Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2023-54352 |
|
Vulnerability in wordpress (CVE-2023-54352)
vulnerability in wordpress (CVE-2023-54352). Successful exploitation can lead to full system takeover.
|
| CVE-2024-58348 |
|
Unrestricted File Upload in wordpress (CVE-2024-58348)
vulnerability in wordpress (CVE-2024-58348). Successful exploitation can lead to full system takeover.
|
| CVE-2021-47983 |
|
Cross-Site Scripting (XSS) in c (CVE-2021-47983)
cross-site scripting in c (CVE-2021-47983). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-47984 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2021-47984)
cross-site scripting in wordpress (CVE-2021-47984). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-50953 |
|
Path Traversal in wordpress (CVE-2022-50953)
path traversal in wordpress (CVE-2022-50953). Confidential information can be exposed externally.
|
| CVE-2026-8839 |
|
Vulnerability in wordpress (CVE-2026-8839)
vulnerability in wordpress (CVE-2026-8839). Risk of unauthorized operations or information disclosure. Exploitable via ``edit_posts``.
|
| CVE-2026-8611 |
|
Vulnerability in wordpress (CVE-2026-8611)
vulnerability in wordpress (CVE-2026-8611). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9016 |
|
Vulnerability in wordpress (CVE-2026-9016)
vulnerability in wordpress (CVE-2026-9016). Risk of unauthorized operations or information disclosure. Exploitable via ``wp_ajax_nopriv_log_js_errors``.
|
| CVE-2026-9851 |
|
Vulnerability in wordpress (CVE-2026-9851)
vulnerability in wordpress (CVE-2026-9851). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9594 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-9594)
cross-site scripting in wordpress (CVE-2026-9594). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7624 |
|
Vulnerability in wordpress (CVE-2026-7624)
vulnerability in wordpress (CVE-2026-7624). Risk of unauthorized operations or information disclosure. Exploitable via ``sq_manage_settings``.
|
| CVE-2026-9829 |
|
SQL Injection in wordpress (CVE-2026-9829)
SQL injection in wordpress (CVE-2026-9829). Confidential information can be exposed externally.
|
| CVE-2026-9280 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-9280)
cross-site scripting in wordpress (CVE-2026-9280). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9197 |
|
Path Traversal in wordpress (CVE-2026-9197)
path traversal in wordpress (CVE-2026-9197). Confidential information can be exposed externally.
|
| CVE-2026-8991 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8991)
cross-site scripting in wordpress (CVE-2026-8991). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8978 |
|
SQL Injection in wordpress (CVE-2026-8978)
SQL injection in wordpress (CVE-2026-8978). Confidential information can be exposed externally.
|
| CVE-2026-8502 |
|
Vulnerability in wordpress (CVE-2026-8502)
vulnerability in wordpress (CVE-2026-8502). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7796 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-7796)
cross-site scripting in wordpress (CVE-2026-7796). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7795 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-7795)
cross-site scripting in wordpress (CVE-2026-7795). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7792 |
|
Vulnerability in wordpress (CVE-2026-7792)
vulnerability in wordpress (CVE-2026-7792). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7665 |
|
Vulnerability in wordpress (CVE-2026-7665)
vulnerability in wordpress (CVE-2026-7665). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7566 |
|
Unsafe Deserialization in wordpress (CVE-2026-7566)
vulnerability in wordpress (CVE-2026-7566). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7565 |
|
Path Traversal in wordpress (CVE-2026-7565)
path traversal in wordpress (CVE-2026-7565). Confidential information can be exposed externally.
|
| CVE-2026-7537 |
|
Unrestricted File Upload in wordpress (CVE-2026-7537)
vulnerability in wordpress (CVE-2026-7537). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2500 |
|
Path Traversal in csharp (CVE-2026-2500)
path traversal in csharp (CVE-2026-2500). Confidential information can be exposed externally. Exploitable via ``filename``.
|
| CVE-2026-9281 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-9281)
cross-site scripting in wordpress (CVE-2026-9281). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9008 |
|
Vulnerability in wordpress (CVE-2026-9008)
vulnerability in wordpress (CVE-2026-9008). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8901 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8901)
cross-site scripting in wordpress (CVE-2026-8901). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8438 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8438)
cross-site scripting in wordpress (CVE-2026-8438). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9719 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-9719)
vulnerability in wordpress (CVE-2026-9719). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9290 |
|
Path Traversal in wordpress (CVE-2026-9290)
path traversal in wordpress (CVE-2026-9290). Confidential information can be exposed externally.
|
| CVE-2026-8976 |
|
Vulnerability in wordpress (CVE-2026-8976)
vulnerability in wordpress (CVE-2026-8976). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8900 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8900)
cross-site scripting in wordpress (CVE-2026-8900). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7047 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-7047)
vulnerability in wordpress (CVE-2026-7047). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6448 |
|
SQL Injection in wordpress (CVE-2026-6448)
SQL injection in wordpress (CVE-2026-6448). Confidential information can be exposed externally.
|
| CVE-2026-8608 |
|
Vulnerability in wordpress (CVE-2026-8608)
vulnerability in wordpress (CVE-2026-8608). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8893 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8893)
cross-site scripting in wordpress (CVE-2026-8893). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10038 |
|
Vulnerability in wordpress (CVE-2026-10038)
vulnerability in wordpress (CVE-2026-10038). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-12656 |
|
Vulnerability in wordpress (CVE-2025-12656)
vulnerability in wordpress (CVE-2025-12656). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7654 |
|
Unsafe Deserialization in wordpress (CVE-2026-7654)
vulnerability in wordpress (CVE-2026-7654). Successful exploitation can lead to full system takeover. Exploitable via ``allowed_classes``.
|
| CVE-2026-7523 |
|
Vulnerability in wordpress (CVE-2026-7523)
vulnerability in wordpress (CVE-2026-7523). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5415 |
|
The WP Captcha PRO (the premium version of the Advanced Google reCAPTCHA plugin, both have the...
The WP Captcha PRO (the premium version of the Advanced Google reCAPTCHA plugin, both have the...
|
| CVE-2026-5411 |
|
The WP Captcha PRO (the premium version of the Advanced Google reCAPTCHA plugin, both have the...
The WP Captcha PRO (the premium version of the Advanced Google reCAPTCHA plugin, both have the...
|
| CVE-2026-10580 |
|
Vulnerability in wordpress (CVE-2026-10580)
vulnerability in wordpress (CVE-2026-10580). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10586 |
|
SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-10586)
SSRF in wordpress (CVE-2026-10586). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-25738 |
|
Vulnerability in wordpress (CVE-2019-25738)
vulnerability in wordpress (CVE-2019-25738). Successful exploitation can lead to full system takeover.
|
| CVE-2019-25742 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2019-25742)
cross-site scripting in wordpress (CVE-2019-25742). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-25744 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2019-25744)
cross-site scripting in wordpress (CVE-2019-25744). Risk of unauthorized operations or information disclosure.
|
| CVE-2019-25745 |
|
SQL Injection in wordpress (CVE-2019-25745)
SQL injection in wordpress (CVE-2019-25745). Confidential information can be exposed externally.
|
| CVE-2019-25743 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2019-25743)
cross-site scripting in wordpress (CVE-2019-25743). Risk of unauthorized operations or information disclosure.
|