Exposição de WordPress
Blogs, CMS2.045
score de exposição
2.932.393
sites usam
0
em exploração
174
críticos
CVEs
2.380 resultadosCVE-2022-0535—E2Pdf < 1.16.45 - Admin+ Stored Cross-Site Scripting (XSS)EPSS 1.3%CVE-2021-24910—Transposh WordPress Translation < 1.0.8 - Reflected Cross-Site ScriptingEPSS 1.3%CVE-2022-0255—Database Backup for WordPress < 2.5.1 - Admin+ SQL InjectionEPSS 1.3%CVE-2024-6846MEDIUMSmartSearchWP <= 2.4.4 - Unauthenticated Log PurgeEPSS 1.3%CVE-2022-25602HIGHWordPress Responsive Menu plugin <= 4.1.7 - Nonce token leak leading to arbitrary file upload, theme deletion, plugin settings change vulnerabilityEPSS 1.3%CVE-2022-1977—WP Ultimate CSV Importer < 6.5.3 - Admin+ Blind SSRFEPSS 1.3%CVE-2024-11028CRITICALMultiManager WP – Manage All Your WordPress Sites Easily <= 1.0.5 - Authentication Bypass via User ImpersonationEPSS 1.3%CVE-2021-25086—Advanced Page Visit Counter < 6.1.2 - Unauthenticated Stored Cross-Site ScriptingEPSS 1.3%CVE-2025-3455HIGH1 Click WordPress Migration Plugin – 100% FREE for a limited time <= 2.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File UploadEPSS 1.2%CVE-2022-1800—Export any WordPress data to XML/CSV < 1.3.5 - Admin+ SQL InjectionEPSS 1.2%CVE-2021-4346CRITICALuListing <= 1.6.6 - Unauthenticated Arbitrary Account ChangesEPSS 1.2%CVE-2023-4142HIGHWP Ultimate CSV Importer <= 7.9.8 - Authenticated (Author+) Remote Code ExecutionEPSS 1.2%CVE-2023-4141HIGHWP Ultimate CSV Importer <= 7.9.8 - Authenticated (Author+) PHP File Creation to Remote Code ExecutionEPSS 1.2%CVE-2021-24877—MainWP Child < 4.1.8 - Admin+ SQL InjectionEPSS 1.2%CVE-2022-3463CRITICALFluentForm < 4.3.13 - CSV InjectionEPSS 1.2%CVE-2023-7082HIGHWP All Import < 3.7.3 - Admin+ Arbitrary File Upload to RCEEPSS 1.2%CVE-2016-15041HIGHMainWP Dashboard – The Private WordPress Manager for Multiple Website Maintenance Plugin <= 3.1.2 - Stored Cross-Site ScriptingEPSS 1.2%CVE-2012-10025CRITICALWordPress Plugin Advanced Custom Fields <= 3.5.1 Remote File InclusionEPSS 1.2%CVE-2026-8832HIGHWPCode <= 2.3.5 - Authenticated (Author+) Remote Code Execution via CPT Capability Bypass via XML-RPC wp.newPostEPSS 1.2%CVE-2023-29384CRITICALWordPress WordPress Job Board and Recruitment Plugin – JobWP Plugin <= 2.0 is vulnerable to Arbitrary File UploadEPSS 1.2%
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →