Exposição de WordPress
Blogs, CMS2.045
score de exposição
2.932.393
sites usam
0
em exploração
174
críticos
CVEs
2.380 resultadosCVE-2021-24403—WordPress Page Contact <= 1.0 - Authenticated (editor+) SQL InjectionEPSS 1.5%CVE-2021-24396—GSEOR <= 1.3 - Authenticated SQL InjectionEPSS 1.5%CVE-2022-23911—AP Custom Testimonial < 1.4.8 - Admin+ SQL InjectionEPSS 1.4%CVE-2021-20746—Cross-site scripting vulnerability in WordPress Popular Posts 5.3.2 and earlier allows a remote authenticated attacker to inject an arbitrarEPSS 1.4%CVE-2022-25812—Transposh WordPress Translation < 1.0.8 - Admin+ RCEEPSS 1.4%CVE-2021-24163—Ninja Forms < 3.4.34 - Authenticated SendWP Plugin Installation and Client Secret Key DisclosureEPSS 1.4%CVE-2020-11030MEDIUMCross-site scripting (XSS) in Search block in WordPressEPSS 1.4%CVE-2022-1273—Import WP < 2.4.6 - Admin+ Arbitrary File Upload to RCEEPSS 1.4%CVE-2017-2216—Cross-site scripting vulnerability in WordPress Download Manager prior to version 2.9.50 allows remote attackers to inject arbitrary web scrEPSS 1.4%CVE-2022-28700CRITICALWordPress GiveWP plugin <= 2.20.2 - Authenticated Arbitrary File Creation via Export function vulnerabilityEPSS 1.4%CVE-2022-27844LOWWordPress WPvivid plugin <= 0.9.70 - Arbitrary File Read vulnerabilityEPSS 1.4%CVE-2022-28290—Reflective Cross-Site Scripting vulnerability in WordPress Country Selector Plugin Version 1.6.5. The XSS payload executes whenever the userEPSS 1.4%CVE-2024-3293HIGHrtMedia for WordPress, BuddyPress and bbPress <= 4.6.18 - Authenticated (Contributor+) SQL Injection via rtmedia_gallery ShortcodeEPSS 1.4%CVE-2022-43504MEDIUMImproper authentication vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to obtain the email addrEPSS 1.4%CVE-2021-4370CRITICALuListing <= 1.6.6 - Missing AuthorizationEPSS 1.4%CVE-2021-4381CRITICALuListing <= 1.6.6 - Unauthenticated Options Changes via wp_routeEPSS 1.4%CVE-2021-4343CRITICALuListing <= 1.6.6 - Unauthenticated Arbitrary Account CreationEPSS 1.4%CVE-2019-16781MEDIUMStored cross-site scripting (XSS) in WordPress block editorEPSS 1.4%CVE-2022-1904—Easy Pricing Tables < 3.2.1 - Reflected Cross-Site-ScriptingEPSS 1.4%CVE-2022-2373—Simply Schedule Appointments < 1.5.7.7 - Unauthenticated Email Address DisclosureEPSS 1.4%
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →