproject fedora 33
fedoraproject fedora 31
fedoraproject fedora 32
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2020-28034 MEDIUM

WordPress before 5.5.2 allows XSS associated with global variables.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
fedoraproject fedora 33
fedoraproject fedora 31
fedoraproject fedora 32
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2020-28035 HIGH

WordPress before 5.5.2 allows attackers to gain privileges via XML-RPC.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
fedoraproject fedora 33
fedoraproject fedora 31
fedoraproject fedora 32
debian debian_linux 10.0
wordpress wordpress *
CVE-2020-28036 HIGH

wp-includes/class-wp-xmlrpc-server.php in WordPress before 5.5.2 allows attackers to gain privileges by using XML-RPC to comment on a post.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-862,

Products Affected

Vendor Product Version
fedoraproject fedora 33
fedoraproject fedora 31
fedoraproject fedora 32
debian debian_linux 10.0
wordpress wordpress *
CVE-2020-28037 HIGH

is_blog_installed in wp-includes/functions.php in WordPress before 5.5.2 improperly determines whether WordPress is already installed, which might allow an attacker to perform a new installation, leading to remote code execution (as well as a denial of service for the old installation).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-754,

Products Affected

Vendor Product Version
fedoraproject fedora 33
fedoraproject fedora 31
fedoraproject fedora 32
debian debian_linux 10.0
wordpress wordpress *
CVE-2020-28038 MEDIUM

WordPress before 5.5.2 allows stored XSS via post slugs.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
fedoraproject fedora 33
fedoraproject fedora 31
fedoraproject fedora 32
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2020-28039 MEDIUM

is_protected_meta in wp-includes/meta.php in WordPress before 5.5.2 allows arbitrary file deletion because it does not properly determine whether a meta key is considered protected.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H 3.9 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 18.04
canonical ubuntu_linux 20.04
debian debian_linux 9.0
canonical ubuntu_linux 16.04
debian debian_linux 10.0
wordpress wordpress *
CVE-2020-28040 MEDIUM

WordPress before 5.5.2 allows CSRF attacks that change a theme's background image.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
canonical ubuntu_linux 18.04
canonical ubuntu_linux 20.04
debian debian_linux 9.0
canonical ubuntu_linux 16.04
debian debian_linux 10.0
wordpress wordpress *
CVE-2020-36326 HIGH

PHPMailer 6.1.8 through 6.4.0 allows object injection through Phar Deserialization via addAttachment with a UNC pathname. NOTE: this is similar to CVE-2018-19296, but arose because 6.1.8 fixed a functionality problem in which UNC pathnames were always considered unreadable by PHPMailer, even in safe contexts. As an unintended side effect, this fix eliminated the code that blocked addAttachment exploitation.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-502,

Products Affected

Vendor Product Version
phpmailer_project phpmailer *
wordpress wordpress *
CVE-2020-4046 LOW

In affected versions of WordPress, users with low privileges (like contributors and authors) can use the embed block in a certain way to inject unfiltered HTML in the block editor. When affected posts are viewed by a higher privileged user, this could lead to script execution in the editor/wp-admin. This has been patched in version 5.4.2, along with all the previously affected versions via a minor release (5.3.4, 5.2.7, 5.1.6, 5.0.10, 4.9.15, 4.8.14, 4.7.18, 4.6.19, 4.5.22, 4.4.23, 4.3.24, 4.2.28, 4.1.31, 4.0.31, 3.9.32, 3.8.34, 3.7.34).

