Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

wordpress wordpress 4.8 vulnerabilities and exploits

(subscribe to this query)

7.5
CVSSv3
CVE-2017-14722
Before version 4.8.2, WordPress allowed a Directory Traversal attack in the Customizer component via a crafted theme filename....
Wordpress Wordpress 4.7.5Wordpress Wordpress 4.8Wordpress Wordpress 4.7.3Wordpress Wordpress 4.7.4Wordpress Wordpress 4.7Wordpress Wordpress 4.8.1Wordpress Wordpress 4.7.1Wordpress Wordpress 4.7.2
7.5
CVSSv3
CVE-2017-14719
Before version 4.8.2, WordPress was vulnerable to a directory traversal attack during unzip operations in the ZipArchive and PclZip components....
Wordpress Wordpress 4.7.1Wordpress Wordpress 4.7.2Wordpress Wordpress 4.6.6Wordpress Wordpress 4.6.5Wordpress Wordpress 4.6.4Wordpress Wordpress 4.5.7Wordpress Wordpress 4.5.6Wordpress Wordpress 4.5Wordpress Wordpress 4.4.9Wordpress Wordpress 4.4.11Wordpress Wordpress 4.4.10Wordpress Wordpress 4.3.5Wordpress Wordpress 4.3.4Wordpress Wordpress 4.3Wordpress Wordpress 4.2.9Wordpress Wordpress 4.2.16Wordpress Wordpress 4.2.15Wordpress Wordpress 4.2Wordpress Wordpress 4.1.9Wordpress Wordpress 4.1.2Wordpress Wordpress 4.1.19Wordpress Wordpress 4.1.11Wordpress Wordpress 4.1.10Wordpress Wordpress 4.0.5Wordpress Wordpress 4.0.4Wordpress Wordpress 4.0.15Wordpress Wordpress 4.0.14Wordpress Wordpress 3.9.8Wordpress Wordpress 3.9.7Wordpress Wordpress 3.9.19Wordpress Wordpress 3.9.18Wordpress Wordpress 3.9.11Wordpress Wordpress 3.9.10Wordpress Wordpress 3.9.1Wordpress Wordpress 3.8.4Wordpress Wordpress 3.8.3Wordpress Wordpress 3.8.17Wordpress Wordpress 3.8.16Wordpress Wordpress 3.8.1Wordpress Wordpress 3.8Wordpress Wordpress 4.7Wordpress Wordpress 4.8.1Wordpress Wordpress 4.6.7Wordpress Wordpress 4.5.9Wordpress Wordpress 4.5.8Wordpress Wordpress 4.5.10Wordpress Wordpress 4.5.1Wordpress Wordpress 4.4.4Wordpress Wordpress 4.4.3Wordpress Wordpress 4.4.2Wordpress Wordpress 4.3.7Wordpress Wordpress 4.3.6Wordpress Wordpress 4.3.10Wordpress Wordpress 4.3.1Wordpress Wordpress 4.2.4Wordpress Wordpress 4.2.3Wordpress Wordpress 4.2.2Wordpress Wordpress 4.2.10Wordpress Wordpress 4.2.1Wordpress Wordpress 4.1.4Wordpress Wordpress 4.1.3Wordpress Wordpress 4.1.13Wordpress Wordpress 4.1.12Wordpress Wordpress 4.0.7Wordpress Wordpress 4.0.6Wordpress Wordpress 4.0.17Wordpress Wordpress 4.0.16Wordpress Wordpress 4.0Wordpress Wordpress 3.9.9Wordpress Wordpress 3.9.20Wordpress Wordpress 3.9.2Wordpress Wordpress 3.9.13Wordpress Wordpress 3.9.12Wordpress Wordpress 3.8.6Wordpress Wordpress 3.8.5Wordpress Wordpress 3.8.19Wordpress Wordpress 4.7.5Wordpress Wordpress 4.8Wordpress Wordpress 4.6.1Wordpress Wordpress 4.6Wordpress Wordpress 4.5.3Wordpress Wordpress 4.5.2Wordpress Wordpress 4.4.6Wordpress Wordpress 4.4.5Wordpress Wordpress 4.3.9Wordpress Wordpress 4.3.8Wordpress Wordpress 4.3.12Wordpress Wordpress 4.3.11Wordpress Wordpress 4.2.6Wordpress Wordpress 4.2.5Wordpress Wordpress 4.2.12Wordpress Wordpress 4.2.11Wordpress Wordpress 4.1.6Wordpress Wordpress 4.1.5Wordpress Wordpress 4.1.16Wordpress Wordpress 4.1.15Wordpress Wordpress 4.1.14Wordpress Wordpress 4.0.9Wordpress Wordpress 4.0.8Wordpress Wordpress 4.0.19Wordpress Wordpress 4.0.18Wordpress Wordpress 4.0.10Wordpress Wordpress 4.0.1Wordpress Wordpress 3.9.4Wordpress Wordpress 3.9.3Wordpress Wordpress 3.9.15Wordpress Wordpress 3.9.14Wordpress Wordpress 3.8.8Wordpress Wordpress 3.8.7Wordpress Wordpress 3.8.20Wordpress Wordpress 3.8.2Wordpress Wordpress 3.8.13Wordpress Wordpress 3.8.12Wordpress Wordpress 3.7.6Wordpress Wordpress 3.7.5Wordpress Wordpress 3.7.19Wordpress Wordpress 3.7.18Wordpress Wordpress 3.7.11Wordpress Wordpress 3.7.10Wordpress Wordpress 3.4.2Wordpress Wordpress 3.4.1Wordpress Wordpress 3.2Wordpress Wordpress 3.1.4Wordpress Wordpress 3.0.4Wordpress Wordpress 3.0.3Wordpress Wordpress 3.8.18Wordpress Wordpress 3.8.11Wordpress Wordpress 3.8.10Wordpress Wordpress 3.7.4Wordpress Wordpress 3.7.3Wordpress Wordpress 3.7.17Wordpress Wordpress 3.7.16Wordpress Wordpress 3.7.1Wordpress Wordpress 3.7Wordpress Wordpress 3.6.1Wordpress Wordpress 3.4Wordpress Wordpress 3.3.3Wordpress Wordpress 3.1.3Wordpress Wordpress 3.1.2Wordpress Wordpress 3.0.1Wordpress Wordpress 3.0Wordpress Wordpress 3.0.2Wordpress Wordpress 3.7.9Wordpress Wordpress 3.7.22Wordpress Wordpress 3.7.21Wordpress Wordpress 3.7.15Wordpress Wordpress 3.7.14Wordpress Wordpress 3.6Wordpress Wordpress 3.5.2Wordpress Wordpress 3.3.2Wordpress Wordpress 3.3.1Wordpress Wordpress 3.1.1Wordpress Wordpress 3.1Wordpress Wordpress 4.7.3Wordpress Wordpress 4.7.4Wordpress Wordpress 4.6.3Wordpress Wordpress 4.6.2Wordpress Wordpress 4.5.5Wordpress Wordpress 4.5.4Wordpress Wordpress 4.4.8Wordpress Wordpress 4.4.7Wordpress Wordpress 4.4.1Wordpress Wordpress 4.4Wordpress Wordpress 4.3.3Wordpress Wordpress 4.3.2Wordpress Wordpress 4.2.8Wordpress Wordpress 4.2.7Wordpress Wordpress 4.2.14Wordpress Wordpress 4.2.13Wordpress Wordpress 4.1.8Wordpress Wordpress 4.1.7Wordpress Wordpress 4.1.18Wordpress Wordpress 4.1.17Wordpress Wordpress 4.1.1Wordpress Wordpress 4.1Wordpress Wordpress 4.0.3Wordpress Wordpress 4.0.2Wordpress Wordpress 4.0.13Wordpress Wordpress 4.0.12Wordpress Wordpress 4.0.11Wordpress Wordpress 3.9.6Wordpress Wordpress 3.9.5Wordpress Wordpress 3.9.17Wordpress Wordpress 3.9.16Wordpress Wordpress 3.9Wordpress Wordpress 3.8.9Wordpress Wordpress 3.8.22Wordpress Wordpress 3.8.21Wordpress Wordpress 3.8.15Wordpress Wordpress 3.8.14Wordpress Wordpress 3.7.8Wordpress Wordpress 3.7.7Wordpress Wordpress 3.7.20Wordpress Wordpress 3.7.2Wordpress Wordpress 3.7.13Wordpress Wordpress 3.7.12Wordpress Wordpress 3.5.1Wordpress Wordpress 3.5Wordpress Wordpress 3.3Wordpress Wordpress 3.2.1Wordpress Wordpress 3.0.6Wordpress Wordpress 3.0.5
6.1
CVSSv3
CVE-2019-15775
The nd-learning plugin before 4.8 for WordPress has a nopriv_ AJAX action that allows modification of the siteurl setting....
Learning Courses Project Learning Courses
8.8
CVSSv3
CVE-2021-24750
The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 4.8 does not properly sanitise and escape the refUrl in the refDetails AJAX action, available to any authenticated user, which could allow users with a role as low as subscriber to perform SQL injection attacks...
Wp Visitor Statistics \\(real Time Traffic\\) Project Wp Visitor Statistics \\(real Time Traffic\\)
6.1
CVSSv3
CVE-2018-1000556
WordPress version 4.8 + contains a Cross Site Scripting (XSS) vulnerability in plugins.php or core wordpress on delete function that can result in An attacker can perform client side attacks which could be from stealing a cookie to code injection. This attack appear to be...
Veronalabs Wp Statistics
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversalCVE-2023-21068CVE-2023-21077unspecifiedCVE-2023-21070CVE-2023-21016file upload
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook