Vulnerabilidades em WordPress Foundation
6 resultadosCVE-2023-2745MEDIUMWordPress Core < 6.2.1 - Directory TraversalEPSS 79.5%CVE-2024-4439HIGHWordPress Core is vulnerable to Stored Cross-Site Scripting via user display names in the Avatar block in various versions up to 6.5.2 due tEPSS 70.8%CVE-2023-5692MEDIUMWordPress Core <= 6.4.3 - Sensitive Information Exposure via redirect_guess_404_permalinkEPSS 0.7%CVE-2024-6307MEDIUMWordPress Core < 6.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via HTML APIEPSS 0.5%CVE-2022-4973MEDIUMWordPress Core < 6.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via use of the_meta(); functionEPSS 0.5%CVE-2026-3906MEDIUMWordPress 6.9 - 6.9.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Note Creation via REST APIEPSS 0.3%