Exposición de WordPress
Blogs, CMS2045
score de exposición
2.932.393
sitios usan
0
en explotación
174
críticos
CVEs
2381 resultadosCVE-2025-1093CRITICALAIHub <= 1.3.7 - Unauthenticated Arbitrary File Upload in generate_imageEPSS 0.9%CVE-2022-33142HIGHWordPress Better Messages plugin <= 1.9.10.57 - Denial Of Service (DoS) vulnerabilityEPSS 0.9%CVE-2021-20779—Cross-site request forgery (CSRF) vulnerability in WordPress Email Template Designer - WP HTML Mail versions prior to 3.0.8 allows remote atEPSS 0.9%CVE-2022-40200CRITICALWordPress wpForo Forum plugin <= 2.0.9 - Auth. Arbitrary File Upload vulnerabilityEPSS 0.9%CVE-2026-4365CRITICALLearnPress <= 4.3.2.8 - Missing Authorization to Unauthenticated Arbitrary Quiz Answer DeletionEPSS 0.9%CVE-2021-38340MEDIUMWordpress Simple Shop <= 1.2 Reflected Cross-Site ScriptingEPSS 0.9%CVE-2021-20780—Cross-site request forgery (CSRF) vulnerability in WPCS - WordPress Currency Switcher 1.1.6 and earlier allows remote attackers to hijack thEPSS 0.9%CVE-2013-4144—There is an object injection vulnerability in swfupload plugin for wordpress.EPSS 0.9%CVE-2022-34839MEDIUMWordPress WP OAuth2 Server plugin <= 1.0.1 - Authentication Bypass vulnerabilityEPSS 0.9%CVE-2022-0161—ARI Fancy Lightbox < 1.3.9 - Reflected Cross-Site ScriptingEPSS 0.9%CVE-2022-29410HIGHWordPress Hermit 音乐播放器 plugin <= 3.1.6 - Authenticated SQL Injection (SQLi) vulnerabilityEPSS 0.9%CVE-2023-35039CRITICALWordPress Password Reset with Code for WordPress REST API Plugin <= 0.0.15 is vulnerable to Broken AuthenticationEPSS 0.9%CVE-2024-8704HIGHAdvanced File Manager <= 5.2.8 - Authenticated (Administrator+) Local JavaScript File Inclusion via fma_localeEPSS 0.9%CVE-2022-40217MEDIUMWordPress WPide plugin <= 2.6 - Authenticated Arbitrary File Edit/Upload vulnerabilityEPSS 0.9%CVE-2022-23912—AP Custom Testimonial < 1.4.8 - Reflected Cross-Site ScriptingEPSS 0.9%CVE-2022-0628—AP Mega Menu < 3.0.8 - Reflected Cross-Site ScriptingEPSS 0.9%CVE-2022-34868HIGHWordPress ЮKassa для WooCommerce plugin <= 2.3.0 - Authenticated Arbitrary Settings Update vulnerabilityEPSS 0.9%CVE-2023-1425HIGHGroundhogg Contacts < 2.7.9.4 - Admin+ SQLiEPSS 0.9%CVE-2023-2446MEDIUMUserPro <= 5.1.1 - Sensitive Information Disclosure via ShortcodeEPSS 0.8%CVE-2024-6569MEDIUMCampaign Monitor for WordPress <= 2.8.15 - Unauthenticated Full Path DisclosureEPSS 0.8%
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →