WordPress — свободно распространяемая система управления содержимым сайта с открытым исходным кодом.

Релизный цикл, информация об уязвимостях

Продукт: WordPress

Вендор: Wordpress

График релизов

Недавние уязвимости WordPress

Количество 1 906

CVE-2008-0194

около 18 лет назад

Directory traversal vulnerability in wp-db-backup.php in WordPress 2.0.3 and earlier allows remote attackers to read arbitrary files, delete arbitrary files, and cause a denial of service via a .. (dot dot) in the backup parameter in a wp-db-backup.php action to wp-admin/edit.php. NOTE: this might be the same as CVE-2006-5705.1.

CVSS2: 7.5

EPSS: Низкий

CVE-2008-0192

около 18 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in WordPress 2.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the popuptitle parameter to (1) wp-admin/post.php or (2) wp-admin/page-new.php.

CVSS2: 4.3

EPSS: Низкий

CVE-2008-0191

около 18 лет назад

WordPress 2.2.x and 2.3.x allows remote attackers to obtain sensitive information via an invalid p parameter in an rss2 action to the default URI, which reveals the full path and the SQL database structure.

CVSS2: 5

EPSS: Низкий

CVE-2008-0195

около 18 лет назад

WordPress 2.0.11 and earlier allows remote attackers to obtain sensitive information via an empty value of the page parameter to certain PHP scripts under wp-admin/, which reveals the path in various error messages.

CVSS2: 5

EPSS: Низкий

CVE-2008-0194

около 18 лет назад

Directory traversal vulnerability in wp-db-backup.php in WordPress 2.0 ...

CVSS2: 7.5

EPSS: Низкий

CVE-2008-0193

около 18 лет назад

Cross-site scripting (XSS) vulnerability in wp-db-backup.php in WordPr ...

CVSS2: 4.3

EPSS: Низкий

CVE-2008-0195

около 18 лет назад

WordPress 2.0.11 and earlier allows remote attackers to obtain sensiti ...

CVSS2: 5

EPSS: Низкий

CVE-2008-0192

около 18 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in WordPress 2.0.9 ...

CVSS2: 4.3

EPSS: Низкий

CVE-2008-0196

около 18 лет назад

Multiple directory traversal vulnerabilities in WordPress 2.0.11 and e ...

CVSS2: 5

EPSS: Низкий

CVE-2008-0191

около 18 лет назад

WordPress 2.2.x and 2.3.x allows remote attackers to obtain sensitive ...

CVSS2: 5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
CVE-2008-0194 Directory traversal vulnerability in wp-db-backup.php in WordPress 2.0.3 and earlier allows remote attackers to read arbitrary files, delete arbitrary files, and cause a denial of service via a .. (dot dot) in the backup parameter in a wp-db-backup.php action to wp-admin/edit.php. NOTE: this might be the same as CVE-2006-5705.1.	CVSS2: 7.5	1% Низкий	около 18 лет назад
CVE-2008-0192 Multiple cross-site scripting (XSS) vulnerabilities in WordPress 2.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the popuptitle parameter to (1) wp-admin/post.php or (2) wp-admin/page-new.php.	CVSS2: 4.3	2% Низкий	около 18 лет назад
CVE-2008-0191 WordPress 2.2.x and 2.3.x allows remote attackers to obtain sensitive information via an invalid p parameter in an rss2 action to the default URI, which reveals the full path and the SQL database structure.	CVSS2: 5	1% Низкий	около 18 лет назад
CVE-2008-0195 WordPress 2.0.11 and earlier allows remote attackers to obtain sensitive information via an empty value of the page parameter to certain PHP scripts under wp-admin/, which reveals the path in various error messages.	CVSS2: 5	2% Низкий	около 18 лет назад
CVE-2008-0194 Directory traversal vulnerability in wp-db-backup.php in WordPress 2.0 ...	CVSS2: 7.5	1% Низкий	около 18 лет назад
CVE-2008-0193 Cross-site scripting (XSS) vulnerability in wp-db-backup.php in WordPr ...	CVSS2: 4.3	2% Низкий	около 18 лет назад
CVE-2008-0195 WordPress 2.0.11 and earlier allows remote attackers to obtain sensiti ...	CVSS2: 5	2% Низкий	около 18 лет назад
CVE-2008-0192 Multiple cross-site scripting (XSS) vulnerabilities in WordPress 2.0.9 ...	CVSS2: 4.3	2% Низкий	около 18 лет назад
CVE-2008-0196 Multiple directory traversal vulnerabilities in WordPress 2.0.11 and e ...	CVSS2: 5	0% Низкий	около 18 лет назад
CVE-2008-0191 WordPress 2.2.x and 2.3.x allows remote attackers to obtain sensitive ...	CVSS2: 5	1% Низкий	около 18 лет назад

Уязвимостей на страницу