Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

CMS

WordPress

WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system referred to within WordPress as Themes.

Official Site:

https://wordpress.org

Severity Summary:

Critical: 136 High: 508 Medium: 1729 Low: 18
Reference
Title
Severity
CVE-2006-3389
WordPress Other Vulnerability
Medium
CVE-2006-4743
WordPress Other Vulnerability
Medium
CVE-2006-5705
WordPress Other Vulnerability
Medium
CVE-2006-6017
WordPress Other Vulnerability
Medium
CVE-2006-6016
WordPress Other Vulnerability
Medium
CVE-2006-6808
WordPress Other Vulnerability
Medium
CVE-2019-16781
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-17672
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2007-0107
WordPress Other Vulnerability
Medium
CVE-2020-11026
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2008-4106
WordPress 2.6.1 Lost Password SQL Column Truncation Unauthorized Access Vulnerability
Medium
CVE-2009-2851
WordPress 2.8.1 Comment Author URI Cross-Site Scripting Vulnerability
Medium
CVE-2008-4769
WordPress 2.3.3 Directory Traversal Vulnerability
Medium
CVE-2009-2334
WordPress wp-admin/admin.php Module Configuration Security Bypass Vulnerability
Medium
CVE-2010-5106
WordPress xmlrpc.php Remote Security Bypass Vulnerability
Medium
CVE-2023-39999
WordPress Vulnerability
Medium
CVE-2023-5561
WordPress Vulnerability
Medium
CVE-2009-2432
WordPress Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2023-38000
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-2745
WordPress Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Medium
CVE-2020-4048
WordPress URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Medium
CVE-2020-4047
WordPress Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) Vulnerability
Medium
CVE-2020-11029
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-17671
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2020-4046
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-20043
WordPress Improper Privilege Management Vulnerability
Medium
CVE-2019-16780
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2011-1762
WordPress Incorrect Default Permissions Vulnerability
Medium
CVE-2021-39200
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2021-39201
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium