SecurityTracker > View Topics > Vendor

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

Home | View Topics | Search | Contact Us |

View Topics > Vendor > wordpress.org

May 7 2018	WordPress Bugs Let Remote Users Conduct Redirect and Cross-Site Scritping Attacks
Feb 8 2018	WordPress 'load-scripts.php' Lets Remote Users Consume Excessive I/O Resources and Deny Service
Oct 11 2017	(Debian Issues Fix) WordPress Multiple Bugs Let Remote Users Conduct Cross-Site Scripting, SQL Injection, and Open Redirect Attacks
Oct 11 2017	(Debian Issues Fix) WordPress 'wp_signups.activation_key' Storage Method May Facilitate Remote Users in Hijacking User Accounts That Are Awaiting Activation
Oct 11 2017	WordPress 'wp_signups.activation_key' Storage Method May Facilitate Remote Users in Hijacking User Accounts That Are Awaiting Activation
Oct 11 2017	WordPress Multiple Bugs Let Remote Users Conduct Cross-Site Scripting, SQL Injection, and Open Redirect Attacks
May 18 2017	WordPress Multiple Flaws Let Remote Users Bypass Redirect Validation, Conduct Cross-Site Scripting Attacks, and Conduct Cross-Site Request Forgery Attacks
May 4 2017	WordPress Password Reset Server Name Validation Flaw Lets Remote Users Obtain Password Reset Information for the Target User in Certain Cases
Mar 7 2017	WordPress Multiple Flaws Let Remote Users Deny Service, Bypass URL Redirect Validation, Conduct Cross-Site Scripting Attacks, and Conduct Cross-Site Request Forgery Attacks
Jan 27 2017	WordPress Bugs Let Remote Users Conduct Cross-Site Scripting and SQL Injection Attacks, Obtain Potentially Sensitive Information, and Gain Elevated Privileges
Jan 13 2017	WordPress Bugs Let Remote Users Conduct Cross-Site Scripting and Cross-Site Request Forgery Attacks and Obtain Potentially Sensitive Information
Dec 26 2016	(WordPress Issues Fix) PHPMailer Input Validation Flaw Lets Remote Users Execute Arbitrary Code on the Target System
Sep 8 2016	WordPress Bugs Let Remote Users Conduct Cross-Site Scripting and Path Traversal Attacks
Aug 22 2016	WordPress Bugs Let Remote Users Conduct Cross-Site Request Forgery Attacks and Remote Authenticated Users Deny Service
Aug 11 2016	WordPress IP Address Format Handling Error Lets Remote Users Bypass Security Restrictions on the Target System
Jun 23 2016	WordPress Multiple Flaws Let Remote Users Modify Passwords, Deny Service, Obtain Potentially Sensitive Information, and Conduct Cross-Site Scripting and Open Redirect Attacks
May 10 2016	WordPress Input Validation Flaws in 'MediaElement' and 'Plupload' Let Remote Conduct Cross-Site Scripting Attacks
Feb 4 2016	WordPress Bugs Let Remote Users Conduct Server-Side Request Forgery and Open Redirect Attacks
Jan 8 2016	WordPress Input Validation Flaw in Error Messages Lets Remote Conduct Cross-Site Scripting Attacks
Oct 27 2015	WordPress Bugs Let Remote Users Conduct Cross-Site Scripting Attacks and Bypass Publishing Permission Checks
Aug 4 2015	WordPress Bugs Let Remote Users Conduct Cross-Site Scripting and SQL Injection Attacks
Jul 23 2015	WordPress Input Validation Flaws Let Remote Conduct Cross-Site Scripting Attacks
Jun 10 2015	WordPress Input Validation Flaw in wp_check_filetype() Lets Remote Authenticated Users With Upload Privileges Upload Arbitrary Files
Apr 28 2015	WordPress Input Validation Flaws Permit Cross-Site Scripting and SQL Injection Attacks
Apr 27 2015	WordPress Input Validation Flaw in Processing Large Comments Permits Cross-Site Scripting Attacks
Feb 13 2015	WordPress Weak Pseudorandom Number Generator Lets Remote Users Predict Password Reset Tokens
Nov 20 2014	WordPress Bugs Let Remote Users Conduct Cross-Site Scripting, Cross-Site Request Forgery, and Denial of Service Attacks
Aug 7 2014	WordPress Multiple Flaws Let Remote Users Deny Service, Execute Arbitrary Code, Conduct Cross-Site Scripting and Cross-Site Request Forgery Attacks, and Obtain Potentially Sensitive Information
Apr 11 2014	WordPress Bugs Let Remote Users Bypass Authentication and Remote Authenticated Users Gain Elevated Privileges
Sep 11 2013	WordPress Bugs Let Remote Authenticated Users Gain Elevated Privileges, Remote Users Execute Arbitrary Code, and Remote Users Conduct Redirect Attacks
Jun 25 2013	WordPress Bugs Permit Permits Cross-Site Scripting and Cross-Site Request Forgery Attacks and Let Remote Authenticate Users Gain Elevated Privileges
Jun 11 2013	WordPress Bug in 'class-phpass.php' Lets Remote Users Deny Service
Jan 25 2013	WordPress Bugs Permit Cross-Site Scripting and Port Scanning Attacks
Dec 20 2012	WordPress 'wp-login.php' Fails to Properly Terminate Sessions
Sep 26 2012	WordPress 'dashboard-widget-control-form' Bug Permits Cross-Site Request Forgery Attacks
Sep 7 2012	WordPress Bug Lets Users Gain Elevated Privileges and Multi-site Flaw Has Unspecified Impact
Jul 4 2012	WordPress Flaws Permit Cross-Site Scripting, Cross-Site Request Forgery, and Information Disclosure Attacks
Apr 24 2012	WordPress Bugs Permit Cross-Site Scripting Attacks and Let Remote Authenticated Users Disable Plugins
Jan 19 2012	WordPress Input Validation Flaw in 'wp-comments-post.php' Permits Cross-Site Scripting Attacks
Jun 30 2011	WordPress Lets Remote Authenticated Editors Gain Additional Access
May 26 2011	WordPress Flaw Let Remote Users Determine Valid Usernames and Other Bugs Have Unspecified Impact
May 5 2011	WordPress Lets Remote Authenticated Authors Upload Arbitrary Files and Execute Arbitrary Code
Apr 27 2011	WordPress Lets Contributors Bypass 'publish_posts' Access Check
Apr 6 2011	WordPress Bugs Permit Denial of Service, Cross-Site Scripting, and Cross-Site Request Forgery Attacks
Feb 8 2011	WordPress Input Validation Flaw Lets Remote Authenticated Contributors and Authors Conduct Cross-Site Scripting Attacks
Dec 29 2010	WordPress Input Validation Flaw in 'Content' Parameter Permits Cross-Site Scripting Attacks
Dec 9 2010	WordPress XML-RPC Interface Bug Lets Remote Authenticated Users Modify Posts
Dec 1 2010	WordPress Input Validation Flaw in do_trackbacks() Lets Remote Authenticated Users Inject SQL Commands
Aug 13 2010	WordPress Input Validation Flaw in 'wp-admin/plugins.php' Permits Cross-Site Scripting Attacks
Oct 21 2009	WordPress 'wp-trackbacks.php' Multi-byte Encodincg Detection Lets Remote Users Execute Arbitrary Code
Aug 11 2009	WordPress Input Validation Bug Lets Remote Users Reset the Administrative Password
Aug 5 2009	WordPress Lets Remote Authenticated Users Gain Elevated Privileges
Jul 22 2009	WordPress Input Validation Flaw in Comment Author URLs Permits Cross-Site Scripting Attacks
Jul 9 2009	WordPress Bugs Permit Cross-Site Scripting and Information Disclosure Attacks
Mar 11 2009	WordPress MU Input Validation Hole in HTTP Host Header Permits Cross-Site Scripting Attacks
Nov 26 2008	WordPress Input Validation Hole in Processing 'HTTP_HOST' HTTP Header Permits Cross-Site Scripting Attacks
Sep 15 2008	WordPress SQL Truncation and Password Generation Flaw Lets Remote Users Determine the Administrator's Password
Apr 25 2008	WordPress Authentication Cookie Integrity Flaw Lets Remote Users Gain Administrative Privileges
Mar 7 2008	WordPress Input Validation Holes in Invite Function Permit Cross-Site Scripting Attacks
Feb 7 2008	WordPress XML-RPC Bug Lets Remote Users Edit Arbitrary Posts
Dec 11 2007	WordPress Input Validation Flaw in Search Function Lets Remote Users Inject SQL Commands
Nov 19 2007	WordPress Cookie Authentication Flaw Lets Remote Users Access Accounts in Certain Cases
May 11 2005	WordPress Vulnerability Has Unspecified Impact
Dec 16 2004	(Vendor Issues Fix) WordPress Input Validation Hole Lets Remote Users Conduct Cross-Site Scripting Attacks
Oct 15 2004	(Gentoo Issues Fix) WordPress Input Validation Holes Permit Response Splitting Attacks
Oct 15 2004	(Gentoo Issues Fix) WordPress Input Validation Hole Lets Remote Users Conduct Cross-Site Scripting Attacks
Oct 11 2004	WordPress Input Validation Holes Permit Response Splitting Attacks
Sep 28 2004	WordPress Input Validation Hole Lets Remote Users Conduct Cross-Site Scripting Attacks
Jun 6 2003	WordPress Input Validation Flaw Lets Remote Users Inject SQL Commands and Execute Arbitrary PHP Code