CVSS 2.0

Severity: LOW

Problem Type: CWE-80,CWE-79,

Products Affected

Vendor Product Version
fedoraproject fedora 31
debian debian_linux 8.0
fedoraproject fedora 32
debian debian_linux 9.0
wordpress wordpress *
CVE-2020-4047 LOW

In affected versions of WordPress, authenticated users with upload permissions (like authors) are able to inject JavaScript into some media file attachment pages in a certain way. This can lead to script execution in the context of a higher privileged user when the file is viewed by them. This has been patched in version 5.4.2, along with all the previously affected versions via a minor release (5.3.4, 5.2.7, 5.1.6, 5.0.10, 4.9.15, 4.8.14, 4.7.18, 4.6.19, 4.5.22, 4.4.23, 4.3.24, 4.2.28, 4.1.31, 4.0.31, 3.9.32, 3.8.34, 3.7.34).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.8 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N 2.3 4.0
security-advisories@github.com 6.8 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N 2.3 4.0

CVSS 2.0

Severity: LOW

Problem Type: CWE-80,

Products Affected

Vendor Product Version
fedoraproject fedora 33
debian debian_linux 8.0
fedoraproject fedora 32
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2020-4048 MEDIUM

In affected versions of WordPress, due to an issue in wp_validate_redirect() and URL sanitization, an arbitrary external link can be crafted leading to unintended/open redirect when clicked. This has been patched in version 5.4.2, along with all the previously affected versions via a minor release (5.3.4, 5.2.7, 5.1.6, 5.0.10, 4.9.15, 4.8.14, 4.7.18, 4.6.19, 4.5.22, 4.4.23, 4.3.24, 4.2.28, 4.1.31, 4.0.31, 3.9.32, 3.8.34, 3.7.34).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security-advisories@github.com 5.7 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N 2.1 3.6
nvd@nist.gov 5.7 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N 2.1 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-601,

Products Affected

Vendor Product Version
fedoraproject fedora 33
debian debian_linux 8.0
fedoraproject fedora 32
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2020-4049 LOW

In affected versions of WordPress, when uploading themes, the name of the theme folder can be crafted in a way that could lead to JavaScript execution in /wp-admin on the themes page. This does require an admin to upload the theme, and is low severity self-XSS. This has been patched in version 5.4.2, along with all the previously affected versions via a minor release (5.3.4, 5.2.7, 5.1.6, 5.0.10, 4.9.15, 4.8.14, 4.7.18, 4.6.19, 4.5.22, 4.4.23, 4.3.24, 4.2.28, 4.1.31, 4.0.31, 3.9.32, 3.8.34, 3.7.34).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security-advisories@github.com 2.4 LOW CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N 0.9 1.4
nvd@nist.gov 2.4 LOW CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N 0.9 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-80,CWE-79,

Products Affected

Vendor Product Version
fedoraproject fedora 31
debian debian_linux 8.0
fedoraproject fedora 32
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2020-4050 MEDIUM

In affected versions of WordPress, misuse of the `set-screen-option` filter's return value allows arbitrary user meta fields to be saved. It does require an admin to install a plugin that would misuse the filter. Once installed, it can be leveraged by low privileged users. This has been patched in version 5.4.2, along with all the previously affected versions via a minor release (5.3.4, 5.2.7, 5.1.6, 5.0.10, 4.9.15, 4.8.14, 4.7.18, 4.6.19, 4.5.22, 4.4.23, 4.3.24, 4.2.28, 4.1.31, 4.0.31, 3.9.32, 3.8.34, 3.7.34).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.1 LOW CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N 1.6 1.4
security-advisories@github.com 3.5 LOW CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N 1.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-288,

Products Affected

Vendor Product Version
fedoraproject fedora 31
debian debian_linux 8.0
fedoraproject fedora 32
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2021-29447 MEDIUM

Wordpress is an open source CMS. A user with the ability to upload files (like an Author) can exploit an XML parsing issue in the Media Library leading to XXE attacks. This requires WordPress installation to be using PHP 8. Access to internal files is possible in a successful XXE attack. This has been patched in WordPress version 5.7.1, along with the older affected versions via a minor release. We strongly recommend you keep auto-updates enabled.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security-advisories@github.com 7.1 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N 2.8 4.2
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-611,CWE-611,

Products Affected

Vendor Product Version
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2021-29450 MEDIUM

Wordpress is an open source CMS. One of the blocks in the WordPress editor can be exploited in a way that exposes password-protected posts and pages. This requires at least contributor privileges. This has been patched in WordPress 5.7.1, along with the older affected versions via minor releases. It's strongly recommended that you keep auto-updates enabled to receive the fix.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security-advisories@github.com 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.8 3.6
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2021-29476 HIGH

Requests is a HTTP library written in PHP. Requests mishandles deserialization in FilteredIterator. The issue has been patched and users of `Requests` 1.6.0, 1.6.1 and 1.7.0 should update to version 1.8.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security-advisories@github.com 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-502,

Products Affected

Vendor Product Version
wordpress requests 1.6.1
wordpress requests 1.6.0
wordpress requests 1.7.0
CVE-2021-39200 MEDIUM

WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions output data of the function wp_die() can be leaked under certain conditions, which can include data like nonces. It can then be used to perform actions on your behalf. This has been patched in WordPress 5.8.1, along with any older affected versions via minor releases. It's strongly recommended that you keep auto-updates enabled to receive the fix.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security-advisories@github.com 5.3 MEDIUM CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N 1.6 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
debian debian_linux 11.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2021-39201 LOW

WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. ### Impact The issue allows an authenticated but low-privileged user (like contributor/author) to execute XSS in the editor. This bypasses the restrictions imposed on users who do not have the permission to post `unfiltered_html`. ### Patches This has been patched in WordPress 5.8, and will be pushed to older versions via minor releases (automatic updates). It's strongly recommended that you keep auto-updates enabled to receive the fix. ### References https://wordpress.org/news/category/releases/ https://hackerone.com/reports/1142140 ### For more information If you have any questions or comments about this advisory: * Open an issue in [HackerOne](https://hackerone.com/wordpress)

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7
security-advisories@github.com 7.6 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N 2.3 4.7

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 11.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2021-39202 LOW

WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions the widgets editor introduced in WordPress 5.8 beta 1 has improper handling of HTML input in the Custom HTML feature. This leads to stored XSS in the custom HTML widget. This has been patched in WordPress 5.8. It was only present during the testing/beta phase of WordPress 5.8.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security-advisories@github.com 7.6 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N 2.3 4.7
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wordpress wordpress 5.8
CVE-2021-39203 MEDIUM

WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions authenticated users who don't have permission to view private post types/data can bypass restrictions in the block editor under certain conditions. This affected WordPress 5.8 beta during the testing period. It's fixed in the final 5.8 release.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.8 3.6
security-advisories@github.com 6.8 MEDIUM CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N 1.6 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
wordpress wordpress 5.8
CVE-2021-44223 HIGH

WordPress before 5.8 lacks support for the Update URI plugin header. This makes it easier for remote attackers to execute arbitrary code via a supply-chain attack against WordPress installations that use any plugin for which the slug satisfies the naming constraints of the WordPress.org Plugin Directory but is not yet present in that directory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
cve@mitre.org 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2022-21661 MEDIUM

WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to improper sanitization in WP_Query, there can be cases where SQL injection is possible through plugins or themes that use it in a certain way. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 3.7.37. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security-advisories@github.com 8.0 HIGH CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H 1.3 6.0
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-89,CWE-89,

Products Affected

Vendor Product Version
fedoraproject fedora 34
fedoraproject fedora 35
debian debian_linux 11.0
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2022-21662 LOW

WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Low-privileged authenticated users (like author) in WordPress core are able to execute JavaScript/perform stored XSS attack, which can affect high-privileged users. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 3.7.37. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this issue.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security-advisories@github.com 8.0 HIGH CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H 1.3 6.0
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 11.0
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2022-21663 MEDIUM

WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. On a multisite, users with Super Admin role can bypass explicit/additional hardening under certain conditions through object injection. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 3.7.37. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this issue.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-74,CWE-502,

