May 7 2018
|
WordPress Bugs Let Remote Users Conduct Redirect and Cross-Site Scritping Attacks
|
Feb 8 2018
|
WordPress 'load-scripts.php' Lets Remote Users Consume Excessive I/O Resources and Deny Service
|
Oct 11 2017
|
(Debian Issues Fix) WordPress Multiple Bugs Let Remote Users Conduct Cross-Site Scripting, SQL Injection, and Open Redirect Attacks
|
Oct 11 2017
|
(Debian Issues Fix) WordPress 'wp_signups.activation_key' Storage Method May Facilitate Remote Users in Hijacking User Accounts That Are Awaiting Activation
|
Oct 11 2017
|
WordPress 'wp_signups.activation_key' Storage Method May Facilitate Remote Users in Hijacking User Accounts That Are Awaiting Activation
|
Oct 11 2017
|
WordPress Multiple Bugs Let Remote Users Conduct Cross-Site Scripting, SQL Injection, and Open Redirect Attacks
|
May 18 2017
|
WordPress Multiple Flaws Let Remote Users Bypass Redirect Validation, Conduct Cross-Site Scripting Attacks, and Conduct Cross-Site Request Forgery Attacks
|
May 4 2017
|
WordPress Password Reset Server Name Validation Flaw Lets Remote Users Obtain Password Reset Information for the Target User in Certain Cases
|
Mar 7 2017
|
WordPress Multiple Flaws Let Remote Users Deny Service, Bypass URL Redirect Validation, Conduct Cross-Site Scripting Attacks, and Conduct Cross-Site Request Forgery Attacks
|
Jan 27 2017
|
WordPress Bugs Let Remote Users Conduct Cross-Site Scripting and SQL Injection Attacks, Obtain Potentially Sensitive Information, and Gain Elevated Privileges
|
Jan 13 2017
|
WordPress Bugs Let Remote Users Conduct Cross-Site Scripting and Cross-Site Request Forgery Attacks and Obtain Potentially Sensitive Information
|
Dec 26 2016
|
(WordPress Issues Fix) PHPMailer Input Validation Flaw Lets Remote Users Execute Arbitrary Code on the Target System
|
Sep 8 2016
|
WordPress Bugs Let Remote Users Conduct Cross-Site Scripting and Path Traversal Attacks
|
Aug 22 2016
|
WordPress Bugs Let Remote Users Conduct Cross-Site Request Forgery Attacks and Remote Authenticated Users Deny Service
|
Aug 11 2016
|
WordPress IP Address Format Handling Error Lets Remote Users Bypass Security Restrictions on the Target System
|
Jun 23 2016
|
WordPress Multiple Flaws Let Remote Users Modify Passwords, Deny Service, Obtain Potentially Sensitive Information, and Conduct Cross-Site Scripting and Open Redirect Attacks
|
May 10 2016
|
WordPress Input Validation Flaws in 'MediaElement' and 'Plupload' Let Remote Conduct Cross-Site Scripting Attacks
|
Feb 4 2016
|
WordPress Bugs Let Remote Users Conduct Server-Side Request Forgery and Open Redirect Attacks
|
Jan 8 2016
|
WordPress Input Validation Flaw in Error Messages Lets Remote Conduct Cross-Site Scripting Attacks
|
Oct 27 2015
|
WordPress Bugs Let Remote Users Conduct Cross-Site Scripting Attacks and Bypass Publishing Permission Checks
|
Aug 4 2015
|
WordPress Bugs Let Remote Users Conduct Cross-Site Scripting and SQL Injection Attacks
|
Jul 23 2015
|
WordPress Input Validation Flaws Let Remote Conduct Cross-Site Scripting Attacks
|
Jun 10 2015
|
WordPress Input Validation Flaw in wp_check_filetype() Lets Remote Authenticated Users With Upload Privileges Upload Arbitrary Files
|
Apr 28 2015
|
WordPress Input Validation Flaws Permit Cross-Site Scripting and SQL Injection Attacks
|
Apr 27 2015
|
WordPress Input Validation Flaw in Processing Large Comments Permits Cross-Site Scripting Attacks
|
Feb 13 2015
|
WordPress Weak Pseudorandom Number Generator Lets Remote Users Predict Password Reset Tokens
|
Nov 20 2014
|
WordPress Bugs Let Remote Users Conduct Cross-Site Scripting, Cross-Site Request Forgery, and Denial of Service Attacks
|
Aug 7 2014
|
WordPress Multiple Flaws Let Remote Users Deny Service, Execute Arbitrary Code, Conduct Cross-Site Scripting and Cross-Site Request Forgery Attacks, and Obtain Potentially Sensitive Information
|
Apr 11 2014
|
WordPress Bugs Let Remote Users Bypass Authentication and Remote Authenticated Users Gain Elevated Privileges
|
Sep 11 2013
|
WordPress Bugs Let Remote Authenticated Users Gain Elevated Privileges, Remote Users Execute Arbitrary Code, and Remote Users Conduct Redirect Attacks
