Exposición de WordPress

Blogs, CMS

2045

score de exposición

2.932.393

sitios usan

0

en explotación

174

críticos

CVEs

2381 resultados

CVE-2024-13777HIGHZoomSounds - WordPress Wave Audio Player with Playlist <= 6.91 - Unauthenticated PHP Object InjectionEPSS 0.6%CVE-2024-4469HIGHMigration Backup Restore < 3.5.0 - Admin+ SSRFEPSS 0.6%CVE-2024-0386HIGHweForms <= 1.6.21 - Unauthenticated Stored Cross-Site Scripting via RefererEPSS 0.6%CVE-2022-41655MEDIUMWordPress Phone Orders for WooCommerce plugin <= 3.7.1 - Auth. Sensitive Data Exposure vulnerabilityEPSS 0.6%CVE-2021-25106—WPLegalPages < 2.7.1 - Subscriber+ Arbitrary Settings Update to Stored XSSEPSS 0.6%CVE-2021-25057—Translation Exchange <= 1.0.14 - Authenticated Stored Cross-Site Scripting (XSS)EPSS 0.6%CVE-2023-35911HIGHWordPress Contact Form Generator Plugin <= 2.6.0 is vulnerable to SQL InjectionEPSS 0.6%CVE-2023-5703MEDIUMGift Up Gift Cards for WordPress and WooCommerce <= 2.20.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via ShortcodeEPSS 0.6%CVE-2023-49752CRITICALWordPress Adifier System Plugin < 3.1.4 is vulnerable to SQL InjectionEPSS 0.6%CVE-2021-25105—Ivory Search < 5.4.1 - Multiple Admin+ Stored Cross-Site ScriptingEPSS 0.6%CVE-2022-23987—WS Form < 1.8.176 - Admin+ Stored Cross-Site ScriptingEPSS 0.6%CVE-2021-24911—Transposh WordPress Translation < 1.0.8 - Stored Cross-Site ScriptingEPSS 0.6%CVE-2025-7846HIGHWordPress User Extra Fields <= 16.7 - Authenticated (Subscriber+) Arbitrary File Deletion via save_fields FunctionEPSS 0.6%CVE-2023-24410MEDIUMWordPress FluentForm Plugin <= 4.3.25 is vulnerable to SQL InjectionEPSS 0.6%CVE-2022-29406MEDIUMWordPress Team Manager plugin <= 1.6.9 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilitiesEPSS 0.6%CVE-2025-10706HIGHClassified Pro <= 1.0.14 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin InstallationEPSS 0.6%CVE-2024-9941HIGHWPGYM <= 67.1.0 - Missing Authorization to Authenticated (Subscriber+) Privilege EscalationEPSS 0.6%CVE-2024-11371MEDIUMTheater for WordPress <= 0.18.6.2 - Reflected Cross-Site ScriptingEPSS 0.6%CVE-2024-13499HIGHGamiPress <= 7.2.1 - Unauthenticated Arbitrary Shortcode Execution via gamipress_do_shortcode() FunctionEPSS 0.6%CVE-2024-3682MEDIUMWP STAGING <= 3.4.3 and WP STAGING Pro <= 5.4.3 - Sensitive Information Exposure via Log FileEPSS 0.6%

← anteriorpágina 34 / 120siguiente →

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →