wordpress vulnerabilities and exploits

(subscribe to this query)

4.3

CVSSv2

WordPress before 3.5.2, when the uploads directory forbids write access, allows remote attackers to obtain sensitive information via an invalid upload request, which reveals the absolute path in an XMLHttpRequest error message....

Wordpress Wordpress 0.71 Wordpress Wordpress 1.0 Wordpress Wordpress 1.0.1 Wordpress Wordpress 1.0.2 Wordpress Wordpress 1.1.1 Wordpress Wordpress 1.2 Wordpress Wordpress 1.2.1 Wordpress Wordpress 1.2.2 Wordpress Wordpress 1.2.3 Wordpress Wordpress 1.2.4 Wordpress Wordpress 1.2.5 Wordpress Wordpress 1.3 Wordpress Wordpress 1.3.2 Wordpress Wordpress 1.3.3 Wordpress Wordpress 1.5 Wordpress Wordpress 1.5.1 Wordpress Wordpress 1.5.1.1 Wordpress Wordpress 1.5.1.2 Wordpress Wordpress 1.5.1.3 Wordpress Wordpress 1.5.2 Wordpress Wordpress 1.6.2 Wordpress Wordpress 2.0 Wordpress Wordpress 2.0.1 Wordpress Wordpress 2.0.2 Wordpress Wordpress 2.0.4 Wordpress Wordpress 2.0.5 Wordpress Wordpress 2.0.6 Wordpress Wordpress 2.0.7 Wordpress Wordpress 2.0.8 Wordpress Wordpress 2.0.9 Wordpress Wordpress 2.0.10 Wordpress Wordpress 2.0.11 Wordpress Wordpress 2.1 Wordpress Wordpress 2.1.1 Wordpress Wordpress 2.1.2 Wordpress Wordpress 2.1.3 Wordpress Wordpress 2.2 Wordpress Wordpress 2.2.1 Wordpress Wordpress 2.2.2 Wordpress Wordpress 2.2.3 Wordpress Wordpress 2.3 Wordpress Wordpress 2.3.1 Wordpress Wordpress 2.3.2 Wordpress Wordpress 2.3.3 Wordpress Wordpress 2.5 Wordpress Wordpress 2.5.1 Wordpress Wordpress 2.6 Wordpress Wordpress 2.6.1 Wordpress Wordpress 2.6.2 Wordpress Wordpress 2.6.3 Wordpress Wordpress 2.6.5 Wordpress Wordpress 2.7 Wordpress Wordpress 2.7.1 Wordpress Wordpress 2.8 Wordpress Wordpress 2.8.1 Wordpress Wordpress 2.8.2 Wordpress Wordpress 2.8.3 Wordpress Wordpress 2.8.4 Wordpress Wordpress 2.8.5 Wordpress Wordpress 2.8.5.1 Wordpress Wordpress 2.8.5.2 Wordpress Wordpress 2.8.6 Wordpress Wordpress 2.9 Wordpress Wordpress 2.9.1 Wordpress Wordpress 2.9.1.1 Wordpress Wordpress 2.9.2 Wordpress Wordpress 3.3 Wordpress Wordpress 3.3.1 Wordpress Wordpress 3.3.2 Wordpress Wordpress 3.3.3 Wordpress Wordpress 3.4.0 Wordpress Wordpress 3.4.1 Wordpress Wordpress 3.4.2 Wordpress Wordpress 3.5.0 Wordpress Wordpress

4.3

CVSSv2

The default configuration of SWFUpload in WordPress before 3.5.2 has an unrestrictive security.allowDomain setting, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted web site....

Wordpress Wordpress 0.71 Wordpress Wordpress 1.0 Wordpress Wordpress 1.0.1 Wordpress Wordpress 1.0.2 Wordpress Wordpress 1.1.1 Wordpress Wordpress 1.2 Wordpress Wordpress 1.2.1 Wordpress Wordpress 1.2.2 Wordpress Wordpress 1.2.3 Wordpress Wordpress 1.2.4 Wordpress Wordpress 1.2.5 Wordpress Wordpress 1.3 Wordpress Wordpress 1.3.2 Wordpress Wordpress 1.3.3 Wordpress Wordpress 1.5 Wordpress Wordpress 1.5.1 Wordpress Wordpress 1.5.1.1 Wordpress Wordpress 1.5.1.2 Wordpress Wordpress 1.5.1.3 Wordpress Wordpress 1.5.2 Wordpress Wordpress 1.6.2 Wordpress Wordpress 2.0 Wordpress Wordpress 2.0.1 Wordpress Wordpress 2.0.2 Wordpress Wordpress 2.0.4 Wordpress Wordpress 2.0.5 Wordpress Wordpress 2.0.6 Wordpress Wordpress 2.0.7 Wordpress Wordpress 2.0.8 Wordpress Wordpress 2.0.9 Wordpress Wordpress 2.0.10 Wordpress Wordpress 2.0.11 Wordpress Wordpress 2.1 Wordpress Wordpress 2.1.1 Wordpress Wordpress 2.1.2 Wordpress Wordpress 2.1.3 Wordpress Wordpress 2.2 Wordpress Wordpress 2.2.1 Wordpress Wordpress 2.2.2 Wordpress Wordpress 2.2.3 Wordpress Wordpress 2.3 Wordpress Wordpress 2.3.1 Wordpress Wordpress 2.3.2 Wordpress Wordpress 2.3.3 Wordpress Wordpress 2.5 Wordpress Wordpress 2.5.1 Wordpress Wordpress 2.6 Wordpress Wordpress 2.6.1 Wordpress Wordpress 2.6.2 Wordpress Wordpress 2.6.3 Wordpress Wordpress 2.6.5 Wordpress Wordpress 2.7 Wordpress Wordpress 2.7.1 Wordpress Wordpress 2.8 Wordpress Wordpress 2.8.1 Wordpress Wordpress 2.8.2 Wordpress Wordpress 2.8.3 Wordpress Wordpress 2.8.4 Wordpress Wordpress 2.8.5 Wordpress Wordpress 2.8.5.1 Wordpress Wordpress 2.8.5.2 Wordpress Wordpress 2.8.6 Wordpress Wordpress 2.9 Wordpress Wordpress 2.9.1 Wordpress Wordpress 2.9.1.1 Wordpress Wordpress 2.9.2 Wordpress Wordpress 3.3 Wordpress Wordpress 3.3.1 Wordpress Wordpress 3.3.2 Wordpress Wordpress 3.3.3 Wordpress Wordpress 3.4.0 Wordpress Wordpress 3.4.1 Wordpress Wordpress 3.4.2 Wordpress Wordpress 3.5.0 Wordpress Wordpress1 Github repository available

6.8

CVSSv2

** DISPUTED ** The wp_create_nonce function in wp-includes/pluggable.php in WordPress 3.3.1 and earlier associates a nonce with a user account instead of a user session, which might make it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks on...

Wordpress Wordpress 1.0 Wordpress Wordpress 1.0.1 Wordpress Wordpress 1.0.2 Wordpress Wordpress 1.1.1 Wordpress Wordpress 1.2 Wordpress Wordpress 1.2.1 Wordpress Wordpress 1.2.2 Wordpress Wordpress 1.2.3 Wordpress Wordpress 1.2.4 Wordpress Wordpress 1.2.5 Wordpress Wordpress 1.3 Wordpress Wordpress 1.3.2 Wordpress Wordpress 1.3.3 Wordpress Wordpress 1.5 Wordpress Wordpress 1.5.1 Wordpress Wordpress 1.5.1.1 Wordpress Wordpress 1.5.1.2 Wordpress Wordpress 1.5.1.3 Wordpress Wordpress 1.5.2 Wordpress Wordpress 2.0 Wordpress Wordpress 2.0.1 Wordpress Wordpress 2.0.2 Wordpress Wordpress 2.0.4 Wordpress Wordpress 2.0.5 Wordpress Wordpress 2.0.6 Wordpress Wordpress 2.0.7 Wordpress Wordpress 2.0.8 Wordpress Wordpress 2.0.9 Wordpress Wordpress 2.0.10 Wordpress Wordpress 2.0.11 Wordpress Wordpress 2.1 Wordpress Wordpress 2.1.1 Wordpress Wordpress 2.1.2 Wordpress Wordpress 2.1.3 Wordpress Wordpress 2.2 Wordpress Wordpress 2.2.1 Wordpress Wordpress 2.2.2 Wordpress Wordpress 2.2.3 Wordpress Wordpress 2.3 Wordpress Wordpress 2.3.1 Wordpress Wordpress 2.3.2 Wordpress Wordpress 2.3.3 Wordpress Wordpress 2.5 Wordpress Wordpress 2.5.1 Wordpress Wordpress 2.6 Wordpress Wordpress 2.6.1 Wordpress Wordpress 2.6.2 Wordpress Wordpress 2.6.3 Wordpress Wordpress 2.6.5 Wordpress Wordpress 2.7 Wordpress Wordpress 2.7.1 Wordpress Wordpress 2.8 Wordpress Wordpress 2.8.1 Wordpress Wordpress 2.8.2 Wordpress Wordpress 2.8.3 Wordpress Wordpress 2.8.4 Wordpress Wordpress 2.8.5 Wordpress Wordpress 2.8.5.1 Wordpress Wordpress 2.8.5.2 Wordpress Wordpress 2.8.6 Wordpress Wordpress 2.9 Wordpress Wordpress 2.9.1 Wordpress Wordpress 2.9.1.1 Wordpress Wordpress 2.9.2 Wordpress Wordpress 3.0 Wordpress Wordpress 3.0.1 Wordpress Wordpress 3.0.2 Wordpress Wordpress 3.0.3 Wordpress Wordpress 3.0.4 Wordpress Wordpress 3.0.5 Wordpress Wordpress 3.0.6 Wordpress Wordpress 3.1 Wordpress Wordpress 3.1.1 Wordpress Wordpress 3.1.2 Wordpress Wordpress 3.1.3 Wordpress Wordpress 3.1.4 Wordpress Wordpress 3.2 Wordpress Wordpress 3.2.1 Wordpress Wordpress 3.3 Wordpress Wordpress1 EDB exploit available

4

CVSSv2

WordPress before 3.7.2 and 3.8.x before 3.8.2 allows remote authenticated users to publish posts by leveraging the Contributor role, related to wp-admin/includes/post.php and wp-admin/includes/class-wp-posts-list-table.php....

Wordpress Wordpress 0.71 Wordpress Wordpress 1.0 Wordpress Wordpress 1.0.1 Wordpress Wordpress 1.0.2 Wordpress Wordpress 1.1.1 Wordpress Wordpress 1.2 Wordpress Wordpress 1.2.1 Wordpress Wordpress 1.2.2 Wordpress Wordpress 1.2.3 Wordpress Wordpress 1.2.4 Wordpress Wordpress 1.2.5 Wordpress Wordpress 1.3 Wordpress Wordpress 1.3.2 Wordpress Wordpress 1.3.3 Wordpress Wordpress 1.5 Wordpress Wordpress 1.5.1 Wordpress Wordpress 1.5.1.1 Wordpress Wordpress 1.5.1.2 Wordpress Wordpress 1.5.1.3 Wordpress Wordpress 1.5.2 Wordpress Wordpress 1.6.2 Wordpress Wordpress 2.0 Wordpress Wordpress 2.0.1 Wordpress Wordpress 2.0.2 Wordpress Wordpress 2.0.4 Wordpress Wordpress 2.0.5 Wordpress Wordpress 2.0.6 Wordpress Wordpress 2.0.7 Wordpress Wordpress 2.0.8 Wordpress Wordpress 2.0.9 Wordpress Wordpress 2.0.10 Wordpress Wordpress 2.0.11 Wordpress Wordpress 2.1 Wordpress Wordpress 2.1.1 Wordpress Wordpress 2.1.2 Wordpress Wordpress 2.1.3 Wordpress Wordpress 2.2 Wordpress Wordpress 2.2.1 Wordpress Wordpress 2.2.2 Wordpress Wordpress 2.2.3 Wordpress Wordpress 2.3 Wordpress Wordpress 2.3.1 Wordpress Wordpress 2.3.2 Wordpress Wordpress 2.3.3 Wordpress Wordpress 2.5 Wordpress Wordpress 2.5.1 Wordpress Wordpress 2.6 Wordpress Wordpress 2.6.1 Wordpress Wordpress 2.6.2 Wordpress Wordpress 2.6.3 Wordpress Wordpress 2.6.5 Wordpress Wordpress 2.7 Wordpress Wordpress 2.7.1 Wordpress Wordpress 2.8 Wordpress Wordpress 2.8.1 Wordpress Wordpress 2.8.2 Wordpress Wordpress 2.8.3 Wordpress Wordpress 2.8.4 Wordpress Wordpress 2.8.5 Wordpress Wordpress 2.8.5.1 Wordpress Wordpress 2.8.5.2 Wordpress Wordpress 2.8.6 Wordpress Wordpress 2.9 Wordpress Wordpress 2.9.1 Wordpress Wordpress 2.9.1.1 Wordpress Wordpress 2.9.2 Wordpress Wordpress 3.0 Wordpress Wordpress 3.0.1 Wordpress Wordpress 3.0.2 Wordpress Wordpress 3.0.3 Wordpress Wordpress 3.0.4 Wordpress Wordpress 3.0.5 Wordpress Wordpress 3.0.6 Wordpress Wordpress 3.1 Wordpress Wordpress 3.1.1 Wordpress Wordpress 3.1.2 Wordpress Wordpress 3.1.3 Wordpress Wordpress 3.1.4 Wordpress Wordpress 3.2 Wordpress Wordpress 3.2.1 Wordpress Wordpress 3.3 Wordpress Wordpress 3.3.1 Wordpress Wordpress 3.3.2 Wordpress Wordpress 3.3.3 Wordpress Wordpress 3.4.0 Wordpress Wordpress 3.4.1 Wordpress Wordpress 3.4.2 Wordpress Wordpress 3.5.0 Wordpress Wordpress 3.5.1 Wordpress Wordpress 3.6 Wordpress Wordpress 3.6.1 Wordpress Wordpress 3.7 Wordpress Wordpress Wordpress Wordpress 3.8 Wordpress Wordpress 3.8.1

4.3

CVSSv2

Multiple cross-site scripting (XSS) vulnerabilities in WordPress before 3.5.1 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) gallery shortcodes or (2) the content of a post....

Wordpress Wordpress 0.71 Wordpress Wordpress 1.0 Wordpress Wordpress 1.0.1 Wordpress Wordpress 1.0.2 Wordpress Wordpress 1.1.1 Wordpress Wordpress 1.2 Wordpress Wordpress 1.2.1 Wordpress Wordpress 1.2.2 Wordpress Wordpress 1.2.3 Wordpress Wordpress 1.2.4 Wordpress Wordpress 1.2.5 Wordpress Wordpress 1.3 Wordpress Wordpress 1.3.2 Wordpress Wordpress 1.3.3 Wordpress Wordpress 1.5 Wordpress Wordpress 1.5.1 Wordpress Wordpress 1.5.1.1 Wordpress Wordpress 1.5.1.2 Wordpress Wordpress 1.5.1.3 Wordpress Wordpress 1.5.2 Wordpress Wordpress 1.6.2 Wordpress Wordpress 2.0 Wordpress Wordpress 2.0.1 Wordpress Wordpress 2.0.2 Wordpress Wordpress 2.0.4 Wordpress Wordpress 2.0.5 Wordpress Wordpress 2.0.6 Wordpress Wordpress 2.0.7 Wordpress Wordpress 2.0.8 Wordpress Wordpress 2.0.9 Wordpress Wordpress 2.0.10 Wordpress Wordpress 2.0.11 Wordpress Wordpress 2.1 Wordpress Wordpress 2.1.1 Wordpress Wordpress 2.1.2 Wordpress Wordpress 2.1.3 Wordpress Wordpress 2.2 Wordpress Wordpress 2.2.1 Wordpress Wordpress 2.2.2 Wordpress Wordpress 2.2.3 Wordpress Wordpress 2.3 Wordpress Wordpress 2.3.1 Wordpress Wordpress 2.3.2 Wordpress Wordpress 2.3.3 Wordpress Wordpress 2.5 Wordpress Wordpress 2.5.1 Wordpress Wordpress 2.6 Wordpress Wordpress 2.6.1 Wordpress Wordpress 2.6.2 Wordpress Wordpress 2.6.3 Wordpress Wordpress 2.6.5 Wordpress Wordpress 2.7 Wordpress Wordpress 2.7.1 Wordpress Wordpress 2.8 Wordpress Wordpress 2.8.1 Wordpress Wordpress 2.8.2 Wordpress Wordpress 2.8.3 Wordpress Wordpress 2.8.4 Wordpress Wordpress 2.8.5 Wordpress Wordpress 2.8.5.1 Wordpress Wordpress 2.8.5.2 Wordpress Wordpress 2.8.6 Wordpress Wordpress 2.9 Wordpress Wordpress 2.9.1 Wordpress Wordpress 2.9.1.1 Wordpress Wordpress 2.9.2 Wordpress Wordpress 3.3 Wordpress Wordpress 3.3.1 Wordpress Wordpress 3.3.2 Wordpress Wordpress 3.3.3 Wordpress Wordpress 3.4.0 Wordpress Wordpress 3.4.1 Wordpress Wordpress 3.4.2 Wordpress Wordpress

5

CVSSv2

** DISPUTED ** wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier generates different error messages for requests lacking a dbname parameter depending on whether the MySQL credentials are valid, which makes it easier for remote attackers to...

Wordpress Wordpress 0.7 Wordpress Wordpress 0.71 Wordpress Wordpress 0.72 Wordpress Wordpress 0.711 Wordpress Wordpress 1.0 Wordpress Wordpress 1.0.1 Wordpress Wordpress 1.0.2 Wordpress Wordpress 1.2 Wordpress Wordpress 1.2.1 Wordpress Wordpress 1.2.2 Wordpress Wordpress 1.5 Wordpress Wordpress 1.5.1 Wordpress Wordpress 1.5.1.2 Wordpress Wordpress 1.5.1.3 Wordpress Wordpress 1.5.2 Wordpress Wordpress 2.0 Wordpress Wordpress 2.0.1 Wordpress Wordpress 2.0.2 Wordpress Wordpress 2.0.3 Wordpress Wordpress 2.0.4 Wordpress Wordpress 2.0.5 Wordpress Wordpress 2.0.6 Wordpress Wordpress 2.0.7 Wordpress Wordpress 2.0.8 Wordpress Wordpress 2.0.9 Wordpress Wordpress 2.0.10 Wordpress Wordpress 2.0.11 Wordpress Wordpress 2.1 Wordpress Wordpress 2.1.1 Wordpress Wordpress 2.1.2 Wordpress Wordpress 2.1.3 Wordpress Wordpress 2.2 Wordpress Wordpress 2.2.1 Wordpress Wordpress 2.2.2 Wordpress Wordpress 2.2.3 Wordpress Wordpress 2.3 Wordpress Wordpress 2.3.1 Wordpress Wordpress 2.3.2 Wordpress Wordpress 2.3.3 Wordpress Wordpress 2.5 Wordpress Wordpress 2.5.1 Wordpress Wordpress 2.6 Wordpress Wordpress 2.6.1 Wordpress Wordpress 2.6.2 Wordpress Wordpress 2.6.3 Wordpress Wordpress 2.6.5 Wordpress Wordpress 2.7 Wordpress Wordpress 2.7.1 Wordpress Wordpress 2.8 Wordpress Wordpress 2.8.1 Wordpress Wordpress 2.8.2 Wordpress Wordpress 2.8.3 Wordpress Wordpress 2.8.4 Wordpress Wordpress 2.8.5 Wordpress Wordpress 2.8.6 Wordpress Wordpress 2.9 Wordpress Wordpress 2.9.1 Wordpress Wordpress 2.9.2 Wordpress Wordpress 3.0 Wordpress Wordpress 3.0.1 Wordpress Wordpress 3.0.2 Wordpress Wordpress 3.0.3 Wordpress Wordpress 3.0.4 Wordpress Wordpress 3.0.5 Wordpress Wordpress 3.0.6 Wordpress Wordpress 3.1 Wordpress Wordpress 3.1.1 Wordpress Wordpress 3.1.2 Wordpress Wordpress 3.1.3 Wordpress Wordpress 3.1.4 Wordpress Wordpress 3.2.1 Wordpress Wordpress 3.3 Wordpress Wordpress1 EDB exploit available

4.3

CVSSv2

Cross-site scripting (XSS) vulnerability in WordPress before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors....

Wordpress Wordpress 0.71 Wordpress Wordpress 1.0 Wordpress Wordpress 1.0.1 Wordpress Wordpress 1.0.2 Wordpress Wordpress 1.1.1 Wordpress Wordpress 1.2 Wordpress Wordpress 1.2.1 Wordpress Wordpress 1.2.2 Wordpress Wordpress 1.2.3 Wordpress Wordpress 1.2.4 Wordpress Wordpress 1.2.5 Wordpress Wordpress 1.3 Wordpress Wordpress 1.3.2 Wordpress Wordpress 1.3.3 Wordpress Wordpress 1.5 Wordpress Wordpress 1.5.1 Wordpress Wordpress 1.5.1.1 Wordpress Wordpress 1.5.1.2 Wordpress Wordpress 1.5.1.3 Wordpress Wordpress 1.5.2 Wordpress Wordpress 2.0 Wordpress Wordpress 2.0.1 Wordpress Wordpress 2.0.2 Wordpress Wordpress 2.0.4 Wordpress Wordpress 2.0.5 Wordpress Wordpress 2.0.6 Wordpress Wordpress 2.0.7 Wordpress Wordpress 2.0.8 Wordpress Wordpress 2.0.9 Wordpress Wordpress 2.0.10 Wordpress Wordpress 2.0.11 Wordpress Wordpress 2.1 Wordpress Wordpress 2.1.1 Wordpress Wordpress 2.1.2 Wordpress Wordpress 2.1.3 Wordpress Wordpress 2.2 Wordpress Wordpress 2.2.1 Wordpress Wordpress 2.2.2 Wordpress Wordpress 2.2.3 Wordpress Wordpress 2.3 Wordpress Wordpress 2.3.1 Wordpress Wordpress 2.3.2 Wordpress Wordpress 2.3.3 Wordpress Wordpress 2.5 Wordpress Wordpress 2.5.1 Wordpress Wordpress 2.6 Wordpress Wordpress 2.6.1 Wordpress Wordpress 2.6.2 Wordpress Wordpress 2.6.3 Wordpress Wordpress 2.6.5 Wordpress Wordpress 2.7 Wordpress Wordpress 2.7.1 Wordpress Wordpress 2.8 Wordpress Wordpress 2.8.1 Wordpress Wordpress 2.8.2 Wordpress Wordpress 2.8.3 Wordpress Wordpress 2.8.4 Wordpress Wordpress 2.8.5 Wordpress Wordpress 2.8.5.1 Wordpress Wordpress 2.8.5.2 Wordpress Wordpress 2.8.6 Wordpress Wordpress 2.9 Wordpress Wordpress 2.9.1 Wordpress Wordpress 2.9.1.1 Wordpress Wordpress 2.9.2 Wordpress Wordpress 3.0 Wordpress Wordpress 3.0.1 Wordpress Wordpress 3.0.2 Wordpress Wordpress 3.0.3 Wordpress Wordpress 3.0.4 Wordpress Wordpress 3.0.5 Wordpress Wordpress 3.0.6 Wordpress Wordpress

5

CVSSv2

** DISPUTED ** wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not limit the number of MySQL queries sent to external MySQL database servers, which allows remote attackers to use WordPress as a proxy for brute-force attacks or denial...

Wordpress Wordpress 0.7 Wordpress Wordpress 0.71 Wordpress Wordpress 0.72 Wordpress Wordpress 0.711 Wordpress Wordpress 1.0 Wordpress Wordpress 1.0.1 Wordpress Wordpress 1.0.2 Wordpress Wordpress 1.2 Wordpress Wordpress 1.2.1 Wordpress Wordpress 1.2.2 Wordpress Wordpress 1.5 Wordpress Wordpress 1.5.1 Wordpress Wordpress 1.5.1.2 Wordpress Wordpress 1.5.1.3 Wordpress Wordpress 1.5.2 Wordpress Wordpress 2.0 Wordpress Wordpress 2.0.1 Wordpress Wordpress 2.0.2 Wordpress Wordpress 2.0.3 Wordpress Wordpress 2.0.4 Wordpress Wordpress 2.0.5 Wordpress Wordpress 2.0.6 Wordpress Wordpress 2.0.7 Wordpress Wordpress 2.0.8 Wordpress Wordpress 2.0.9 Wordpress Wordpress 2.0.10 Wordpress Wordpress 2.0.11 Wordpress Wordpress 2.1 Wordpress Wordpress 2.1.1 Wordpress Wordpress 2.1.2 Wordpress Wordpress 2.1.3 Wordpress Wordpress 2.2 Wordpress Wordpress 2.2.1 Wordpress Wordpress 2.2.2 Wordpress Wordpress 2.2.3 Wordpress Wordpress 2.3 Wordpress Wordpress 2.3.1 Wordpress Wordpress 2.3.2 Wordpress Wordpress 2.3.3 Wordpress Wordpress 2.5 Wordpress Wordpress 2.5.1 Wordpress Wordpress 2.6 Wordpress Wordpress 2.6.1 Wordpress Wordpress 2.6.2 Wordpress Wordpress 2.6.3 Wordpress Wordpress 2.6.5 Wordpress Wordpress 2.7 Wordpress Wordpress 2.7.1 Wordpress Wordpress 2.8 Wordpress Wordpress 2.8.1 Wordpress Wordpress 2.8.2 Wordpress Wordpress 2.8.3 Wordpress Wordpress 2.8.4 Wordpress Wordpress 2.8.5 Wordpress Wordpress 2.8.6 Wordpress Wordpress 2.9 Wordpress Wordpress 2.9.1 Wordpress Wordpress 2.9.2 Wordpress Wordpress 3.0 Wordpress Wordpress 3.0.1 Wordpress Wordpress 3.0.2 Wordpress Wordpress 3.0.3 Wordpress Wordpress 3.0.4 Wordpress Wordpress 3.0.5 Wordpress Wordpress 3.0.6 Wordpress Wordpress 3.1 Wordpress Wordpress 3.1.1 Wordpress Wordpress 3.1.2 Wordpress Wordpress 3.1.3 Wordpress Wordpress 3.1.4 Wordpress Wordpress 3.2.1 Wordpress Wordpress 3.3 Wordpress Wordpress1 EDB exploit available

5

CVSSv2

The make_clickable function in wp-includes/formatting.php in WordPress before 3.1.1 does not properly check URLs before passing them to the PCRE library, which allows remote attackers to cause a denial of service (crash) via a comment with a crafted URL that triggers many...

Wordpress Wordpress 0.71 Wordpress Wordpress 1.0 Wordpress Wordpress 1.0.1 Wordpress Wordpress 1.0.2 Wordpress Wordpress 1.1.1 Wordpress Wordpress 1.2 Wordpress Wordpress 1.2.1 Wordpress Wordpress 1.2.2 Wordpress Wordpress 1.2.3 Wordpress Wordpress 1.2.4 Wordpress Wordpress 1.2.5 Wordpress Wordpress 1.3 Wordpress Wordpress 1.3.2 Wordpress Wordpress 1.3.3 Wordpress Wordpress 1.5 Wordpress Wordpress 1.5.1 Wordpress Wordpress 1.5.1.1 Wordpress Wordpress 1.5.1.2 Wordpress Wordpress 1.5.1.3 Wordpress Wordpress 1.5.2 Wordpress Wordpress 2.0 Wordpress Wordpress 2.0.1 Wordpress Wordpress 2.0.2 Wordpress Wordpress 2.0.4 Wordpress Wordpress 2.0.5 Wordpress Wordpress 2.0.6 Wordpress Wordpress 2.0.7 Wordpress Wordpress 2.0.8 Wordpress Wordpress 2.0.9 Wordpress Wordpress 2.0.10 Wordpress Wordpress 2.0.11 Wordpress Wordpress 2.1 Wordpress Wordpress 2.1.1 Wordpress Wordpress 2.1.2 Wordpress Wordpress 2.1.3 Wordpress Wordpress 2.2 Wordpress Wordpress 2.2.1 Wordpress Wordpress 2.2.2 Wordpress Wordpress 2.2.3 Wordpress Wordpress 2.3 Wordpress Wordpress 2.3.1 Wordpress Wordpress 2.3.2 Wordpress Wordpress 2.3.3 Wordpress Wordpress 2.5 Wordpress Wordpress 2.5.1 Wordpress Wordpress 2.6 Wordpress Wordpress 2.6.1 Wordpress Wordpress 2.6.2 Wordpress Wordpress 2.6.3 Wordpress Wordpress 2.6.5 Wordpress Wordpress 2.7 Wordpress Wordpress 2.7.1 Wordpress Wordpress 2.8 Wordpress Wordpress 2.8.1 Wordpress Wordpress 2.8.2 Wordpress Wordpress 2.8.3 Wordpress Wordpress 2.8.4 Wordpress Wordpress 2.8.5 Wordpress Wordpress 2.8.5.1 Wordpress Wordpress 2.8.5.2 Wordpress Wordpress 2.8.6 Wordpress Wordpress 2.9 Wordpress Wordpress 2.9.1 Wordpress Wordpress 2.9.1.1 Wordpress Wordpress 2.9.2 Wordpress Wordpress 3.0 Wordpress Wordpress 3.0.1 Wordpress Wordpress 3.0.2 Wordpress Wordpress 3.0.3 Wordpress Wordpress 3.0.4 Wordpress Wordpress 3.0.5 Wordpress Wordpress 3.0.6 Wordpress Wordpress

5.5

CVSSv2

wp-admin/plugins.php in WordPress before 3.3.2 allows remote authenticated site administrators to bypass intended access restrictions and deactivate network-wide plugins via unspecified vectors....

Wordpress Wordpress 0.71 Wordpress Wordpress 1.0 Wordpress Wordpress 1.0.1 Wordpress Wordpress 1.0.2 Wordpress Wordpress 1.1.1 Wordpress Wordpress 1.2 Wordpress Wordpress 1.2.1 Wordpress Wordpress 1.2.2 Wordpress Wordpress 1.2.3 Wordpress Wordpress 1.2.4 Wordpress Wordpress 1.2.5 Wordpress Wordpress 1.3 Wordpress Wordpress 1.3.2 Wordpress Wordpress 1.3.3 Wordpress Wordpress 1.5 Wordpress Wordpress 1.5.1 Wordpress Wordpress 1.5.1.1 Wordpress Wordpress 1.5.1.2 Wordpress Wordpress 1.5.1.3 Wordpress Wordpress 1.5.2 Wordpress Wordpress 2.0 Wordpress Wordpress 2.0.1 Wordpress Wordpress 2.0.2 Wordpress Wordpress 2.0.4 Wordpress Wordpress 2.0.5 Wordpress Wordpress 2.0.6 Wordpress Wordpress 2.0.7 Wordpress Wordpress 2.0.8 Wordpress Wordpress 2.0.9 Wordpress Wordpress 2.0.10 Wordpress Wordpress 2.0.11 Wordpress Wordpress 2.1 Wordpress Wordpress 2.1.1 Wordpress Wordpress 2.1.2 Wordpress Wordpress 2.1.3 Wordpress Wordpress 2.2 Wordpress Wordpress 2.2.1 Wordpress Wordpress 2.2.2 Wordpress Wordpress 2.2.3 Wordpress Wordpress 2.3 Wordpress Wordpress 2.3.1 Wordpress Wordpress 2.3.2 Wordpress Wordpress 2.3.3 Wordpress Wordpress 2.5 Wordpress Wordpress 2.5.1 Wordpress Wordpress 2.6 Wordpress Wordpress 2.6.1 Wordpress Wordpress 2.6.2 Wordpress Wordpress 2.6.3 Wordpress Wordpress 2.6.5 Wordpress Wordpress 2.7 Wordpress Wordpress 2.7.1 Wordpress Wordpress 2.8 Wordpress Wordpress 2.8.1 Wordpress Wordpress 2.8.2 Wordpress Wordpress 2.8.3 Wordpress Wordpress 2.8.4 Wordpress Wordpress 2.8.5 Wordpress Wordpress 2.8.5.1 Wordpress Wordpress 2.8.5.2 Wordpress Wordpress 2.8.6 Wordpress Wordpress 2.9 Wordpress Wordpress 2.9.1 Wordpress Wordpress 2.9.1.1 Wordpress Wordpress 2.9.2 Wordpress Wordpress 3.0 Wordpress Wordpress 3.0.1 Wordpress Wordpress 3.0.2 Wordpress Wordpress 3.0.3 Wordpress Wordpress 3.0.4 Wordpress Wordpress 3.0.5 Wordpress Wordpress 3.0.6 Wordpress Wordpress 3.1 Wordpress Wordpress 3.1.1 Wordpress Wordpress 3.1.2 Wordpress Wordpress 3.1.3 Wordpress Wordpress 3.3 Wordpress Wordpress

Get Started

« PREV 1 2 3 4 5 6 7 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook