WordPress — свободно распространяемая система управления содержимым сайта с открытым исходным кодом.
Релизный цикл, информация об уязвимостях
График релизов
Количество 1 894
GHSA-rvwm-8qg8-4hp8
Cross-site scripting vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to inject an arbitrary script .
GHSA-h8vf-v4qw-mvq4
Improper authentication vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to obtain the email address of the user who posted a blog using the WordPress Post by Email Feature.
CVE-2022-43504
Improper authentication vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to obtain the email address of the user who posted a blog using the WordPress Post by Email Feature. The developer also provides new patched releases for all versions since 3.7.
CVE-2022-43504
Improper authentication vulnerability in WordPress versions prior to 6 ...
CVE-2022-43500
Cross-site scripting vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to inject an arbitrary script. The developer also provides new patched releases for all versions since 3.7.
CVE-2022-43500
Cross-site scripting vulnerability in WordPress versions prior to 6.0. ...
CVE-2022-43497
Cross-site scripting vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to inject an arbitrary script. The developer also provides new patched releases for all versions since 3.7.
CVE-2022-43497
Cross-site scripting vulnerability in WordPress versions prior to 6.0. ...
CVE-2022-43504
Improper authentication vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to obtain the email address of the user who posted a blog using the WordPress Post by Email Feature. The developer also provides new patched releases for all versions since 3.7.
CVE-2022-43497
Cross-site scripting vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to inject an arbitrary script. The developer also provides new patched releases for all versions since 3.7.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-rvwm-8qg8-4hp8 Cross-site scripting vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to inject an arbitrary script . | CVSS3: 6.1 | 1% Низкий | почти 3 года назад |
| GHSA-h8vf-v4qw-mvq4 Improper authentication vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to obtain the email address of the user who posted a blog using the WordPress Post by Email Feature. | CVSS3: 5.3 | 1% Низкий | почти 3 года назад |
 | CVE-2022-43504 Improper authentication vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to obtain the email address of the user who posted a blog using the WordPress Post by Email Feature. The developer also provides new patched releases for all versions since 3.7. | CVSS3: 5.3 | 1% Низкий | почти 3 года назад |
| CVE-2022-43504 Improper authentication vulnerability in WordPress versions prior to 6 ... | CVSS3: 5.3 | 1% Низкий | почти 3 года назад |
| CVE-2022-43500 Cross-site scripting vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to inject an arbitrary script. The developer also provides new patched releases for all versions since 3.7. | CVSS3: 6.1 | 1% Низкий | почти 3 года назад |
| CVE-2022-43500 Cross-site scripting vulnerability in WordPress versions prior to 6.0. ... | CVSS3: 6.1 | 1% Низкий | почти 3 года назад |
| CVE-2022-43497 Cross-site scripting vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to inject an arbitrary script. The developer also provides new patched releases for all versions since 3.7. | CVSS3: 6.1 | 1% Низкий | почти 3 года назад |
| CVE-2022-43497 Cross-site scripting vulnerability in WordPress versions prior to 6.0. ... | CVSS3: 6.1 | 1% Низкий | почти 3 года назад |
 | CVE-2022-43504 Improper authentication vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to obtain the email address of the user who posted a blog using the WordPress Post by Email Feature. The developer also provides new patched releases for all versions since 3.7. | CVSS3: 5.3 | 1% Низкий | почти 3 года назад |
| CVE-2022-43497 Cross-site scripting vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to inject an arbitrary script. The developer also provides new patched releases for all versions since 3.7. | CVSS3: 6.1 | 1% Низкий | почти 3 года назад |
Уязвимостей на страницу