Exposição de WordPress

Blogs, CMS

2.045

score de exposição

2.932.393

sites usam

0

em exploração

174

críticos

CVEs

2.381 resultados

CVE-2024-7484HIGHCRM Perks Forms <= 1.1.3 - Authenticated (Administrator+) Arbitrary File UploadEPSS 0.9%CVE-2024-6555MEDIUMWP Popups – WordPress Popup builder <= 2.2.0.1 - Unauthenticated Full Path DisclosureEPSS 0.9%CVE-2023-28663HIGHThe Formidable PRO2PDF WordPress Plugin, version < 3.11, is affected by an authenticated SQL injection vulnerability in the ‘fieldmap’ paramEPSS 0.9%CVE-2023-5504HIGHBackWPup <= 4.0.1 - Authenticated (Administrator+) Directory TraversalEPSS 0.9%CVE-2023-6009HIGHUserPro <= 5.1.4 - Authenticated (Subscriber+) Privilege EscalationEPSS 0.9%CVE-2022-3150HIGHWP Custom Cursors < 3.2 - Admin+ SQLiEPSS 0.9%CVE-2025-8420HIGHMultiple Plugins by emarket-design <= Multiple Versions - Unauthenticated Limited Remote Code ExecutionEPSS 0.9%CVE-2024-8126HIGHAdvanced File Manager <= 5.2.8 - Authenticated (Subscriber+) Arbitrary File UploadEPSS 0.9%CVE-2025-13956MEDIUMLearnPress – WordPress LMS Plugin <= 4.3.1 - Missing Authorization to Unauthenticated Orders Statistics ExposureEPSS 0.9%CVE-2020-5767—Cross-site request forgery in Icegram Email Subscribers & Newsletters Plugin for WordPress v4.4.8 allows a remote attacker to send forged emEPSS 0.9%CVE-2025-11368MEDIUMLearnPress – WordPress LMS Plugin <= 4.2.9.4 - Missing Authorization to Unauthenticated Arbitrary Callback Execution to Information ExposureEPSS 0.9%CVE-2024-2381HIGHAliExpress Dropshipping with AliNext Lite <= 3.3.5 - Authenticated (Subscriber+) Arbitrary File UploadEPSS 0.9%CVE-2022-2559—Fluent Support < 1.5.8 - Admin+ SQLiEPSS 0.9%CVE-2021-39203MEDIUMPrivate data disclosure/privilege escalation through the block editor in WordpressEPSS 0.9%CVE-2017-6103—Persistent XSS Vulnerability in Wordpress plugin AnyVar v0.1.1.EPSS 0.9%CVE-2021-24907—Everest Forms < 1.8.0 - Reflected Cross-Site ScriptingEPSS 0.9%CVE-2024-4560CRITICALKognetiks Chatbot for WordPress <= 1.9.9 - Unauthenticated Arbitrary File Upload via chatbot_chatgpt_upload_file_to_assistant FunctionEPSS 0.9%CVE-2022-33970HIGHWordPress Shortcode Addons plugin <= 3.1.2 - Authenticated WordPress Options Change vulnerabilityEPSS 0.9%CVE-2023-2448MEDIUMUserPro <= 5.1.4 - Missing Authorization to Arbitrary Shortcode Execution via userpro_shortcode_templateEPSS 0.9%CVE-2024-4186CRITICALEdwiser Bridge <= 3.0.5 - Authentication Bypass due to Missing Empty Value CheckEPSS 0.9%

← anteriorpágina 17 / 120próxima →

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →