Exposição de WordPress
Blogs, CMS2.045
score de exposição
2.932.393
sites usam
0
em exploração
174
críticos
CVEs
2.380 resultadosCVE-2024-11868MEDIUMLearnPress – WordPress LMS Plugin <= 4.2.7.3 - Course Material Sensitive Information Exposure via REST APIEPSS 1.1%CVE-2024-6313CRITICALGutenberg Forms <= 2.2.9 - Unauthenticated Arbitrary File UploadEPSS 1.1%CVE-2023-28667CRITICALThe Lead Generated WordPress Plugin, version <= 1.23, was affected by an unauthenticated insecure deserialization issue. The tve_labels paraEPSS 1.1%CVE-2022-3418HIGHWP All Import < 3.6.9 - Admin+ Arbitrary File Upload to RCEEPSS 1.1%CVE-2020-36848HIGHTotal Upkeep by BoldGrid <= 1.14.9 - Unauthenticated Backup DownloadEPSS 1.1%CVE-2025-7341CRITICALHT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder. <= 2.2.1 - Unauthenticated Arbitrary File DeletionEPSS 1.1%CVE-2022-23984LOWWordPress wpDiscuz plugin <= 7.3.11 - Sensitive Information DisclosureEPSS 1.1%CVE-2024-24926HIGHWordPress Brooklyn Theme <= 4.9.7.6 is vulnerable to PHP Object InjectionEPSS 1.1%CVE-2024-6845MEDIUMSmartSearchWP < 2.4.6 - Unauthenticated OpenAI Key DisclosureEPSS 1.1%CVE-2022-2903HIGHNinjaForms < 3.6.13 - Admin+ PHP Objection InjectionEPSS 1.1%CVE-2022-36386CRITICALWordPress Import any XML or CSV File to WordPress plugin <= 3.6.7 - Authenticated Arbitrary Code Execution vulnerabilityEPSS 1.1%CVE-2023-50891MEDIUMWordPress Zoho Forms Plugin <= 3.0.1 is vulnerable to Cross Site Scripting (XSS)EPSS 1.1%CVE-2022-3603CRITICALExport customers list CSV for WooCommerce < 2.0.69 - CSV InjectionEPSS 1.1%CVE-2021-36874HIGHWordPress uListing plugin <= 2.0.5 - Authenticated Insecure Direct Object References (IDOR) vulnerabilityEPSS 1.1%CVE-2022-42497CRITICALWordPress Api2Cart Bridge Connector plugin <= 1.1.0 - Arbitrary Code Execution vulnerabilityEPSS 1.1%CVE-2021-44779HIGHWordPress [GWA] AutoResponder plugin <= 2.3 - Unauthenticated SQL Injection (SQLi) vulnerabilityEPSS 1.1%CVE-2025-2008HIGHImport Export Suite for CSV and XML Datafeed <= 7.19 - Authenticated (Subscriber+) Arbitrary File UploadEPSS 1.1%CVE-2022-27863MEDIUMWordPress VikBooking Hotel Booking Engine & PMS plugin <= 1.5.3 - Sensitive Data Exposure vulnerabilityEPSS 1.0%CVE-2022-1961MEDIUMGoogle Tag Manager for WordPress (GTM4WP) <= 1.15.1 - Stored Cross-Site Scripting via Content Element IDEPSS 1.0%CVE-2022-29411HIGHWordPress Hermit 音乐播放器 plugin <= 3.1.6 - Unauthenticated SQL Injection SQLi) vulnerabilityEPSS 1.0%
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →