WordPress — свободно распространяемая система управления содержимым сайта с открытым исходным кодом.

Релизный цикл, информация об уязвимостях

Продукт: WordPress

Вендор: Wordpress

График релизов

Недавние уязвимости WordPress

Количество 1 894

CVE-2017-9063

больше 8 лет назад

In WordPress before 4.7.5, a cross-site scripting (XSS) vulnerability ...

CVSS3: 6.1

EPSS: Низкий

CVE-2017-9062

больше 8 лет назад

In WordPress before 4.7.5, there is improper handling of post meta data values in the XML-RPC API.

CVSS3: 8.6

EPSS: Низкий

CVE-2017-9062

больше 8 лет назад

In WordPress before 4.7.5, there is improper handling of post meta dat ...

CVSS3: 8.6

EPSS: Низкий

CVE-2017-9061

больше 8 лет назад

In WordPress before 4.7.5, a cross-site scripting (XSS) vulnerability exists when attempting to upload very large files, because the error message does not properly restrict presentation of the filename.

CVSS3: 6.1

EPSS: Низкий

CVE-2017-9061

больше 8 лет назад

In WordPress before 4.7.5, a cross-site scripting (XSS) vulnerability ...

CVSS3: 6.1

EPSS: Низкий

CVE-2017-9062

больше 8 лет назад

In WordPress before 4.7.5, there is improper handling of post meta data values in the XML-RPC API.

CVSS3: 8.6

EPSS: Низкий

CVE-2017-9063

больше 8 лет назад

In WordPress before 4.7.5, a cross-site scripting (XSS) vulnerability related to the Customizer exists, involving an invalid customization session.

CVSS3: 6.1

EPSS: Низкий

CVE-2017-9061

больше 8 лет назад

CVSS3: 6.1

EPSS: Низкий

CVE-2017-9066

больше 8 лет назад

In WordPress before 4.7.5, there is insufficient redirect validation in the HTTP class, leading to SSRF.

CVSS3: 8.6

EPSS: Низкий

CVE-2017-9065

больше 8 лет назад

In WordPress before 4.7.5, there is a lack of capability checks for post meta data in the XML-RPC API.

CVSS3: 7.5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
CVE-2017-9063 In WordPress before 4.7.5, a cross-site scripting (XSS) vulnerability ...	CVSS3: 6.1	1% Низкий	больше 8 лет назад
CVE-2017-9062 In WordPress before 4.7.5, there is improper handling of post meta data values in the XML-RPC API.	CVSS3: 8.6	1% Низкий	больше 8 лет назад
CVE-2017-9062 In WordPress before 4.7.5, there is improper handling of post meta dat ...	CVSS3: 8.6	1% Низкий	больше 8 лет назад
CVE-2017-9061 In WordPress before 4.7.5, a cross-site scripting (XSS) vulnerability exists when attempting to upload very large files, because the error message does not properly restrict presentation of the filename.	CVSS3: 6.1	2% Низкий	больше 8 лет назад
CVE-2017-9061 In WordPress before 4.7.5, a cross-site scripting (XSS) vulnerability ...	CVSS3: 6.1	2% Низкий	больше 8 лет назад
CVE-2017-9062 In WordPress before 4.7.5, there is improper handling of post meta data values in the XML-RPC API.	CVSS3: 8.6	1% Низкий	больше 8 лет назад
CVE-2017-9063 In WordPress before 4.7.5, a cross-site scripting (XSS) vulnerability related to the Customizer exists, involving an invalid customization session.	CVSS3: 6.1	1% Низкий	больше 8 лет назад
CVE-2017-9061 In WordPress before 4.7.5, a cross-site scripting (XSS) vulnerability exists when attempting to upload very large files, because the error message does not properly restrict presentation of the filename.	CVSS3: 6.1	2% Низкий	больше 8 лет назад
CVE-2017-9066 In WordPress before 4.7.5, there is insufficient redirect validation in the HTTP class, leading to SSRF.	CVSS3: 8.6	1% Низкий	больше 8 лет назад
CVE-2017-9065 In WordPress before 4.7.5, there is a lack of capability checks for post meta data in the XML-RPC API.	CVSS3: 7.5	2% Низкий	больше 8 лет назад

Уязвимостей на страницу