Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

CMS

WordPress

WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system referred to within WordPress as Themes.

Official Site:

https://wordpress.org

Severity Summary:

Critical: 136 High: 508 Medium: 1729 Low: 18
Reference
Title
Severity
CVE-2018-10102
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2018-20147
WordPress Incorrect Authorization Vulnerability
Medium
CVE-2018-20149
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2018-20150
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2018-20152
WordPress Improper Input Validation Vulnerability
Medium
CVE-2018-20153
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-8943
WordPress Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Medium
CVE-2017-6817
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2017-6815
WordPress Improper Input Validation Vulnerability
Medium
CVE-2015-5731
WordPress Cross-Site Request Forgery (CSRF) Vulnerability
Medium
CVE-2016-4567
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2015-5732
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2015-5733
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2015-5734
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2015-5714
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2015-5715
WordPress Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2015-7989
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2015-8834
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-28034
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-28038
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-28040
WordPress Cross-Site Request Forgery (CSRF) Vulnerability
Medium
CVE-2016-1564
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2016-4566
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2016-5833
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2017-6814
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2016-5834
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2016-6634
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2016-7168
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2016-7169
WordPress Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Medium
CVE-2017-5487
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium