Exposición de WordPress

Blogs, CMS

2045

score de exposición

2.932.393

sitios usan

0

en explotación

174

críticos

CVEs

2381 resultados

CVE-2022-34154HIGHWordPress Enable SVG, WebP & ICO Upload plugin <= 1.0.1 - Authenticated Arbitrary File Upload vulnerabilityEPSS 1.0%CVE-2022-29446MEDIUMWordPress Counter Box plugin <= 1.1.1 - Authenticated Local File Inclusion (LFI) vulnerabilityEPSS 1.0%CVE-2022-29447MEDIUMWordPress Hover Effects plugin <= 2.1 - Authenticated Local File Inclusion (LFI) vulnerabilityEPSS 1.0%CVE-2022-29448MEDIUMWordPress Herd Effects plugin <= 5.2 - Local File Inclusion (LFI) vulnerabilityEPSS 1.0%CVE-2022-25601MEDIUMWordPress Contact Form X plugin <= 2.4 - Reflected Cross-Site Scripting (XSS) vulnerabilityEPSS 1.0%CVE-2022-1202—WP-CRM <= 1.2.1 - CSV InjectionEPSS 1.0%CVE-2024-7384HIGHAcyMailing <= 9.7.2 - Authenticated (Subscriber+) Arbitrary File Upload via acym_extractArchive FunctionEPSS 1.0%CVE-2022-43497MEDIUMCross-site scripting vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to inject an arbitrary scriEPSS 1.0%CVE-2024-8104HIGHThe Ultimate WordPress Toolkit – WP Extended <= 3.0.8 - Directory Traversal to Authenticated (Subscriber+) Arbitrary File DownloadEPSS 1.0%CVE-2022-33969HIGHWordPress Flipbox plugin <= 2.6.0 - Authenticated WordPress Options Change vulnerabilityEPSS 1.0%CVE-2022-36375HIGHWordPress Tabs plugin <= 3.6.0 - Authenticated WordPress Options Change vulnerabilityEPSS 1.0%CVE-2024-1799HIGHGamiPress – The #1 gamification plugin to reward points, achievements, badges & ranks in WordPress <= 6.8.6 - Authenticated (Contributor+) SQL Injection via ShortcodeEPSS 1.0%CVE-2021-4339HIGHuListing <= 1.6.6 - Unauthenticated Information DisclosureEPSS 0.9%CVE-2022-36285HIGHWordPress Uploading SVG, WEBP and ICO files plugin <= 1.0.1 - Authenticated Arbitrary File Upload vulnerabilityEPSS 0.9%CVE-2024-31210HIGHPHP file upload bypass via Plugin installerEPSS 0.9%CVE-2023-2221HIGHWP Custom Cursors < 3.2 - Admin+ SQLiEPSS 0.9%CVE-2024-4347HIGHWP Fastest Cache <= 1.2.6 - Authenticated (Administrator+) Arbitrary File DeletionEPSS 0.9%CVE-2026-1499HIGHWP Duplicate <= 1.1.8 - Authenticated (Subscriber+) Arbitrary File Upload via 'process_add_site' AJAX ActionEPSS 0.9%CVE-2021-43409CRITICALWPO365 | LOGIN - Wordpress Plugin Persistent Cross-Site ScriptingEPSS 0.9%CVE-2024-0757MEDIUMInsert or Embed Articulate Content into WordPress <= 4.3000000023 - Author+ Upload to RCEEPSS 0.9%

← anteriorpágina 16 / 120siguiente →

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →