Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

CMS

WordPress

WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system referred to within WordPress as Themes.

Official Site:

https://wordpress.org

Severity Summary:

Critical: 136 High: 508 Medium: 1729 Low: 18
Reference
Title
Severity
CVE-2019-16217
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-16218
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-16219
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-16221
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-16222
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-16223
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2007-0109
WordPress Other Vulnerability
Medium
CVE-2007-0106
WordPress Other Vulnerability
Medium
CVE-2011-0701
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2008-5113
WordPress Cross-Site Request Forgery (CSRF) Vulnerability
Medium
CVE-2008-0192
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2008-0191
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2007-6677
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2008-0618
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2008-0617
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2008-0616
WordPress Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Medium
CVE-2008-0615
WordPress Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Medium
CVE-2008-0664
WordPress Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2008-1304
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2008-2068
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2008-3233
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2008-4106
WordPress Improper Input Validation Vulnerability
Medium
CVE-2008-5278
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2008-0195
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2008-6762
WordPress Improper Link Resolution Before File Access (Link Following) Vulnerability
Medium
CVE-2009-2334
WordPress Improper Authentication Vulnerability
Medium
CVE-2009-2335
WordPress Configuration Vulnerability
Medium
CVE-2009-2336
WordPress Configuration Vulnerability
Medium
CVE-2009-2431
WordPress Improper Input Validation Vulnerability
Medium
CVE-2009-2851
WordPress Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium