Exposición de WordPress
Blogs, CMS2045
score de exposición
2.932.393
sitios usan
0
en explotación
174
críticos
CVEs
2381 resultadosCVE-2023-2449CRITICALUserPro <= 5.1.1 - Insecure Password Reset MechanismEPSS 0.9%CVE-2024-12571CRITICALStore Locator <= 3.98.10 - Unauthenticated Local File InclusionEPSS 0.9%CVE-2022-35235MEDIUMWordPress WPide plugin <= 2.6 - Authenticated Arbitrary File Read vulnerabilityEPSS 0.9%CVE-2021-39340MEDIUMNotification – Custom Notifications and Alerts for WordPress <= 7.2.4 Authenticated Stored Cross-Site ScriptingEPSS 0.9%CVE-2024-11270HIGHWordPress Webinar Plugin – WebinarPress <= 1.33.24 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File CreationEPSS 0.9%CVE-2022-29429HIGHWordPress Code Snippets Extended plugin <= 1.4.7 - Cross-Site Request Forgery (CSRF) leading to Remote Code Execution (RCE) vulnerabilityEPSS 0.9%CVE-2022-42698CRITICALWordPress Api2Cart Bridge Connector plugin <= 1.1.0 - Arbitrary File Upload vulnerabilityEPSS 0.9%CVE-2024-0825HIGHVimeography: Vimeo Video Gallery WordPress Plugin <= 2.3.2 - Authenticated (Contributor+) PHP Object InjectionEPSS 0.9%CVE-2022-4320MEDIUMWordPress Events Calendar Plugin < 1.4.5 - Multiple Reflected XSSEPSS 0.9%CVE-2022-25810—Transposh WordPress Translation <= 1.0.8 - Subscriber+ Unauthorised CallsEPSS 0.9%CVE-2021-24164—Ninja Forms < 3.4.34.1 - Authenticated OAuth Connection Key DisclosureEPSS 0.9%CVE-2023-28665MEDIUMThe Woo Bulk Price Update WordPress plugin, in versions < 2.2.2, is affected by a reflected cross-site scripting vulnerability in the 'page'EPSS 0.9%CVE-2022-1585—Project Source Code Download <= 1.0.0 - Unauthenticated Backup DownloadEPSS 0.9%CVE-2023-2500HIGHGo Pricing - WordPress Responsive Pricing Tables <= 3.3.19 - Authenticated (Subscriber+) PHP Object InjectionEPSS 0.9%CVE-2022-38104HIGHWordPress Accordions plugin <= 2.0.3 - Auth. WordPress Options Change vulnerabilityEPSS 0.9%CVE-2024-13333HIGHAdvanced File Manager 5.2.12 - 5.2.13 - Authenticated (Subscriber+) Arbitrary File UploadEPSS 0.9%CVE-2023-28659HIGHThe Waiting: One-click Countdowns WordPress Plugin, version <= 0.6.2, is affected by an authenticated SQL injection vulnerability in the pbcEPSS 0.9%CVE-2023-28661—The WP Popup Banners WordPress Plugin, version <= 1.2.5, is affected by an authenticated SQL injection vulnerability in the 'value' parameteEPSS 0.9%CVE-2023-26325—The 'rx_export_review' action in the ReviewX WordPress Plugin, is affected by an authenticated SQL injection vulnerability in the 'filterValEPSS 0.9%CVE-2023-28660—The Events Made Easy WordPress Plugin, version <= 2.3.14 is affected by an authenticated SQL injection vulnerability in the 'search_name' paEPSS 0.9%
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →