Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-9067 |
|
Unrestricted File Upload in wordpress (CVE-2026-9067)
vulnerability in wordpress (CVE-2026-9067). Confidential information can be exposed externally.
|
| CVE-2026-9060 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-9060)
cross-site scripting in wordpress (CVE-2026-9060). Risk of unauthorized operations or information disclosure. Exploitable via ``unfiltered_html``.
|
| CVE-2026-8071 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8071)
cross-site scripting in wordpress (CVE-2026-8071). Successful exploitation can lead to full system takeover.
|
| CVE-2026-3326 |
|
SQL Injection in wordpress (CVE-2026-3326)
SQL injection in wordpress (CVE-2026-3326). Confidential information can be exposed externally.
|
| CVE-2025-8444 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2025-8444)
cross-site scripting in wordpress (CVE-2025-8444). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-20251 |
|
Code Injection in wordpress (CVE-2017-20251)
code injection in wordpress (CVE-2017-20251). Successful exploitation can lead to full system takeover.
|
| CVE-2017-20250 |
|
Path Traversal in wordpress (CVE-2017-20250)
path traversal in wordpress (CVE-2017-20250). Confidential information can be exposed externally.
|
| CVE-2017-20247 |
|
SQL Injection in wordpress (CVE-2017-20247)
SQL injection in wordpress (CVE-2017-20247). Confidential information can be exposed externally.
|
| CVE-2017-20246 |
|
SQL Injection in wordpress (CVE-2017-20246)
SQL injection in wordpress (CVE-2017-20246). Confidential information can be exposed externally.
|
| CVE-2017-20245 |
|
SQL Injection in wordpress (CVE-2017-20245)
SQL injection in wordpress (CVE-2017-20245). Confidential information can be exposed externally.
|
| CVE-2017-20244 |
|
SQL Injection in wordpress (CVE-2017-20244)
SQL injection in wordpress (CVE-2017-20244). Confidential information can be exposed externally.
|
| CVE-2017-20243 |
|
SQL Injection in wordpress (CVE-2017-20243)
SQL injection in wordpress (CVE-2017-20243). Confidential information can be exposed externally.
|
| CVE-2016-20065 |
|
SQL Injection in wordpress (CVE-2016-20065)
SQL injection in wordpress (CVE-2016-20065). Confidential information can be exposed externally.
|
| CVE-2016-20062 |
|
SQL Injection in wordpress (CVE-2016-20062)
SQL injection in wordpress (CVE-2016-20062). Confidential information can be exposed externally.
|
| CVE-2026-4058 |
|
Vulnerability in wordpress (CVE-2026-4058)
vulnerability in wordpress (CVE-2026-4058). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8599 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8599)
cross-site scripting in wordpress (CVE-2026-8599). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11616 |
|
Privilege Escalation in wordpress (CVE-2026-11616)
vulnerability in wordpress (CVE-2026-11616). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8365 |
|
Unsafe Deserialization in wordpress (CVE-2026-8365)
vulnerability in wordpress (CVE-2026-8365). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8677 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8677)
cross-site scripting in wordpress (CVE-2026-8677). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7542 |
|
Information Disclosure in wordpress (CVE-2026-7542)
vulnerability in wordpress (CVE-2026-7542). Confidential information can be exposed externally.
|
| CVE-2026-8981 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8981)
cross-site scripting in wordpress (CVE-2026-8981). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4986 |
|
Vulnerability in wordpress (CVE-2026-4986)
vulnerability in wordpress (CVE-2026-4986). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9662 |
|
Vulnerability in wordpress (CVE-2026-9662)
vulnerability in wordpress (CVE-2026-9662). Successful exploitation can lead to full system takeover. Exploitable via ``tpf``.
|
| CVE-2026-9185 |
|
Vulnerability in wordpress (CVE-2026-9185)
vulnerability in wordpress (CVE-2026-9185). Confidential information can be exposed externally. Exploitable via ``userId``.
|
| CVE-2026-8977 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8977)
cross-site scripting in wordpress (CVE-2026-8977). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8940 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-8940)
vulnerability in wordpress (CVE-2026-8940). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8910 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-8910)
vulnerability in wordpress (CVE-2026-8910). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8909 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-8909)
vulnerability in wordpress (CVE-2026-8909). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8907 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-8907)
vulnerability in wordpress (CVE-2026-8907). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8904 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-8904)
vulnerability in wordpress (CVE-2026-8904). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8902 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-8902)
vulnerability in wordpress (CVE-2026-8902). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8895 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8895)
cross-site scripting in wordpress (CVE-2026-8895). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8880 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8880)
cross-site scripting in wordpress (CVE-2026-8880). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7662 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-7662)
cross-site scripting in wordpress (CVE-2026-7662). Risk of unauthorized operations or information disclosure. Exploitable via ``epaperflip_embed``.
|
| CVE-2026-8499 |
|
Vulnerability in wordpress (CVE-2026-8499)
vulnerability in wordpress (CVE-2026-8499). Risk of unauthorized operations or information disclosure. Exploitable via ``token``.
|
| CVE-2026-8841 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8841)
cross-site scripting in wordpress (CVE-2026-8841). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8882 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8882)
cross-site scripting in wordpress (CVE-2026-8882). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8883 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8883)
cross-site scripting in wordpress (CVE-2026-8883). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11603 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-11603)
cross-site scripting in wordpress (CVE-2026-11603). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10553 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-10553)
vulnerability in wordpress (CVE-2026-10553). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10024 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-10024)
cross-site scripting in wordpress (CVE-2026-10024). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10738 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-10738)
cross-site scripting in wordpress (CVE-2026-10738). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7556 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-7556)
cross-site scripting in wordpress (CVE-2026-7556). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5714 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-5714)
cross-site scripting in wordpress (CVE-2026-5714). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10862 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-10862)
cross-site scripting in wordpress (CVE-2026-10862). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-3011 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-3011)
cross-site scripting in wordpress (CVE-2026-3011). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-47982 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2021-47982)
cross-site scripting in wordpress (CVE-2021-47982). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-54351 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2023-54351)
cross-site scripting in wordpress (CVE-2023-54351). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-54350 |
|
Vulnerability in c (CVE-2023-54350)
vulnerability in c (CVE-2023-54350). Confidential information can be exposed externally.
|
| CVE-2023-54352 |
|
Vulnerability in wordpress (CVE-2023-54352)
vulnerability in wordpress (CVE-2023-54352). Successful exploitation can lead to full system takeover.
|