Products Affected

Vendor Product Version
fedoraproject fedora 34
fedoraproject fedora 35
debian debian_linux 11.0
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2022-21664 MEDIUM

WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to lack of proper sanitization in one of the classes, there's potential for unintended SQL queries to be executed. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 4.1.34. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this issue.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security-advisories@github.com 7.4 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L 3.1 3.7
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-89,CWE-89,

Products Affected

Vendor Product Version
fedoraproject fedora 34
fedoraproject fedora 35
debian debian_linux 11.0
debian debian_linux 9.0
debian debian_linux 10.0
wordpress wordpress *
CVE-2022-3590

WordPress is affected by an unauthenticated blind SSRF in the pingback feature. Because of a TOCTOU race condition between the validation checks and the HTTP request, attackers can reach internal hosts that are explicitly forbidden.

Products Affected

Vendor Product Version
wordpress wordpress *
wordpress wordpress 4.1
CVE-2022-43497

Cross-site scripting vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to inject an arbitrary script. The developer also provides new patched releases for all versions since 3.7.

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2022-43500

Cross-site scripting vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to inject an arbitrary script. The developer also provides new patched releases for all versions since 3.7.

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2022-43504

Improper authentication vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to obtain the email address of the user who posted a blog using the WordPress Post by Email Feature. The developer also provides new patched releases for all versions since 3.7.

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2022-47161

Cross-Site Request Forgery (CSRF) vulnerability in The WordPress.Org community Health Check & Troubleshooting plugin <= 1.5.1 versions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
audit@patchstack.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

Products Affected

Vendor Product Version
wordpress health_check_&_troubleshooting *
CVE-2022-47174

Cross-Site Request Forgery (CSRF) vulnerability in WordPress Performance Team Performance Lab plugin <= 2.2.0 versions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
audit@patchstack.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

Products Affected

Vendor Product Version
wordpress performance_lab *
CVE-2022-4973

WordPress Core, in versions up to 6.0.2, is vulnerable to Authenticated Stored Cross-Site Scripting that can be exploited by users with access to the WordPress post and page editor, typically consisting of Authors, Contributors, and Editors making it possible to inject arbitrary web scripts into posts and pages that execute if the the_meta(); function is called on that page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@wordfence.com 4.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N 1.8 2.7

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2023-22622

WordPress through 6.1.1 depends on unpredictable client visits to cause wp-cron.php execution and the resulting security updates, and the source code describes "the scenario where a site may not receive enough visits to execute scheduled tasks in a timely manner," but neither the installation guide nor the security guide mentions this default behavior, or alerts the user about security risks on installations with very few visits.

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2023-2745

WordPress Core is vulnerable to Directory Traversal in versions up to, and including, 6.2, via the ‘wp_lang’ parameter. This allows unauthenticated attackers to access and load arbitrary translation files. In cases where an attacker is able to upload a crafted translation file onto the site, such as via an upload form, this could be also used to perform a Cross-Site Scripting attack.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@wordfence.com 5.4 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N 2.2 2.7

Products Affected

Vendor Product Version
wordpress wordpress *
wordpress wordpress 6.2
CVE-2023-38000

Auth. Stored (contributor+) Cross-Site Scripting (XSS) vulnerability in WordPress core 6.3 through 6.3.1, from 6.2 through 6.2.2, from 6.1 through 6.1.3, from 6.0 through 6.0.5, from 5.9 through 5.9.7 and Gutenberg plugin <= 16.8.0 versions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
audit@patchstack.com 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L 2.3 3.7
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7

Products Affected

Vendor Product Version
wordpress gutenberg *
wordpress wordpress *
CVE-2023-39999

