Exposição de WordPress

Blogs, CMS

2.045

score de exposição

2.932.393

sites usam

0

em exploração

174

críticos

CVEs

2.380 resultados

CVE-2024-9593HIGHTime Clock <= 1.2.2 & Time Clock Pro <= 1.1.4 - Unauthenticated (Limited) Remote Code ExecutionEPSS 12.5%CVE-2022-2551—Duplicator < 1.4.7 - Unauthenticated Backup DownloadEPSS 12.5%CVE-2013-1916—In WordPress Plugin User Photo 0.9.4, when a photo is uploaded, it is only partially validated and it is possible to upload a backdoor on thEPSS 12.1%CVE-2024-8529CRITICALLearnPress – WordPress LMS Plugin <= 4.2.7 - Unauthenticated SQL Injection via 'c_fields'EPSS 11.8%CVE-2023-23489CRITICALThe Easy Digital Downloads WordPress Plugin, versions 3.1.0.2 & 3.1.0.3, is affected by an unauthenticated SQL injection vulnerability in thEPSS 11.2%CVE-2024-4443CRITICALBusiness Directory Plugin – Easy Listing Directories for WordPress <= 6.4.2 - Unauthenticated SQL Injection via listingfields ParameterEPSS 10.3%CVE-2024-4295CRITICALEmail Subscribers by Icegram Express <= 5.7.20 - Unauthenticated SQL Injection via hashEPSS 10.2%CVE-2025-34077CRITICALWordPress Pie Register Plugin ≤ 3.7.1.4 Authentication Bypass RCEEPSS 9.9%CVE-2021-43408MEDIUMDuplicate Post WordPress Plugin SQL Injection VulnerabilityEPSS 9.8%CVE-2025-4524CRITICALMadara – Responsive and modern WordPress theme for manga sites <= 2.2.2 - Unauthenticated Local File InclusionEPSS 9.1%CVE-2022-0814—Ubigeo de Peru < 3.6.4 - Unauthenticated SQLiEPSS 8.9%CVE-2023-6634HIGHLearnPress <= 4.2.5.7 - Command InjectionEPSS 8.5%CVE-2024-9935HIGHPDF Generator Addon for Elementor Page Builder <= 2.0.0 - Unauthenticated Arbitrary File DownloadEPSS 7.5%CVE-2017-6104—Remote file upload vulnerability in Wordpress Plugin Mobile App Native 3.0.EPSS 7.3%CVE-2023-2437CRITICALUserPro <= 5.1.1 - Authentication Bypass to AdministratorEPSS 6.8%CVE-2021-36888CRITICALWordPress Image Hover Effects Ultimate plugin <= 9.6.1 - Unauthenticated Arbitrary Options Update leading to full website compromiseEPSS 6.7%CVE-2022-0864—UpdraftPlus < 1.22.9 - Reflected Cross-Site ScriptingEPSS 6.4%CVE-2020-5766—Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in SRS Simple Hits Counter Plugin for WordPress 1.0.3 aEPSS 6.1%CVE-2021-24227—Patreon WordPress < 1.7.0 - Unauthenticated Local File DisclosureEPSS 5.9%CVE-2025-14156CRITICALFox LMS – WordPress LMS Plugin 1.0.4.7 - 1.0.5.1 - Unauthenticated Privilege Escalation via 'createOrder'EPSS 5.8%

← anteriorpágina 3 / 119próxima →

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →