Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Wordpress Subscribe
Filtered by product Wordpress
Total 581 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-28033 3 Debian, Fedoraproject, Wordpress 3 Debian Linux, Fedora, Wordpress 2022-06-29 5.0 MEDIUM 7.5 HIGH
WordPress before 5.5.2 mishandles embeds from disabled sites on a multisite network, as demonstrated by allowing a spam embed.
CVE-2020-28037 3 Debian, Fedoraproject, Wordpress 3 Debian Linux, Fedora, Wordpress 2022-04-28 7.5 HIGH 9.8 CRITICAL
is_blog_installed in wp-includes/functions.php in WordPress before 5.5.2 improperly determines whether WordPress is already installed, which might allow an attacker to perform a new installation, leading to remote code execution (as well as a denial of service for the old installation).
CVE-2020-28036 3 Debian, Fedoraproject, Wordpress 3 Debian Linux, Fedora, Wordpress 2022-04-28 7.5 HIGH 9.8 CRITICAL
wp-includes/class-wp-xmlrpc-server.php in WordPress before 5.5.2 allows attackers to gain privileges by using XML-RPC to comment on a post.
CVE-2020-28035 3 Debian, Fedoraproject, Wordpress 3 Debian Linux, Fedora, Wordpress 2022-04-28 7.5 HIGH 9.8 CRITICAL
WordPress before 5.5.2 allows attackers to gain privileges via XML-RPC.
CVE-2011-1762 1 Wordpress 1 Wordpress 2022-04-25 4.0 MEDIUM 6.5 MEDIUM
A flaw exists in Wordpress related to the 'wp-admin/press-this.php 'script improperly checking user permissions when publishing posts. This may allow a user with 'Contributor-level' privileges to post as if they had 'publish_posts' permission.
CVE-2022-21664 3 Debian, Fedoraproject, Wordpress 3 Debian Linux, Fedora, Wordpress 2022-04-12 6.5 MEDIUM 8.8 HIGH
WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to lack of proper sanitization in one of the classes, there's potential for unintended SQL queries to be executed. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 4.1.34. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this issue.
CVE-2022-21662 2 Debian, Wordpress 2 Debian Linux, Wordpress 2022-04-12 3.5 LOW 5.4 MEDIUM
WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Low-privileged authenticated users (like author) in WordPress core are able to execute JavaScript/perform stored XSS attack, which can affect high-privileged users. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 3.7.37. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this issue.
CVE-2022-21661 3 Debian, Fedoraproject, Wordpress 3 Debian Linux, Fedora, Wordpress 2022-04-12 5.0 MEDIUM 7.5 HIGH
WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to improper sanitization in WP_Query, there can be cases where SQL injection is possible through plugins or themes that use it in a certain way. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 3.7.37. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this vulnerability.
CVE-2019-17673 2 Debian, Wordpress 2 Debian Linux, Wordpress 2022-03-31 5.0 MEDIUM 7.5 HIGH
WordPress before 5.2.4 is vulnerable to poisoning of the cache of JSON GET requests because certain requests lack a Vary: Origin header.
CVE-2021-39200 2 Debian, Wordpress 2 Debian Linux, Wordpress 2021-12-14 4.3 MEDIUM 5.3 MEDIUM
WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions output data of the function wp_die() can be leaked under certain conditions, which can include data like nonces. It can then be used to perform actions on your behalf. This has been patched in WordPress 5.8.1, along with any older affected versions via minor releases. It's strongly recommended that you keep auto-updates enabled to receive the fix.
CVE-2021-39201 2 Debian, Wordpress 2 Debian Linux, Wordpress 2021-12-14 3.5 LOW 5.4 MEDIUM
WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. ### Impact The issue allows an authenticated but low-privileged user (like contributor/author) to execute XSS in the editor. This bypasses the restrictions imposed on users who do not have the permission to post `unfiltered_html`. ### Patches This has been patched in WordPress 5.8, and will be pushed to older versions via minor releases (automatic updates). It's strongly recommended that you keep auto-updates enabled to receive the fix. ### References https://wordpress.org/news/category/releases/ https://hackerone.com/reports/1142140 ### For more information If you have any questions or comments about this advisory: * Open an issue in [HackerOne](https://hackerone.com/wordpress)
CVE-2021-44223 1 Wordpress 1 Wordpress 2021-11-29 7.5 HIGH 9.8 CRITICAL
WordPress before 5.8 lacks support for the Update URI plugin header. This makes it easier for remote attackers to execute arbitrary code via a supply-chain attack against WordPress installations that use any plugin for which the slug satisfies the naming constraints of the WordPress.org Plugin Directory but is not yet present in that directory.
CVE-2018-12895 2 Debian, Wordpress 2 Debian Linux, Wordpress 2021-11-05 6.5 MEDIUM 8.8 HIGH
WordPress through 4.9.6 allows Author users to execute arbitrary code by leveraging directory traversal in the wp-admin/post.php thumb parameter, which is passed to the PHP unlink function and can delete the wp-config.php file. This is related to missing filename validation in the wp-includes/post.php wp_delete_attachment function. The attacker must have capabilities for files and posts that are normally available only to the Author, Editor, and Administrator roles. The attack methodology is to delete wp-config.php and then launch a new installation process to increase the attacker's privileges.
CVE-2016-10033 3 Joomla, Phpmailer Project, Wordpress 3 Joomla\!, Phpmailer, Wordpress 2021-09-30 7.5 HIGH 9.8 CRITICAL
The mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property.
CVE-2016-10045 3 Joomla, Phpmailer Project, Wordpress 3 Joomla\!, Phpmailer, Wordpress 2021-09-30 7.5 HIGH 9.8 CRITICAL
The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal escaping performed in the mail function in PHP. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-10033.
CVE-2008-4796 4 Debian, Nagios, Snoopy Project and 1 more 4 Debian Linux, Nagios, Snoopy and 1 more 2021-09-30 10.0 HIGH N/A
The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3 and earlier, as used in (1) ampache, (2) libphp-snoopy, (3) mahara, (4) mediamate, (5) opendb, (6) pixelpost, and possibly other products, allows remote attackers to execute arbitrary commands via shell metacharacters in https URLs.
CVE-2021-39202 1 Wordpress 1 Wordpress 2021-09-24 3.5 LOW 5.4 MEDIUM
WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions the widgets editor introduced in WordPress 5.8 beta 1 has improper handling of HTML input in the Custom HTML feature. This leads to stored XSS in the custom HTML widget. This has been patched in WordPress 5.8. It was only present during the testing/beta phase of WordPress 5.8.
CVE-2020-11028 2 Debian, Wordpress 2 Debian Linux, Wordpress 2021-09-14 4.3 MEDIUM 7.5 HIGH
In affected versions of WordPress, some private posts, which were previously public, can result in unauthenticated disclosure under a specific set of conditions. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33).
CVE-2012-0287 2 Microsoft, Wordpress 2 Internet Explorer, Wordpress 2021-07-23 2.6 LOW N/A
Cross-site scripting (XSS) vulnerability in wp-comments-post.php in WordPress 3.3.x before 3.3.1, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via the query string in a POST operation that is not properly handled by the "Duplicate comment detected" feature.
CVE-2019-8942 2 Debian, Wordpress 2 Debian Linux, Wordpress 2021-07-21 6.5 MEDIUM 8.8 HIGH
WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an _wp_attached_file Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image containing PHP code in the Exif metadata. Exploitation can leverage CVE-2019-8943.