Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2014-8492 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2014-8492)
cross-site scripting in wordpress (CVE-2014-8492). Risk of unauthorized operations or information disclosure.
|
| CVE-2014-8758 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2014-8758)
cross-site scripting in wordpress (CVE-2014-8758). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14990 |
|
Vulnerability in wordpress (CVE-2017-14990)
vulnerability in wordpress (CVE-2017-14990). Confidential information can be exposed externally.
|
| CVE-2017-14848 |
|
SQL Injection in wordpress (CVE-2017-14848)
SQL injection in wordpress (CVE-2017-14848). Successful exploitation can lead to full system takeover.
|
| CVE-2015-7357 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2015-7357)
cross-site scripting in wordpress (CVE-2015-7357). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-7980 |
|
Cross-Site Scripting (XSS) in drupal (CVE-2015-7980)
cross-site scripting in drupal (CVE-2015-7980). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-9233 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2015-9233)
vulnerability in wordpress (CVE-2015-9233). Successful exploitation can lead to full system takeover.
|
| CVE-2015-9234 |
|
SQL Injection in wordpress (CVE-2015-9234)
SQL injection in wordpress (CVE-2015-9234). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14507 |
|
SQL Injection in wordpress (CVE-2017-14507)
SQL injection in wordpress (CVE-2017-14507). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14842 |
|
SQL Injection in wordpress (CVE-2017-14842)
SQL injection in wordpress (CVE-2017-14842). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14843 |
|
Mojoomla School Management System for WordPress allows SQL Injection via the id parameter.
Mojoomla School Management System for WordPress allows SQL Injection via the id parameter.
|
| CVE-2017-14844 |
|
Mojoomla WPGYM WordPress Gym Management System allows SQL Injection via the id parameter.
Mojoomla WPGYM WordPress Gym Management System allows SQL Injection via the id parameter.
|
| CVE-2017-14845 |
|
Mojoomla WPCHURCH Church Management System for WordPress allows SQL Injection via the id parameter.
Mojoomla WPCHURCH Church Management System for WordPress allows SQL Injection via the id parameter.
|
| CVE-2017-14846 |
|
Mojoomla Hospital Management System for WordPress allows SQL Injection via the id parameter.
Mojoomla Hospital Management System for WordPress allows SQL Injection via the id parameter.
|
| CVE-2017-14847 |
|
Mojoomla WPAMS Apartment Management System for WordPress allows SQL Injection via the id parameter.
Mojoomla WPAMS Apartment Management System for WordPress allows SQL Injection via the id parameter.
|
| CVE-2017-2551 |
|
Vulnerability in wordpress (CVE-2017-2551)
vulnerability in wordpress (CVE-2017-2551). Confidential information can be exposed externally.
|
| CVE-2017-14622 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-14622)
cross-site scripting in wordpress (CVE-2017-14622). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14760 |
|
SQL Injection in wordpress (CVE-2017-14760)
SQL injection in wordpress (CVE-2017-14760). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14766 |
|
Authentication Bypass in wordpress (CVE-2017-14766)
authentication bypass in wordpress (CVE-2017-14766). Data can be tampered with by attackers.
|
| CVE-2017-14751 |
|
The Intense WP "WP Jobs" plugin 1.5 for WordPress has XSS, related to the Job Qualification field.
The Intense WP "WP Jobs" plugin 1.5 for WordPress has XSS, related to the Job Qualification field.
|
| CVE-2015-7670 |
|
SQL Injection in wordpress (CVE-2015-7670)
SQL injection in wordpress (CVE-2015-7670). Successful exploitation can lead to full system takeover.
|
| CVE-2015-8707 |
|
Information Disclosure in magento (CVE-2015-8707)
vulnerability in magento (CVE-2015-8707). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14125 |
|
SQL Injection in wordpress (CVE-2017-14125)
SQL injection in wordpress (CVE-2017-14125). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14718 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-14718)
cross-site scripting in wordpress (CVE-2017-14718). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14719 |
|
Path Traversal in wordpress (CVE-2017-14719)
path traversal in wordpress (CVE-2017-14719). Confidential information can be exposed externally.
|
| CVE-2017-14720 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-14720)
cross-site scripting in wordpress (CVE-2017-14720). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14721 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-14721)
cross-site scripting in wordpress (CVE-2017-14721). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14722 |
|
Path Traversal in wordpress (CVE-2017-14722)
path traversal in wordpress (CVE-2017-14722). Confidential information can be exposed externally.
|
| CVE-2017-14723 |
|
SQL Injection in wordpress (CVE-2017-14723)
SQL injection in wordpress (CVE-2017-14723). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14724 |
|
Before version 4.8.2, WordPress was vulnerable to cross-site scripting in oEmbed discovery.
Before version 4.8.2, WordPress was vulnerable to cross-site scripting in oEmbed discovery.
|
| CVE-2017-14725 |
|
Open Redirect in wordpress (CVE-2017-14725)
vulnerability in wordpress (CVE-2017-14725). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14726 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-14726)
cross-site scripting in wordpress (CVE-2017-14726). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14618 |
|
Cross-Site Scripting (XSS) in phpmyfaq (CVE-2017-14618)
cross-site scripting in phpmyfaq (CVE-2017-14618). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14619 |
|
Cross-Site Scripting (XSS) in phpmyfaq (CVE-2017-14619)
cross-site scripting in phpmyfaq (CVE-2017-14619). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-5608 |
|
Open redirect vulnerability in Joomla! CMS 3.0.0 through 3.4.1.
Open redirect vulnerability in Joomla! CMS 3.0.0 through 3.4.1.
|
| CVE-2017-14595 |
|
Vulnerability in joomla (CVE-2017-14595)
vulnerability in joomla (CVE-2017-14595). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14596 |
|
Vulnerability in joomla (CVE-2017-14596)
vulnerability in joomla (CVE-2017-14596). Successful exploitation can lead to full system takeover.
|
| CVE-2015-2826 |
|
Information Disclosure in wordpress (CVE-2015-2826)
vulnerability in wordpress (CVE-2015-2826). Risk of unauthorized operations or information disclosure.
|
| CVE-2014-9758 |
|
Cross-site scripting (XSS) vulnerability in Magento E-Commerce Platform 1.9.0.1.
Cross-site scripting (XSS) vulnerability in Magento E-Commerce Platform 1.9.0.1.
|
| CVE-2015-3299 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2015-3299)
cross-site scripting in wordpress (CVE-2015-3299). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-4089 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2015-4089)
vulnerability in wordpress (CVE-2015-4089). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14530 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2017-14530)
vulnerability in wordpress (CVE-2017-14530). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1002022 |
|
SQL Injection in wordpress (CVE-2017-1002022)
SQL injection in wordpress (CVE-2017-1002022). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1002023 |
|
SQL Injection in wordpress (CVE-2017-1002023)
SQL injection in wordpress (CVE-2017-1002023). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1002025 |
|
SQL Injection in wordpress (CVE-2017-1002025)
SQL injection in wordpress (CVE-2017-1002025). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1002026 |
|
SQL Injection in wordpress (CVE-2017-1002026)
SQL injection in wordpress (CVE-2017-1002026). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1002027 |
|
SQL Injection in wordpress (CVE-2017-1002027)
SQL injection in wordpress (CVE-2017-1002027). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1002028 |
|
SQL Injection in wordpress (CVE-2017-1002028)
SQL injection in wordpress (CVE-2017-1002028). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1002000 |
|
Unrestricted File Upload in wordpress (CVE-2017-1002000)
vulnerability in wordpress (CVE-2017-1002000). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1002001 |
|
Unrestricted File Upload in wordpress (CVE-2017-1002001)
vulnerability in wordpress (CVE-2017-1002001). Successful exploitation can lead to full system takeover.
|