Exposición de WordPress
Blogs, CMS2045
score de exposición
2.932.393
sitios usan
0
en explotación
174
críticos
CVEs
2381 resultadosCVE-2022-29419MEDIUMWordPress 3xSocializer plugin <= 0.98.22 - Authenticated SQL Injection (SQLi) vulnerabilityEPSS 0.8%CVE-2026-8839MEDIUMMapPress Maps for WordPress <= 2.96.6 - Unauthenticated Insecure Direct Object Reference via REST API EndpointsEPSS 0.8%CVE-2023-3155HIGHNextGEN Gallery < 3.39 - Admin+ Arbitrary File Read and DeleteEPSS 0.8%CVE-2024-10804HIGHUltimate Video Player <= 10.0 - Unauthenticated Arbitrary File DownloadEPSS 0.8%CVE-2022-38467MEDIUMWordPress CRM Perks Forms Plugin <= 1.1.0 is vulnerable to Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.8%CVE-2022-27845MEDIUMWordPress Plausible Analytics plugin <= 1.2.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerabilityEPSS 0.8%CVE-2022-27858HIGHWordPress Activity Log plugin <= 2.8.3 - CSV Injection vulnerabilityEPSS 0.8%CVE-2022-23980MEDIUMWordPress Yasr – Yet Another Stars Rating plugin <= 2.9.9 - Cross-Site Scripting (XSS) vulnerabilityEPSS 0.8%CVE-2024-2106MEDIUMMasterStudy LMS WordPress Plugin – for Online Courses and Education <= 3.2.10 - Basic Information Exposure via REST routeEPSS 0.8%CVE-2023-46823HIGHWordPress ImageLinks Interactive Image Builder Plugin <= 1.5.4 is vulnerable to SQL InjectionEPSS 0.8%CVE-2021-25089—UpdraftPlus < 1.16.69 - Reflected Cross-Site ScriptingEPSS 0.8%CVE-2021-4383HIGHWP Quick FrontEnd Editor <= 5.5 - Authenticated (Subscriber+) Content InjectionEPSS 0.8%CVE-2022-42459HIGHWordPress Image Hover Effects Ultimate plugin <= 9.7.1 - Auth. WordPress Options Change vulnerabilityEPSS 0.8%CVE-2021-24783—Post Expirator < 2.6.0 - Contributor+ Arbitrary Post Schedule DeletionEPSS 0.8%CVE-2022-25607MEDIUMWordPress FV Flowplayer Video Player plugin <= 7.5.15.727 - SQL Injection (SQLi) vulnerabilityEPSS 0.8%CVE-2021-39202HIGHWordPress 5.8 beta: Stored Cross-Site Scripting (XSS) vulnerability in widgetEPSS 0.8%CVE-2023-2496HIGHGo Pricing - WordPress Responsive Pricing Tables <= 3.3.19 - Improper Authorization to Arbitrary File UploadEPSS 0.8%CVE-2021-38359MEDIUMWordPress InviteBox Plugin <= 1.4.1 Reflected Cross-Site ScriptingEPSS 0.8%CVE-2024-10800HIGHWordPress User Extra Fields <= 16.6 - Missing Authorization to Authenticated (Subscriber+) Privilege EscalationEPSS 0.8%CVE-2023-38000MEDIUMAuth. Stored Cross-Site Scripting (XSS) vulnerability in WordPress core and Gutenberg plugin via Navigation Links BlockEPSS 0.8%
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →