Exposición de WordPress

Blogs, CMS

2045

score de exposición

2.932.393

sitios usan

0

en explotación

174

críticos

CVEs

2381 resultados

CVE-2021-20781—Cross-site request forgery (CSRF) vulnerability in WordPress Meta Data Filter & Taxonomies Filter versions prior to v.1.2.8 and versions priEPSS 0.8%CVE-2024-0212HIGHCloudflare WordPress plugin enables information disclosure of Cloudflare API (for low privileged users)EPSS 0.8%CVE-2022-45370MEDIUMWordPress WordPress Comments Import & Export Plugin <= 2.3.1 is vulnerable to CSV InjectionEPSS 0.8%CVE-2022-43468HIGHExternal initialization of trusted variables or data stores vulnerability exists in WordPress Popular Posts 6.0.5 and earlier, therefore theEPSS 0.8%CVE-2023-3211CRITICALWordPress Database Administrator <= 1.0.3 - Unauthenticated SQL Injection EPSS 0.8%CVE-2024-2409CRITICALMasterStudy LMS <= 3.3.1 - Unauthenticated Privilege Escalation via stm_lms_register AJAX ActionEPSS 0.8%CVE-2024-11010HIGHFileOrganizer <= 1.1.4 - Authenticated (Administrator+) Local JavaScript File InclusionEPSS 0.8%CVE-2024-10801CRITICALWordPress User Extra Fields <= 16.5 - Unauthenticated Arbitrary File UploadEPSS 0.8%CVE-2024-2344HIGHAvada <= 7.11.6 - Authenticated (Admin+) SQL Injection via entryEPSS 0.8%CVE-2021-24373—WP Hardening < 1.2.2 - Reflected XSS via historyvalueEPSS 0.8%CVE-2021-24372—WP Hardening < 1.2.2 - Reflected XSS via URIEPSS 0.8%CVE-2021-24368—Quiz And Survey Master < 7.1.18 - Reflected Cross-Site Scripting (XSS)EPSS 0.8%CVE-2021-24290—Store Locator Plus <= 5.5.15 - Unauthenticated Stored Cross-Site Scripting (XSS)EPSS 0.8%CVE-2021-26256MEDIUMWordPress Survey Maker plugin <= 2.0.6 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerabilityEPSS 0.8%CVE-2022-44584CRITICALWordPress WatchTowerHQ plugin <= 3.6.15 - Unauth. Arbitrary File Deletion vulnerabilityEPSS 0.8%CVE-2021-36898HIGHWordPress Quiz And Survey Master plugin <= 7.3.4 - Auth. SQL Injection (SQLi) vulnerabilityEPSS 0.8%CVE-2023-5931—rtMedia for WordPress, BuddyPress and bbPress < 4.6.16 - Subscriber+ RCEEPSS 0.8%CVE-2024-13091CRITICALWPBot Pro Wordpress Chatbot <= 13.5.4 - Unauthenticated Arbitrary File UploadEPSS 0.8%CVE-2022-1527—WP 2FA < 2.2.1 - Reflected Cross-Site ScriptingEPSS 0.8%CVE-2024-6589HIGHLearnPress <= 4.2.6.8.2 - Authenticated (Contributor+) Local File InclusionEPSS 0.8%

← anteriorpágina 20 / 120siguiente →

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →