Exposición de WordPress
Blogs, CMS2045
score de exposición
2.932.393
sitios usan
0
en explotación
174
críticos
CVEs
2381 resultadosCVE-2023-39999MEDIUMWordPress < 6.3.2 is vulnerable to Broken Access ControlEPSS 1.0%CVE-2022-4383CRITICALCBX Petition for WordPress <= 1.0.3 - Unauthenticated SQLiEPSS 1.0%CVE-2023-5414CRITICALIcegram Express <= 5.6.23 - Authenticated (Administrator+) Directory Traversal to Arbitrary File ReadEPSS 1.0%CVE-2024-9660HIGHSchool Management <= 91.5.0 - Authenticated (Student+) Arbitrary File UploadEPSS 1.0%CVE-2022-34149CRITICALWordPress WP OAuth Server plugin <= 3.0.4 - Authentication Bypass vulnerabilityEPSS 1.0%CVE-2024-4397HIGHLearnPress – WordPress LMS Plugin <= 4.2.6.5 - Authenticated (Instructor+) Arbitrary File UploadEPSS 1.0%CVE-2022-29423LOWWordPress Countdown & Clock plugin <= 2.3.2 - Pro Features Lock Bypass vulnerabilityEPSS 1.0%CVE-2021-4357CRITICALuListing <= 1.6.6 - Unauthenticated Arbitrary Post/Page DeletionEPSS 1.0%CVE-2016-0796—WordPress Plugin mb.miniAudioPlayer-an HTML5 audio player for your mp3 files is prone to multiple vulnerabilities, including open proxy and EPSS 1.0%CVE-2024-9461HIGHTotal Upkeep <= 1.16.6 - Authenticated (Administrator+) Remote Code Execution via Backup SettingsEPSS 1.0%CVE-2024-5483MEDIUMLearnPress – WordPress LMS Plugin <= 4.2.6.8 - Basic Information Disclosure via JSON APIEPSS 1.0%CVE-2022-45820CRITICALWordPress LearnPress Plugin <= 4.1.7.3.2 is vulnerable to SQL InjectionEPSS 1.0%CVE-2025-1282HIGHCar Dealer Automotive WordPress Theme – Responsive <= 1.6.3 - Authenticated (Subscriber+) Arbitrary File Deletion and ReadEPSS 1.0%CVE-2022-29445MEDIUMWordPress Popup Box plugin <= 2.1.2 - Authenticated Local File Inclusion (LFI) vulnerabilityEPSS 1.0%CVE-2022-40700HIGHServer Side Request Forgery (SSRF) vulnerability affecting multiple WordPress pluginsEPSS 1.0%CVE-2015-10139HIGHWPLMS Learning Management System for WordPress, WordPress LMS <= 1.8.4.1 - Privilege EscalationEPSS 1.0%CVE-2022-3243HIGHImport all XML, CSV & TXT into WordPress < 6.5.8 - Admin+ SQLiEPSS 1.0%CVE-2025-2007HIGHImport Export Suite for CSV and XML Datafeed <= 7.19 - Authenticated (Subscriber+) Arbitrary File DeletionEPSS 1.0%CVE-2025-6691HIGHSureForms – Drag and Drop Form Builder for WordPress <= 1.7.3 - Unauthenticated Arbitrary File Deletion Triggered via Administrator Submission DeletionEPSS 1.0%CVE-2023-5505MEDIUMBackWPup <= 4.0.1 - Authenticated (Administrator+) Directory TraversalEPSS 1.0%
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →