Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

CMS

WordPress

WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system referred to within WordPress as Themes.

Official Site:

https://wordpress.org

Severity Summary:

Critical: 136 High: 508 Medium: 1729 Low: 18
Reference
Title
Severity
CVE-2013-0237
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2013-2199
WordPress Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2013-2200
WordPress Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2013-2201
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2013-2202
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2013-2203
WordPress Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2013-2204
WordPress Improper Input Validation Vulnerability
Medium
CVE-2015-3438
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2015-5730
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2011-3127
WordPress Improper Input Validation Vulnerability
Medium
CVE-2016-9263
WordPress Improper Input Validation Vulnerability
Medium
CVE-2017-6818
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2017-6819
WordPress Cross-Site Request Forgery (CSRF) Vulnerability
Medium
CVE-2017-8295
WordPress Weak Password Recovery Mechanism for Forgotten Password Vulnerability
Medium
CVE-2017-9061
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2017-9063
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2017-14718
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2017-14720
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2017-14721
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2017-14724
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2017-14725
WordPress URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Medium
CVE-2017-14726
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2017-14990
WordPress Cleartext Storage of Sensitive Information Vulnerability
Medium
CVE-2017-17092
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2017-6816
WordPress Incorrect Authorization Vulnerability
Medium
CVE-2017-17093
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2017-17094
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2018-5776
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2018-10100
WordPress URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Medium
CVE-2018-10101
WordPress URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Medium