Exposure of Sensitive Information to an Unauthorized Actor in WordPress from 6.3 through 6.3.1, from 6.2 through 6.2.2, from 6.1 through 6.13, from 6.0 through 6.0.5, from 5.9 through 5.9.7, from 5.8 through 5.8.7, from 5.7 through 5.7.9, from 5.6 through 5.6.11, from 5.5 through 5.5.12, from 5.4 through 5.4.13, from 5.3 through 5.3.15, from 5.2 through 5.2.18, from 5.1 through 5.1.16, from 5.0 through 5.0.19, from 4.9 through 4.9.23, from 4.8 through 4.8.22, from 4.7 through 4.7.26, from 4.6 through 4.6.26, from 4.5 through 4.5.29, from 4.4 through 4.4.30, from 4.3 through 4.3.31, from 4.2 through 4.2.35, from 4.1 through 4.1.38.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 2.8 1.4
audit@patchstack.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 2.8 1.4

Products Affected

Vendor Product Version
fedoraproject fedora 37
fedoraproject fedora 38
wordpress wordpress *
CVE-2023-5561

WordPress does not properly restrict which user fields are searchable via the REST API, allowing unauthenticated attackers to discern the email addresses of users who have published public posts on an affected website via an Oracle style attack

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2024-31210

WordPress is an open publishing platform for the Web. It's possible for a file of a type other than a zip file to be submitted as a new plugin by an administrative user on the Plugins -> Add New -> Upload Plugin screen in WordPress. If FTP credentials are requested for installation (in order to move the file into place outside of the `uploads` directory) then the uploaded file remains temporary available in the Media Library despite it not being allowed. If the `DISALLOW_FILE_EDIT` constant is set to `true` on the site _and_ FTP credentials are required when uploading a new theme or plugin, then this technically allows an RCE when the user would otherwise have no means of executing arbitrary PHP code. This issue _only_ affects Administrator level users on single site installations, and Super Admin level users on Multisite installations where it's otherwise expected that the user does not have permission to upload or execute arbitrary PHP code. Lower level users are not affected. Sites where the `DISALLOW_FILE_MODS` constant is set to `true` are not affected. Sites where an administrative user either does not need to enter FTP credentials or they have access to the valid FTP credentials, are not affected. The issue was fixed in WordPress 6.4.3 on January 30, 2024 and backported to versions 6.3.3, 6.2.4, 6.1.5, 6.0.7, 5.9.9, 5.8.9, 5.7.11, 5.6.13, 5.5.14, 5.4.15, 5.3.17, 5.2.20, 5.1.18, 5.0.21, 4.9.25, 2.8.24, 4.7.28, 4.6.28, 4.5.31, 4.4.32, 4.3.33, 4.2.37, and 4.1.40. A workaround is available. If the `DISALLOW_FILE_MODS` constant is defined as `true` then it will not be possible for any user to upload a plugin and therefore this issue will not be exploitable.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security-advisories@github.com 7.6 HIGH CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H 1.0 6.0

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2024-31211

WordPress is an open publishing platform for the Web. Unserialization of instances of the `WP_HTML_Token` class allows for code execution via its `__destruct()` magic method. This issue was fixed in WordPress 6.4.2 on December 6th, 2023. Versions prior to 6.4.0 are not affected.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security-advisories@github.com 5.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N 2.3 2.7

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2024-4439

WordPress Core is vulnerable to Stored Cross-Site Scripting via user display names in the Avatar block in various versions up to 6.5.2 due to insufficient output escaping on the display name. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. In addition, it also makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that have the comment block present and display the comment author's avatar.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@wordfence.com 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N 3.9 2.7

Products Affected

Vendor Product Version
wordpress wordpress *
CVE-2024-8914

The Thanh Toán Quét Mã QR Code Tự Động – MoMo, ViettelPay, VNPay và 40 ngân hàng Việt Nam plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.0.1 due to incorrect use of the wp_kses_allowed_html function, which allows the 'onclick' attribute for certain HTML elements without sufficient restriction or context validation. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@wordfence.com 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N 3.9 2.7

Products Affected

Vendor Product Version
wordpress thanh_toan_quet_ma_qr_code_tu_dong *