Exposição de WordPress
Blogs, CMS2.045
score de exposição
2.932.393
sites usam
0
em exploração
174
críticos
CVEs
2.381 resultadosCVE-2023-2449CRITICALUserPro <= 5.1.1 - Insecure Password Reset MechanismEPSS 0.9%CVE-2024-12571CRITICALStore Locator <= 3.98.10 - Unauthenticated Local File InclusionEPSS 0.9%CVE-2022-35235MEDIUMWordPress WPide plugin <= 2.6 - Authenticated Arbitrary File Read vulnerabilityEPSS 0.9%CVE-2021-39340MEDIUMNotification – Custom Notifications and Alerts for WordPress <= 7.2.4 Authenticated Stored Cross-Site ScriptingEPSS 0.9%CVE-2024-11270HIGHWordPress Webinar Plugin – WebinarPress <= 1.33.24 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File CreationEPSS 0.9%CVE-2022-29429HIGHWordPress Code Snippets Extended plugin <= 1.4.7 - Cross-Site Request Forgery (CSRF) leading to Remote Code Execution (RCE) vulnerabilityEPSS 0.9%CVE-2022-42698CRITICALWordPress Api2Cart Bridge Connector plugin <= 1.1.0 - Arbitrary File Upload vulnerabilityEPSS 0.9%CVE-2024-0825HIGHVimeography: Vimeo Video Gallery WordPress Plugin <= 2.3.2 - Authenticated (Contributor+) PHP Object InjectionEPSS 0.9%CVE-2022-4320MEDIUMWordPress Events Calendar Plugin < 1.4.5 - Multiple Reflected XSSEPSS 0.9%CVE-2022-25810—Transposh WordPress Translation <= 1.0.8 - Subscriber+ Unauthorised CallsEPSS 0.9%CVE-2021-24164—Ninja Forms < 3.4.34.1 - Authenticated OAuth Connection Key DisclosureEPSS 0.9%CVE-2023-28665MEDIUMThe Woo Bulk Price Update WordPress plugin, in versions < 2.2.2, is affected by a reflected cross-site scripting vulnerability in the 'page'EPSS 0.9%CVE-2022-1585—Project Source Code Download <= 1.0.0 - Unauthenticated Backup DownloadEPSS 0.9%CVE-2023-2500HIGHGo Pricing - WordPress Responsive Pricing Tables <= 3.3.19 - Authenticated (Subscriber+) PHP Object InjectionEPSS 0.9%CVE-2022-38104HIGHWordPress Accordions plugin <= 2.0.3 - Auth. WordPress Options Change vulnerabilityEPSS 0.9%CVE-2024-13333HIGHAdvanced File Manager 5.2.12 - 5.2.13 - Authenticated (Subscriber+) Arbitrary File UploadEPSS 0.9%CVE-2023-28659HIGHThe Waiting: One-click Countdowns WordPress Plugin, version <= 0.6.2, is affected by an authenticated SQL injection vulnerability in the pbcEPSS 0.9%CVE-2023-28661—The WP Popup Banners WordPress Plugin, version <= 1.2.5, is affected by an authenticated SQL injection vulnerability in the 'value' parameteEPSS 0.9%CVE-2023-26325—The 'rx_export_review' action in the ReviewX WordPress Plugin, is affected by an authenticated SQL injection vulnerability in the 'filterValEPSS 0.9%CVE-2023-28660—The Events Made Easy WordPress Plugin, version <= 2.3.14 is affected by an authenticated SQL injection vulnerability in the 'search_name' paEPSS 0.9%
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →