Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2019-25746 |
|
SQL Injection in wordpress (CVE-2019-25746)
SQL injection in wordpress (CVE-2019-25746). Confidential information can be exposed externally.
|
| CVE-2018-25437 |
|
Vulnerability in wordpress (CVE-2018-25437)
vulnerability in wordpress (CVE-2018-25437). Confidential information can be exposed externally.
|
| CVE-2018-25436 |
|
Unrestricted File Upload in wordpress (CVE-2018-25436)
vulnerability in wordpress (CVE-2018-25436). Successful exploitation can lead to full system takeover.
|
| CVE-2016-20084 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2016-20084)
cross-site scripting in wordpress (CVE-2016-20084). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-20077 |
|
Vulnerability in wordpress (CVE-2016-20077)
vulnerability in wordpress (CVE-2016-20077). Confidential information can be exposed externally.
|
| CVE-2016-20078 |
|
Vulnerability in wordpress (CVE-2016-20078)
vulnerability in wordpress (CVE-2016-20078). Confidential information can be exposed externally.
|
| CVE-2016-20079 |
|
Vulnerability in wordpress (CVE-2016-20079)
vulnerability in wordpress (CVE-2016-20079). Confidential information can be exposed externally.
|
| CVE-2016-20080 |
|
Vulnerability in wordpress (CVE-2016-20080)
vulnerability in wordpress (CVE-2016-20080). Confidential information can be exposed externally.
|
| CVE-2016-20081 |
|
Path Traversal in wordpress (CVE-2016-20081)
path traversal in wordpress (CVE-2016-20081). Confidential information can be exposed externally.
|
| CVE-2016-20083 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2016-20083)
vulnerability in wordpress (CVE-2016-20083). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-20082 |
|
Vulnerability in wordpress (CVE-2016-20082)
vulnerability in wordpress (CVE-2016-20082). Confidential information can be exposed externally.
|
| CVE-2016-20070 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2016-20070)
cross-site scripting in wordpress (CVE-2016-20070). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-20071 |
|
SQL Injection in wordpress (CVE-2016-20071)
SQL injection in wordpress (CVE-2016-20071). Confidential information can be exposed externally.
|
| CVE-2016-20072 |
|
SQL Injection in wordpress (CVE-2016-20072)
SQL injection in wordpress (CVE-2016-20072). Confidential information can be exposed externally.
|
| CVE-2016-20073 |
|
SQL Injection in wordpress (CVE-2016-20073)
SQL injection in wordpress (CVE-2016-20073). Confidential information can be exposed externally.
|
| CVE-2016-20074 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2016-20074)
vulnerability in wordpress (CVE-2016-20074). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-20075 |
|
Authorization Flaw in wordpress (CVE-2016-20075)
vulnerability in wordpress (CVE-2016-20075). Successful exploitation can lead to full system takeover.
|
| CVE-2016-20076 |
|
Path Traversal in wordpress (CVE-2016-20076)
path traversal in wordpress (CVE-2016-20076). Confidential information can be exposed externally.
|
| CVE-2016-20067 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2016-20067)
vulnerability in wordpress (CVE-2016-20067). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-20068 |
|
SQL Injection in wordpress (CVE-2016-20068)
SQL injection in wordpress (CVE-2016-20068). Confidential information can be exposed externally.
|
| CVE-2016-20069 |
|
SQL Injection in wordpress (CVE-2016-20069)
SQL injection in wordpress (CVE-2016-20069). Confidential information can be exposed externally.
|
| CVE-2016-20066 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2016-20066)
cross-site scripting in wordpress (CVE-2016-20066). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8935 |
|
Vulnerability in wordpress (CVE-2026-8935)
vulnerability in wordpress (CVE-2026-8935). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8385 |
|
Information Disclosure in wordpress (CVE-2026-8385)
vulnerability in wordpress (CVE-2026-8385). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8386 |
|
Vulnerability in wordpress (CVE-2026-8386)
vulnerability in wordpress (CVE-2026-8386). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9278 |
|
Vulnerability in wordpress (CVE-2026-9278)
vulnerability in wordpress (CVE-2026-9278). Risk of unauthorized operations or information disclosure. Exploitable via ``unfiltered_html``.
|
| CVE-2025-15546 |
|
Vulnerability in wordpress (CVE-2025-15546)
vulnerability in wordpress (CVE-2025-15546). Data can be tampered with by attackers.
|
| CVE-2026-5513 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-5513)
cross-site scripting in wordpress (CVE-2026-5513). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-1291 |
|
Vulnerability in wordpress (CVE-2026-1291)
vulnerability in wordpress (CVE-2026-1291). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9629 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-9629)
cross-site scripting in wordpress (CVE-2026-9629). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-3297 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-3297)
cross-site scripting in wordpress (CVE-2026-3297). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-2470 |
|
Authorization Flaw in wordpress (CVE-2026-2470)
vulnerability in wordpress (CVE-2026-2470). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9134 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-9134)
cross-site scripting in wordpress (CVE-2026-9134). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9109 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-9109)
cross-site scripting in wordpress (CVE-2026-9109). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9062 |
|
Path Traversal in wordpress (CVE-2026-9062)
path traversal in wordpress (CVE-2026-9062). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9061 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-9061)
cross-site scripting in wordpress (CVE-2026-9061). Risk of unauthorized operations or information disclosure. Exploitable via ``unfiltered_html``.
|
| CVE-2026-9848 |
|
SQL Injection in wordpress (CVE-2026-9848)
SQL injection in wordpress (CVE-2026-9848). Confidential information can be exposed externally. Exploitable via ``posts_request``.
|
| CVE-2026-12089 |
|
Path Traversal in wordpress (CVE-2026-12089)
path traversal in wordpress (CVE-2026-12089). Confidential information can be exposed externally.
|
| CVE-2026-9269 |
|
Vulnerability in wordpress (CVE-2026-9269)
vulnerability in wordpress (CVE-2026-9269). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-47365 |
|
Vulnerability in wordpress (CVE-2026-47365)
vulnerability in wordpress (CVE-2026-47365). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9125 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-9125)
cross-site scripting in wordpress (CVE-2026-9125). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46698 |
|
SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-46698)
SSRF in wordpress (CVE-2026-46698). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46697 |
|
SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-46697)
SSRF in wordpress (CVE-2026-46697). Confidential information can be exposed externally.
|
| CVE-2026-10795 |
|
Vulnerability in wordpress (CVE-2026-10795)
vulnerability in wordpress (CVE-2026-10795). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2827 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-2827)
cross-site scripting in wordpress (CVE-2026-2827). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-3018 |
|
SQL Injection in wordpress (CVE-2026-3018)
SQL injection in wordpress (CVE-2026-3018). Confidential information can be exposed externally.
|
| CVE-2025-6254 |
|
Privilege Escalation in wordpress (CVE-2025-6254)
vulnerability in wordpress (CVE-2025-6254). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8853 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8853)
cross-site scripting in wordpress (CVE-2026-8853). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9019 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-9019)
cross-site scripting in wordpress (CVE-2026-9019). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8613 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8613)
cross-site scripting in wordpress (CVE-2026-8613). Risk of unauthorized operations or information disclosure.
|