Exposición de WordPress
Blogs, CMS2045
score de exposición
2.932.393
sitios usan
0
en explotación
174
críticos
CVEs
2380 resultadosCVE-2024-7627HIGHBit File Manager 6.0 - 6.5.5 - Unauthenticated Remote Code Execution via Race ConditionEPSS 2.8%CVE-2021-24385—Filebird 4.7.3 - Unauthenticated SQL InjectionEPSS 2.8%CVE-2021-24773—WordPress Download Manager < 3.2.16 - Admin+ Stored Cross-Site ScriptingEPSS 2.8%CVE-2024-31211MEDIUMRemote Code Execution in `WP_HTML_Token`EPSS 2.7%CVE-2019-25213CRITICALAdvanced Access Manager <= 5.9.8.1 - Unauthenticated Arbitrary File ReadEPSS 2.7%CVE-2021-25033—Noptin < 1.6.5 - Open RedirectEPSS 2.7%CVE-2021-24596—youForms for WordPress <= 1.0.5 - Authenticated Stored Cross-Site ScriptingEPSS 2.7%CVE-2022-33198CRITICALWordPress Accordions plugin <= 2.0.2 - Unauthenticated WordPress Options Change vulnerabilityEPSS 2.6%CVE-2022-34487CRITICALWordPress Shortcode Addons plugin <= 3.0.2 - Unauthenticated Arbitrary Option Update vulnerabilityEPSS 2.6%CVE-2024-32700CRITICALWordPress Kognetiks Chatbot for WordPress plugin <= 2.0.0 - Arbitrary File Upload vulnerabilityEPSS 2.6%CVE-2020-4046MEDIUMAuthenticated XSS through embed block in WordPressEPSS 2.4%CVE-2021-25055—FeedWordPress < 2022.0123 - Reflected Cross-Site Scripting (XSS)EPSS 2.3%CVE-2023-23490HIGHThe Survey Maker WordPress Plugin, version < 3.1.2, is affected by an authenticated SQL injection vulnerability in the 'surveys_ids' parametEPSS 2.3%CVE-2020-11028MEDIUMUnauthenticated disclosure of certain private posts in WordPressEPSS 2.3%CVE-2021-29450MEDIUMWordPress Authenticated disclosure of password-protected posts and pagesEPSS 2.3%CVE-2020-4048MEDIUMOpen redirect in wp_validate_redirect() in WordPressEPSS 2.3%CVE-2022-0220—WordPress GDPR & CCPA < 1.9.27 - Unauthenticated Reflected Cross-Site ScriptingEPSS 2.3%CVE-2024-7985HIGHFileOrganizer <= 1.0.9 - Authenticated (Subscriber+) Arbitrary File UploadEPSS 2.2%CVE-2022-0271—LearnPress < 4.1.6 - Reflected Cross-Site ScriptingEPSS 2.2%CVE-2015-4615—Vulnerability in Easy2map-photos WordPress Plugin v1.09 allows SQL Injection via unsanitized mapTemplateName, mapName, mapSettingsXML, parenEPSS 2.2%
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →