Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

CMS

WordPress

WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system referred to within WordPress as Themes.

Official Site:

https://wordpress.org

Severity Summary:

Critical: 136 High: 508 Medium: 1729 Low: 18
Reference
Title
Severity
No CVE number
WordPress 4.1.x Multiple Vulnerabilities
High
CVE-2016-5839
WordPress Vulnerability
High
CVE-2016-5838
WordPress Credentials Management Errors Vulnerability
High
CVE-2016-5837
WordPress Vulnerability
High
CVE-2016-5836
WordPress Vulnerability
High
CVE-2016-5835
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
High
No CVE number
WordPress 4.2.x Multiple Vulnerabilities
High
CVE-2017-5492
WordPress Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2016-6896
WordPress Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
High
CVE-2016-5832
WordPress Vulnerability
High
CVE-2018-12895
WordPress Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
High
CVE-2022-21663
WordPress Deserialization of Untrusted Data Vulnerability
High
CVE-2019-8942
WordPress Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2022-21664
WordPress Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2018-20151
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
High
CVE-2018-1000773
WordPress Improper Input Validation Vulnerability
High
CVE-2017-1000600
WordPress Improper Input Validation Vulnerability
High
CVE-2018-14028
WordPress Unrestricted Upload of File with Dangerous Type Vulnerability
High
CVE-2018-6389
WordPress Uncontrolled Resource Consumption Vulnerability
High
CVE-2017-1001000
WordPress Vulnerability
High
CVE-2017-17091
WordPress Use of Insufficiently Random Values Vulnerability
High
CVE-2017-14722
WordPress Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
High
CVE-2017-14719
WordPress Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
High
CVE-2017-9066
WordPress Server-Side Request Forgery (SSRF) Vulnerability
High
CVE-2017-9065
WordPress Improper Input Validation Vulnerability
High
CVE-2017-9064
WordPress Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2017-9062
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
High
No CVE number
WordPress 4.3.x Multiple Vulnerabilities
High
No CVE number
WordPress 4.4.x Multiple Vulnerabilities
High
CVE-2023-5561
WordPress 4.3.x Multiple Vulnerabilities
High