Exposição de WordPress
Blogs, CMS2.045
score de exposição
2.932.393
sites usam
0
em exploração
174
críticos
CVEs
2.381 resultadosCVE-2021-25014—Ibtana < 1.1.4.9 - Subscriber+ Settings Update to Stored XSSEPSS 0.6%CVE-2021-34639HIGHWordPress Download Manager <= 3.1.24 Authenticated Arbitrary File UploadEPSS 0.6%CVE-2024-0701MEDIUMUserPro <= 5.1.6 - Disabled Membership Registration BypassEPSS 0.6%CVE-2023-5905HIGHDeMomentSomTres WordPress Export Posts With Images <= 20220825 - Subscriber+ unauthorized data exportEPSS 0.6%CVE-2026-6235CRITICALSendmachine for WordPress <= 1.0.20 - Unauthenticated SMTP Hijack to Privilege Escalation via manage_admin_requestsEPSS 0.6%CVE-2025-10058HIGHWP Import – Ultimate CSV XML Importer for WordPress <= 7.27 - Authenticated (Subscriber+) Arbitrary File DeletionEPSS 0.6%CVE-2024-10862MEDIUMNEX-Forms <= 8.7.15 - Authenticated (Admin+) SQL InjectionEPSS 0.6%CVE-2024-0385MEDIUMCategorify <= 1.0.7.4 - Missing Authorization in categorifyAjaxAddCategoryEPSS 0.6%CVE-2024-0852HIGHcoreActivity < 1.8.1 - Unauthenticated Stored XSSEPSS 0.6%CVE-2022-1027—Page Restriction WordPress < 1.2.7 - Admin+ Stored Cross-Site ScriptingEPSS 0.6%CVE-2021-24231—Patreon WordPress < 1.7.0 - CSRF to Disconnect Sites From PatreonEPSS 0.6%CVE-2024-30478HIGHWordPress Announcement & Notification Banner – Bulletin plugin <= 3.8.5 - SQL Injection vulnerabilityEPSS 0.6%CVE-2023-0173MEDIUMWPFunnels < 2.6.9 - Contributor+ Stored XSSEPSS 0.6%CVE-2021-36920MEDIUMWordPress plugin Download Monitor <= 4.4.6 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerabilityEPSS 0.6%CVE-2025-7654HIGHMultiple Plugins By FunnelKit <= (Various Versions) - Authenticated (Contributor+) Sensitive Information Exposure to Privilege Escalation via Woofunnel LibraryEPSS 0.6%CVE-2022-4932MEDIUMTotal Upkeep <= 1.14.13 - Missing Authorization to Authenticated (Subscriber+) Information DisclosureEPSS 0.6%CVE-2023-4139HIGHWP Ultimate CSV Importer <= 7.9.8 - Sensitive Information Exposure via Directory ListingEPSS 0.6%CVE-2022-29451HIGHWordPress Rara One Click Demo Import plugin <= 1.2.9 - Cross-Site Request Forgery (CSRF) leads to Arbitrary File Upload vulnerabilityEPSS 0.6%CVE-2025-4803HIGHGlossary by WPPedia <= 1.3.0 - Authenticated (Administrator+) PHP Object InjectionEPSS 0.6%CVE-2024-13567HIGHAwesome Support – WordPress HelpDesk & Support Plugin <= 6.3.1 - Unauthenticated Sensitive Information Exposure Through Unprotected DirectoryEPSS 0.6%
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →