WordPress — свободно распространяемая система управления содержимым сайта с открытым исходным кодом.

Релизный цикл, информация об уязвимостях

Продукт: WordPress

Вендор: Wordpress

График релизов

Недавние уязвимости WordPress

Количество 1 896

CVE-2017-14725

около 8 лет назад

Before version 4.8.2, WordPress was susceptible to an open redirect attack in wp-admin/edit-tag-form.php and wp-admin/user-edit.php.

CVSS3: 5.4

EPSS: Низкий

CVE-2017-14725

около 8 лет назад

Before version 4.8.2, WordPress was susceptible to an open redirect at ...

CVSS3: 5.4

EPSS: Низкий

CVE-2017-14724

около 8 лет назад

Before version 4.8.2, WordPress was vulnerable to cross-site scripting in oEmbed discovery.

CVSS3: 6.1

EPSS: Низкий

CVE-2017-14724

около 8 лет назад

Before version 4.8.2, WordPress was vulnerable to cross-site scripting ...

CVSS3: 6.1

EPSS: Низкий

CVE-2017-14723

около 8 лет назад

Before version 4.8.2, WordPress mishandled % characters and additional placeholder values in $wpdb->prepare, and thus did not properly address the possibility of plugins and themes enabling SQL injection attacks.

CVSS3: 9.8

EPSS: Средний

CVE-2017-14723

около 8 лет назад

Before version 4.8.2, WordPress mishandled % characters and additional ...

CVSS3: 9.8

EPSS: Средний

CVE-2017-14722

около 8 лет назад

Before version 4.8.2, WordPress allowed a Directory Traversal attack in the Customizer component via a crafted theme filename.

CVSS3: 7.5

EPSS: Средний

CVE-2017-14722

около 8 лет назад

Before version 4.8.2, WordPress allowed a Directory Traversal attack i ...

CVSS3: 7.5

EPSS: Средний

CVE-2017-14721

около 8 лет назад

Before version 4.8.2, WordPress allowed Cross-Site scripting in the plugin editor via a crafted plugin name.

CVSS3: 6.1

EPSS: Низкий

CVE-2017-14721

около 8 лет назад

Before version 4.8.2, WordPress allowed Cross-Site scripting in the pl ...

CVSS3: 6.1

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
CVE-2017-14725 Before version 4.8.2, WordPress was susceptible to an open redirect attack in wp-admin/edit-tag-form.php and wp-admin/user-edit.php.	CVSS3: 5.4	2% Низкий	около 8 лет назад
CVE-2017-14725 Before version 4.8.2, WordPress was susceptible to an open redirect at ...	CVSS3: 5.4	2% Низкий	около 8 лет назад
CVE-2017-14724 Before version 4.8.2, WordPress was vulnerable to cross-site scripting in oEmbed discovery.	CVSS3: 6.1	8% Низкий	около 8 лет назад
CVE-2017-14724 Before version 4.8.2, WordPress was vulnerable to cross-site scripting ...	CVSS3: 6.1	8% Низкий	около 8 лет назад
CVE-2017-14723 Before version 4.8.2, WordPress mishandled % characters and additional placeholder values in $wpdb->prepare, and thus did not properly address the possibility of plugins and themes enabling SQL injection attacks.	CVSS3: 9.8	10% Средний	около 8 лет назад
CVE-2017-14723 Before version 4.8.2, WordPress mishandled % characters and additional ...	CVSS3: 9.8	10% Средний	около 8 лет назад
CVE-2017-14722 Before version 4.8.2, WordPress allowed a Directory Traversal attack in the Customizer component via a crafted theme filename.	CVSS3: 7.5	31% Средний	около 8 лет назад
CVE-2017-14722 Before version 4.8.2, WordPress allowed a Directory Traversal attack i ...	CVSS3: 7.5	31% Средний	около 8 лет назад
CVE-2017-14721 Before version 4.8.2, WordPress allowed Cross-Site scripting in the plugin editor via a crafted plugin name.	CVSS3: 6.1	3% Низкий	около 8 лет назад
CVE-2017-14721 Before version 4.8.2, WordPress allowed Cross-Site scripting in the pl ...	CVSS3: 6.1	3% Низкий	около 8 лет назад

Уязвимостей на страницу