Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cms Clear
ID Title
CVE-2014-8492 Cross-Site Scripting (XSS) in wordpress (CVE-2014-8492)
cross-site scripting in wordpress (CVE-2014-8492). Risk of unauthorized operations or information disclosure.
CVE-2014-8758 Cross-Site Scripting (XSS) in wordpress (CVE-2014-8758)
cross-site scripting in wordpress (CVE-2014-8758). Risk of unauthorized operations or information disclosure.
CVE-2017-14990 Vulnerability in wordpress (CVE-2017-14990)
vulnerability in wordpress (CVE-2017-14990). Confidential information can be exposed externally.
CVE-2017-14848 SQL Injection in wordpress (CVE-2017-14848)
SQL injection in wordpress (CVE-2017-14848). Successful exploitation can lead to full system takeover.
CVE-2015-7357 Cross-Site Scripting (XSS) in wordpress (CVE-2015-7357)
cross-site scripting in wordpress (CVE-2015-7357). Risk of unauthorized operations or information disclosure.
CVE-2015-7980 Cross-Site Scripting (XSS) in drupal (CVE-2015-7980)
cross-site scripting in drupal (CVE-2015-7980). Risk of unauthorized operations or information disclosure.
CVE-2015-9233 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2015-9233)
vulnerability in wordpress (CVE-2015-9233). Successful exploitation can lead to full system takeover.
CVE-2015-9234 SQL Injection in wordpress (CVE-2015-9234)
SQL injection in wordpress (CVE-2015-9234). Successful exploitation can lead to full system takeover.
CVE-2017-14507 SQL Injection in wordpress (CVE-2017-14507)
SQL injection in wordpress (CVE-2017-14507). Successful exploitation can lead to full system takeover.
CVE-2017-14842 SQL Injection in wordpress (CVE-2017-14842)
SQL injection in wordpress (CVE-2017-14842). Successful exploitation can lead to full system takeover.
CVE-2017-14843 Mojoomla School Management System for WordPress allows SQL Injection via the id parameter.
Mojoomla School Management System for WordPress allows SQL Injection via the id parameter.
CVE-2017-14844 Mojoomla WPGYM WordPress Gym Management System allows SQL Injection via the id parameter.
Mojoomla WPGYM WordPress Gym Management System allows SQL Injection via the id parameter.
CVE-2017-14845 Mojoomla WPCHURCH Church Management System for WordPress allows SQL Injection via the id parameter.
Mojoomla WPCHURCH Church Management System for WordPress allows SQL Injection via the id parameter.
CVE-2017-14846 Mojoomla Hospital Management System for WordPress allows SQL Injection via the id parameter.
Mojoomla Hospital Management System for WordPress allows SQL Injection via the id parameter.
CVE-2017-14847 Mojoomla WPAMS Apartment Management System for WordPress allows SQL Injection via the id parameter.
Mojoomla WPAMS Apartment Management System for WordPress allows SQL Injection via the id parameter.
CVE-2017-2551 Vulnerability in wordpress (CVE-2017-2551)
vulnerability in wordpress (CVE-2017-2551). Confidential information can be exposed externally.
CVE-2017-14622 Cross-Site Scripting (XSS) in wordpress (CVE-2017-14622)
cross-site scripting in wordpress (CVE-2017-14622). Risk of unauthorized operations or information disclosure.
CVE-2017-14760 SQL Injection in wordpress (CVE-2017-14760)
SQL injection in wordpress (CVE-2017-14760). Successful exploitation can lead to full system takeover.
CVE-2017-14766 Authentication Bypass in wordpress (CVE-2017-14766)
authentication bypass in wordpress (CVE-2017-14766). Data can be tampered with by attackers.
CVE-2017-14751 The Intense WP "WP Jobs" plugin 1.5 for WordPress has XSS, related to the Job Qualification field.
The Intense WP "WP Jobs" plugin 1.5 for WordPress has XSS, related to the Job Qualification field.
CVE-2015-7670 SQL Injection in wordpress (CVE-2015-7670)
SQL injection in wordpress (CVE-2015-7670). Successful exploitation can lead to full system takeover.
CVE-2015-8707 Information Disclosure in magento (CVE-2015-8707)
vulnerability in magento (CVE-2015-8707). Successful exploitation can lead to full system takeover.
CVE-2017-14125 SQL Injection in wordpress (CVE-2017-14125)
SQL injection in wordpress (CVE-2017-14125). Successful exploitation can lead to full system takeover.
CVE-2017-14718 Cross-Site Scripting (XSS) in wordpress (CVE-2017-14718)
cross-site scripting in wordpress (CVE-2017-14718). Risk of unauthorized operations or information disclosure.
CVE-2017-14719 Path Traversal in wordpress (CVE-2017-14719)
path traversal in wordpress (CVE-2017-14719). Confidential information can be exposed externally.
CVE-2017-14720 Cross-Site Scripting (XSS) in wordpress (CVE-2017-14720)
cross-site scripting in wordpress (CVE-2017-14720). Risk of unauthorized operations or information disclosure.
CVE-2017-14721 Cross-Site Scripting (XSS) in wordpress (CVE-2017-14721)
cross-site scripting in wordpress (CVE-2017-14721). Risk of unauthorized operations or information disclosure.
CVE-2017-14722 Path Traversal in wordpress (CVE-2017-14722)
path traversal in wordpress (CVE-2017-14722). Confidential information can be exposed externally.
CVE-2017-14723 SQL Injection in wordpress (CVE-2017-14723)
SQL injection in wordpress (CVE-2017-14723). Successful exploitation can lead to full system takeover.
CVE-2017-14724 Before version 4.8.2, WordPress was vulnerable to cross-site scripting in oEmbed discovery.
Before version 4.8.2, WordPress was vulnerable to cross-site scripting in oEmbed discovery.
CVE-2017-14725 Open Redirect in wordpress (CVE-2017-14725)
vulnerability in wordpress (CVE-2017-14725). Risk of unauthorized operations or information disclosure.
CVE-2017-14726 Cross-Site Scripting (XSS) in wordpress (CVE-2017-14726)
cross-site scripting in wordpress (CVE-2017-14726). Risk of unauthorized operations or information disclosure.
CVE-2017-14618 Cross-Site Scripting (XSS) in phpmyfaq (CVE-2017-14618)
cross-site scripting in phpmyfaq (CVE-2017-14618). Risk of unauthorized operations or information disclosure.
CVE-2017-14619 Cross-Site Scripting (XSS) in phpmyfaq (CVE-2017-14619)
cross-site scripting in phpmyfaq (CVE-2017-14619). Risk of unauthorized operations or information disclosure.
CVE-2015-5608 Open redirect vulnerability in Joomla! CMS 3.0.0 through 3.4.1.
Open redirect vulnerability in Joomla! CMS 3.0.0 through 3.4.1.
CVE-2017-14595 Vulnerability in joomla (CVE-2017-14595)
vulnerability in joomla (CVE-2017-14595). Risk of unauthorized operations or information disclosure.
CVE-2017-14596 Vulnerability in joomla (CVE-2017-14596)
vulnerability in joomla (CVE-2017-14596). Successful exploitation can lead to full system takeover.
CVE-2015-2826 Information Disclosure in wordpress (CVE-2015-2826)
vulnerability in wordpress (CVE-2015-2826). Risk of unauthorized operations or information disclosure.
CVE-2014-9758 Cross-site scripting (XSS) vulnerability in Magento E-Commerce Platform 1.9.0.1.
Cross-site scripting (XSS) vulnerability in Magento E-Commerce Platform 1.9.0.1.
CVE-2015-3299 Cross-Site Scripting (XSS) in wordpress (CVE-2015-3299)
cross-site scripting in wordpress (CVE-2015-3299). Risk of unauthorized operations or information disclosure.
CVE-2015-4089 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2015-4089)
vulnerability in wordpress (CVE-2015-4089). Successful exploitation can lead to full system takeover.
CVE-2017-14530 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2017-14530)
vulnerability in wordpress (CVE-2017-14530). Successful exploitation can lead to full system takeover.
CVE-2017-1002022 SQL Injection in wordpress (CVE-2017-1002022)
SQL injection in wordpress (CVE-2017-1002022). Successful exploitation can lead to full system takeover.
CVE-2017-1002023 SQL Injection in wordpress (CVE-2017-1002023)
SQL injection in wordpress (CVE-2017-1002023). Successful exploitation can lead to full system takeover.
CVE-2017-1002025 SQL Injection in wordpress (CVE-2017-1002025)
SQL injection in wordpress (CVE-2017-1002025). Successful exploitation can lead to full system takeover.
CVE-2017-1002026 SQL Injection in wordpress (CVE-2017-1002026)
SQL injection in wordpress (CVE-2017-1002026). Successful exploitation can lead to full system takeover.
CVE-2017-1002027 SQL Injection in wordpress (CVE-2017-1002027)
SQL injection in wordpress (CVE-2017-1002027). Successful exploitation can lead to full system takeover.
CVE-2017-1002028 SQL Injection in wordpress (CVE-2017-1002028)
SQL injection in wordpress (CVE-2017-1002028). Successful exploitation can lead to full system takeover.
CVE-2017-1002000 Unrestricted File Upload in wordpress (CVE-2017-1002000)
vulnerability in wordpress (CVE-2017-1002000). Successful exploitation can lead to full system takeover.
CVE-2017-1002001 Unrestricted File Upload in wordpress (CVE-2017-1002001)
vulnerability in wordpress (CVE-2017-1002001). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →