Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
wordpress wordpress 4.5.3 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2013-2703
Cross-site request forgery (CSRF) vulnerability in the Facebook Members plugin before 5.0.5 for WordPress allows remote attackers to hijack the authentication of administrators for requests that modify this plugin's settings....
Crunchify Facebook Members 5.0
Crunchify Facebook Members 4.7
Crunchify Facebook Members 4.6.1
Crunchify Facebook Members 4.6
Crunchify Facebook Members 4.5.3
Crunchify Facebook Members
Crunchify Facebook Members 5.0.2
Crunchify Facebook Members 5.0.3
Crunchify Facebook Members 5.0.1
5
CVSSv2
CVE-2016-5839
WordPress before 4.5.3 allows remote attackers to bypass the sanitize_file_name protection mechanism via unspecified vectors....
5
CVSSv2
CVE-2016-5832
The customizer in WordPress before 4.5.3 allows remote attackers to bypass intended redirection restrictions via unspecified vectors....
5
CVSSv2
CVE-2016-5838
WordPress before 4.5.3 allows remote attackers to bypass intended password-change restrictions by leveraging knowledge of a cookie....
5
CVSSv2
CVE-2016-5836
The oEmbed protocol implementation in WordPress before 4.5.3 allows remote attackers to cause a denial of service via unspecified vectors....
1 Github repository available
5
CVSSv2
CVE-2016-5837
WordPress before 4.5.3 allows remote attackers to bypass intended access restrictions and remove a category attribute from a post via unspecified vectors....
2 Github repositories available
5
CVSSv2
CVE-2016-5835
WordPress before 4.5.3 allows remote attackers to obtain sensitive revision-history information by leveraging the ability to read a post, related to wp-admin/includes/ajax-actions.php and wp-admin/revision.php....
2 Github repositories available
4.3
CVSSv2
CVE-2016-5834
Cross-site scripting (XSS) vulnerability in the wp_get_attachment_link function in wp-includes/post-template.php in WordPress before 4.5.3 allows remote attackers to inject arbitrary web script or HTML via a crafted attachment name, a different vulnerability than CVE-2016-5833....
1 Github repository available
4.3
CVSSv2
CVE-2016-5833
Cross-site scripting (XSS) vulnerability in the column_title function in wp-admin/includes/class-wp-media-list-table.php in WordPress before 4.5.3 allows remote attackers to inject arbitrary web script or HTML via a crafted attachment name, a different vulnerability than...
1 Github repository available
6.5
CVSSv2
CVE-2020-35945
An issue was discovered in the Divi Builder plugin, Divi theme, and Divi Extra theme before 4.5.3 for WordPress. Authenticated attackers, with contributor-level or above capabilities, can upload arbitrary files, including .php files. This occurs because the check for file...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-21551
CVE-2021-27342
privilege
CVE-2021-29615
CVE-2021-29044
CVE-2021-27651
tensorflow
reflected XSS
XSS
google
CVE-2021-24323
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »
Vulmon