Known Vulnerabilities for products from Wordpress

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Wordpress".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2022-21664 WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to lack ... 8.8 - HIGH 2022-01-06 2022-01-23
CVE-2022-21663 WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. On a multisi... 7.2 - HIGH 2022-01-06 2022-01-23
CVE-2022-21662 WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Low-privileg... 5.4 - MEDIUM 2022-01-06 2022-01-23
CVE-2022-21661 WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to impro... 7.5 - HIGH 2022-01-06 2022-01-23
CVE-2022-0236 The WP Import Export WordPress plugin (both free and premium versions) is vulnerable to unauthenticated sensitive data disclo... 7.5 - HIGH 2022-01-18 2022-01-18
CVE-2022-0233 The ProfileGrid – User Profiles, Memberships, Groups and Communities WordPress plugin is vulnerable to Stored Cross-Site Sc... 5.4 - MEDIUM 2022-01-18 2022-01-18
CVE-2022-0232 The User Registration, Login & Landing Pages WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficien... 4.8 - MEDIUM 2022-01-18 2022-01-18
CVE-2022-0215 The Login/Signup Popup, Waitlist Woocommerce ( Back in stock notifier ), and Side Cart Woocommerce (Ajax) WordPress plugins b... 8.8 - HIGH 2022-01-18 2022-01-18
CVE-2022-0210 The Random Banner WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping via the category... Not Provided 2022-01-18 2022-01-18
CVE-2021-44777 Cross-Site Request Forgery (CSRF) vulnerabilities leading to single or bulk e-mail entries deletion discovered in Email Track... Not Provided 2022-01-19 2022-01-19
CVE-2021-39203 WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In ... 6.5 - MEDIUM 2021-09-09 2021-09-24
CVE-2021-39202 WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In ... 5.4 - MEDIUM 2021-09-09 2021-09-24
CVE-2021-39201 WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. ###... 5.4 - MEDIUM 2021-09-09 2021-12-14
CVE-2021-39200 WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In ... 5.3 - MEDIUM 2021-09-09 2021-12-14
CVE-2021-29476 Requests is a HTTP library written in PHP. Requests mishandles deserialization in FilteredIterator. The issue has been patche... 9.8 - CRITICAL 2021-04-27 2021-05-07
CVE-2021-29450 Wordpress is an open source CMS. One of the blocks in the WordPress editor can be exploited in a way that exposes password-pr... 4.3 - MEDIUM 2021-04-15 2021-04-23
CVE-2021-29447 Wordpress is an open source CMS. A user with the ability to upload files (like an Author) can exploit an XML parsing issue in... 6.5 - MEDIUM 2021-04-15 2021-12-16
CVE-2020-36326 PHPMailer 6.1.8 through 6.4.0 allows object injection through Phar Deserialization via addAttachment with a UNC pathname. NOT... 9.8 - CRITICAL 2021-04-28 2021-06-14
CVE-2020-28040 WordPress before 5.5.2 allows CSRF attacks that change a theme's background image. 4.3 - MEDIUM 2020-11-02 2020-11-11
CVE-2020-28039 is_protected_meta in wp-includes/meta.php in WordPress before 5.5.2 allows arbitrary file deletion because it does not proper... 9.1 - CRITICAL 2020-11-02 2020-11-11

Known software with vulnerabilities from Wordpress

Type Vendor Product Version
ApplicationWordpressPlugin Newsletter Plugin1.5
ApplicationWordpressSlideshow Gallery2-
ApplicationWordpressWordpress-
ApplicationWordpressWordpress Mu1.1

Popular searches for "Wordpress"

WordPress.com: Create a Free Website or Blog

wordpress.com

WordPress.com: Create a Free Website or Blog Create a free website or build a blog with ease on WordPress b ` ^.com. Dozens of free, customizable, mobile-ready designs and themes. Free hosting and support.

wordpress.com/#!/fresh bg.wordpress.com en-gb.wordpress.com en.wordpress.com ms.wordpress.com wordpress.com/%E2%80%9D Website WordPress.com Blog Free software WordPress Plug-in (computing) Search engine optimization Personalization Create (TV network) SSH File Transfer Protocol E-commerce Theme (computing) Website builder Analytics Backup Web hosting service Google Mobile app Domain name 1-Click