Vulnerabilities (CVE)

Filtered by vendor Wordpress Subscribe
Filtered by product Wordpress
Total 564 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-26596 2 Elementor, Wordpress 2 Elementor Pro, Wordpress 2021-07-21 9.0 HIGH 8.8 HIGH
The Dynamic OOO widget for the Elementor Pro plugin through 3.0.5 for WordPress allows remote authenticated users to execute arbitrary code because only the Editor role is needed to upload executable PHP code via the PHP Raw snippet. NOTE: this issue can be mitigated by removing the Dynamic OOO widget or by restricting availability of the Editor role.
CVE-2019-8942 2 Debian, Wordpress 2 Debian Linux, Wordpress 2021-07-21 6.5 MEDIUM 8.8 HIGH
WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an _wp_attached_file Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image containing PHP code in the Exif metadata. Exploitation can leverage CVE-2019-8943.
CVE-2020-28035 1 Wordpress 1 Wordpress 2021-07-21 7.5 HIGH 9.8 CRITICAL
WordPress before 5.5.2 allows attackers to gain privileges via XML-RPC.
CVE-2020-28037 1 Wordpress 1 Wordpress 2021-07-21 7.5 HIGH 9.8 CRITICAL
is_blog_installed in wp-includes/functions.php in WordPress before 5.5.2 improperly determines whether WordPress is already installed, which might allow an attacker to perform a new installation, leading to remote code execution (as well as a denial of service for the old installation).
CVE-2019-17673 1 Wordpress 1 Wordpress 2021-07-21 5.0 MEDIUM 7.5 HIGH
WordPress before 5.2.4 is vulnerable to poisoning of the cache of JSON GET requests because certain requests lack a Vary: Origin header.
CVE-2020-28036 1 Wordpress 1 Wordpress 2021-07-21 7.5 HIGH 9.8 CRITICAL
wp-includes/class-wp-xmlrpc-server.php in WordPress before 5.5.2 allows attackers to gain privileges by using XML-RPC to comment on a post.
CVE-2021-29447 2 Debian, Wordpress 2 Debian Linux, Wordpress 2021-06-15 4.0 MEDIUM 6.5 MEDIUM
Wordpress is an open source CMS. A user with the ability to upload files (like an Author) can exploit an XML parsing issue in the Media Library leading to XXE attacks. This requires WordPress installation to be using PHP 8. Access to internal files is possible in a successful XXE attack. This has been patched in WordPress version 5.7.1, along with the older affected versions via a minor release. We strongly recommend you keep auto-updates enabled.
CVE-2020-36326 2 Phpmailer Project, Wordpress 2 Phpmailer, Wordpress 2021-06-14 7.5 HIGH 9.8 CRITICAL
PHPMailer 6.1.8 through 6.4.0 allows object injection through Phar Deserialization via addAttachment with a UNC pathname. NOTE: this is similar to CVE-2018-19296, but arose because 6.1.8 fixed a functionality problem in which UNC pathnames were always considered unreadable by PHPMailer, even in safe contexts. As an unintended side effect, this fix eliminated the code that blocked addAttachment exploitation.
CVE-2018-19296 4 Debian, Fedoraproject, Phpmailer Project and 1 more 4 Debian Linux, Fedora, Phpmailer and 1 more 2021-05-21 6.8 MEDIUM 8.8 HIGH
PHPMailer before 5.2.27 and 6.x before 6.0.6 is vulnerable to an object injection attack.
CVE-2021-29450 2 Debian, Wordpress 2 Debian Linux, Wordpress 2021-04-23 4.0 MEDIUM 4.3 MEDIUM
Wordpress is an open source CMS. One of the blocks in the WordPress editor can be exploited in a way that exposes password-protected posts and pages. This requires at least contributor privileges. This has been patched in WordPress 5.7.1, along with the older affected versions via minor releases. It's strongly recommended that you keep auto-updates enabled to receive the fix.
CVE-2008-5695 1 Wordpress 2 Wordpress, Wordpress Mu 2021-04-21 8.5 HIGH N/A
wp-admin/options.php in WordPress MU before 1.3.2, and WordPress 2.3.2 and earlier, does not properly validate requests to update an option, which allows remote authenticated users with manage_options and upload_files capabilities to execute arbitrary code by uploading a PHP script and adding this script's pathname to active_plugins.
CVE-2019-8943 1 Wordpress 1 Wordpress 2021-02-23 4.0 MEDIUM 6.5 MEDIUM
WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An attacker (who has privileges to crop an image) can write the output image to an arbitrary directory via a filename containing two image extensions and ../ sequences, such as a filename ending with the .jpg?/../../file.jpg substring.
CVE-2017-5611 3 Debian, Oracle, Wordpress 3 Debian Linux, Data Integrator, Wordpress 2021-01-30 7.5 HIGH 9.8 CRITICAL
SQL injection vulnerability in wp-includes/class-wp-query.php in WP_Query in WordPress before 4.7.2 allows remote attackers to execute arbitrary SQL commands by leveraging the presence of an affected plugin or theme that mishandles a crafted post type name.
CVE-2019-16223 1 Wordpress 1 Wordpress 2021-01-04 3.5 LOW 5.4 MEDIUM
WordPress before 5.2.3 allows XSS in post previews by authenticated users.
CVE-2020-4049 3 Debian, Fedoraproject, Wordpress 3 Debian Linux, Fedora, Wordpress 2020-12-23 3.5 LOW 2.4 LOW
In affected versions of WordPress, when uploading themes, the name of the theme folder can be crafted in a way that could lead to JavaScript execution in /wp-admin on the themes page. This does require an admin to upload the theme, and is low severity self-XSS. This has been patched in version 5.4.2, along with all the previously affected versions via a minor release (5.3.4, 5.2.7, 5.1.6, 5.0.10, 4.9.15, 4.8.14, 4.7.18, 4.6.19, 4.5.22, 4.4.23, 4.3.24, 4.2.28, 4.1.31, 4.0.31, 3.9.32, 3.8.34, 3.7.34).
CVE-2020-28038 1 Wordpress 1 Wordpress 2020-11-11 4.3 MEDIUM 6.1 MEDIUM
WordPress before 5.5.2 allows stored XSS via post slugs.
CVE-2020-28040 1 Wordpress 1 Wordpress 2020-11-11 4.3 MEDIUM 4.3 MEDIUM
WordPress before 5.5.2 allows CSRF attacks that change a theme's background image.
CVE-2020-28033 1 Wordpress 1 Wordpress 2020-11-11 5.0 MEDIUM 7.5 HIGH
WordPress before 5.5.2 mishandles embeds from disabled sites on a multisite network, as demonstrated by allowing a spam embed.
CVE-2020-28039 1 Wordpress 1 Wordpress 2020-11-11 6.4 MEDIUM 9.1 CRITICAL
is_protected_meta in wp-includes/meta.php in WordPress before 5.5.2 allows arbitrary file deletion because it does not properly determine whether a meta key is considered protected.
CVE-2020-28034 1 Wordpress 1 Wordpress 2020-11-11 4.3 MEDIUM 6.1 MEDIUM
WordPress before 5.5.2 allows XSS associated with global variables.