|
Jun 25 2013
|
WordPress Bugs Permit Permits Cross-Site Scripting and Cross-Site Request Forgery Attacks and Let Remote Authenticate Users Gain Elevated Privileges
|
Jun 11 2013
|
WordPress Bug in 'class-phpass.php' Lets Remote Users Deny Service
|
Jan 25 2013
|
WordPress Bugs Permit Cross-Site Scripting and Port Scanning Attacks
|
Dec 20 2012
|
WordPress 'wp-login.php' Fails to Properly Terminate Sessions
|
Sep 26 2012
|
WordPress 'dashboard-widget-control-form' Bug Permits Cross-Site Request Forgery Attacks
|
Sep 7 2012
|
WordPress Bug Lets Users Gain Elevated Privileges and Multi-site Flaw Has Unspecified Impact
|
Jul 4 2012
|
WordPress Flaws Permit Cross-Site Scripting, Cross-Site Request Forgery, and Information Disclosure Attacks
|
Apr 24 2012
|
WordPress Bugs Permit Cross-Site Scripting Attacks and Let Remote Authenticated Users Disable Plugins
|
Jan 19 2012
|
WordPress Input Validation Flaw in 'wp-comments-post.php' Permits Cross-Site Scripting Attacks
|
Jun 30 2011
|
WordPress Lets Remote Authenticated Editors Gain Additional Access
|
May 26 2011
|
WordPress Flaw Let Remote Users Determine Valid Usernames and Other Bugs Have Unspecified Impact
|
May 5 2011
|
WordPress Lets Remote Authenticated Authors Upload Arbitrary Files and Execute Arbitrary Code
|
Apr 27 2011
|
WordPress Lets Contributors Bypass 'publish_posts' Access Check
|
Apr 6 2011
|
WordPress Bugs Permit Denial of Service, Cross-Site Scripting, and Cross-Site Request Forgery Attacks
|
Feb 8 2011
|
WordPress Input Validation Flaw Lets Remote Authenticated Contributors and Authors Conduct Cross-Site Scripting Attacks
|
Dec 29 2010
|
WordPress Input Validation Flaw in 'Content' Parameter Permits Cross-Site Scripting Attacks
|
Dec 9 2010
|
WordPress XML-RPC Interface Bug Lets Remote Authenticated Users Modify Posts
|
Dec 1 2010
|
WordPress Input Validation Flaw in do_trackbacks() Lets Remote Authenticated Users Inject SQL Commands
|
Aug 13 2010
|
WordPress Input Validation Flaw in 'wp-admin/plugins.php' Permits Cross-Site Scripting Attacks
|
Oct 21 2009
|
WordPress 'wp-trackbacks.php' Multi-byte Encodincg Detection Lets Remote Users Execute Arbitrary Code
|
Aug 11 2009
|
WordPress Input Validation Bug Lets Remote Users Reset the Administrative Password
|
Aug 5 2009
|
WordPress Lets Remote Authenticated Users Gain Elevated Privileges
|
Jul 22 2009
|
WordPress Input Validation Flaw in Comment Author URLs Permits Cross-Site Scripting Attacks
|
Jul 9 2009
|
WordPress Bugs Permit Cross-Site Scripting and Information Disclosure Attacks
|
Mar 11 2009
|
WordPress MU Input Validation Hole in HTTP Host Header Permits Cross-Site Scripting Attacks
|
Nov 26 2008
|
WordPress Input Validation Hole in Processing 'HTTP_HOST' HTTP Header Permits Cross-Site Scripting Attacks
|
Sep 15 2008
|
WordPress SQL Truncation and Password Generation Flaw Lets Remote Users Determine the Administrator's Password
|
Apr 25 2008
|
WordPress Authentication Cookie Integrity Flaw Lets Remote Users Gain Administrative Privileges
|
Mar 7 2008
|
WordPress Input Validation Holes in Invite Function Permit Cross-Site Scripting Attacks
|
Feb 7 2008
|
WordPress XML-RPC Bug Lets Remote Users Edit Arbitrary Posts
|
Dec 11 2007
|
WordPress Input Validation Flaw in Search Function Lets Remote Users Inject SQL Commands
|
Nov 19 2007
|
WordPress Cookie Authentication Flaw Lets Remote Users Access Accounts in Certain Cases
|
May 11 2005
|
WordPress Vulnerability Has Unspecified Impact
|
Dec 16 2004
|
(Vendor Issues Fix) WordPress Input Validation Hole Lets Remote Users Conduct Cross-Site Scripting Attacks
|
Oct 15 2004
|
(Gentoo Issues Fix) WordPress Input Validation Holes Permit Response Splitting Attacks
|
Oct 15 2004
|
(Gentoo Issues Fix) WordPress Input Validation Hole Lets Remote Users Conduct Cross-Site Scripting Attacks
|
Oct 11 2004
|
WordPress Input Validation Holes Permit Response Splitting Attacks
|
Sep 28 2004
|
WordPress Input Validation Hole Lets Remote Users Conduct Cross-Site Scripting Attacks
|
Jun 6 2003
|
WordPress Input Validation Flaw Lets Remote Users Inject SQL Commands and Execute Arbitrary PHP Code
|