Количество 1 906
Количество 1 906
CVE-2019-16223
WordPress before 5.2.3 allows XSS in post previews by authenticated us ...
CVE-2019-16222
WordPress before 5.2.3 has an issue with URL sanitization in wp_kses_bad_protocol_once in wp-includes/kses.php that can lead to cross-site scripting (XSS) attacks.
CVE-2019-16222
WordPress before 5.2.3 has an issue with URL sanitization in wp_kses_bad_protocol_once in wp-includes/kses.php that can lead to cross-site scripting (XSS) attacks.
CVE-2019-16222
WordPress before 5.2.3 has an issue with URL sanitization in wp_kses_b ...
CVE-2019-16221
WordPress before 5.2.3 allows reflected XSS in the dashboard.
CVE-2019-16221
WordPress before 5.2.3 allows reflected XSS in the dashboard.
CVE-2019-16221
WordPress before 5.2.3 allows reflected XSS in the dashboard.
CVE-2019-16220
In WordPress before 5.2.3, validation and sanitization of a URL in wp_validate_redirect in wp-includes/pluggable.php could lead to an open redirect if a provided URL path does not start with a forward slash.
CVE-2019-16220
In WordPress before 5.2.3, validation and sanitization of a URL in wp_validate_redirect in wp-includes/pluggable.php could lead to an open redirect if a provided URL path does not start with a forward slash.
CVE-2019-16220
In WordPress before 5.2.3, validation and sanitization of a URL in wp_ ...
CVE-2019-16219
WordPress before 5.2.3 allows XSS in shortcode previews.
CVE-2019-16219
WordPress before 5.2.3 allows XSS in shortcode previews.
CVE-2019-16219
WordPress before 5.2.3 allows XSS in shortcode previews.
CVE-2019-16218
WordPress before 5.2.3 allows XSS in stored comments.
CVE-2019-16218
WordPress before 5.2.3 allows XSS in stored comments.
CVE-2019-16218
WordPress before 5.2.3 allows XSS in stored comments.
CVE-2019-16217
WordPress before 5.2.3 allows XSS in media uploads because wp_ajax_upload_attachment is mishandled.
CVE-2019-16217
WordPress before 5.2.3 allows XSS in media uploads because wp_ajax_upload_attachment is mishandled.
CVE-2019-16217
WordPress before 5.2.3 allows XSS in media uploads because wp_ajax_upl ...
CVE-2018-6389
In WordPress through 4.9.2, unauthenticated attackers can cause a denial of service (resource consumption) by using the large list of registered .js files (from wp-includes/script-loader.php) to construct a series of requests to load every file many times.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| CVE-2019-16223 WordPress before 5.2.3 allows XSS in post previews by authenticated us ... | CVSS3: 5.4 | 4% Низкий | больше 6 лет назад |
 | CVE-2019-16222 WordPress before 5.2.3 has an issue with URL sanitization in wp_kses_bad_protocol_once in wp-includes/kses.php that can lead to cross-site scripting (XSS) attacks. | CVSS3: 6.1 | 2% Низкий | больше 6 лет назад |
 | CVE-2019-16222 WordPress before 5.2.3 has an issue with URL sanitization in wp_kses_bad_protocol_once in wp-includes/kses.php that can lead to cross-site scripting (XSS) attacks. | CVSS3: 6.1 | 2% Низкий | больше 6 лет назад |
| CVE-2019-16222 WordPress before 5.2.3 has an issue with URL sanitization in wp_kses_b ... | CVSS3: 6.1 | 2% Низкий | больше 6 лет назад |
| CVE-2019-16221 WordPress before 5.2.3 allows reflected XSS in the dashboard. | CVSS3: 6.1 | 2% Низкий | больше 6 лет назад |
| CVE-2019-16221 WordPress before 5.2.3 allows reflected XSS in the dashboard. | CVSS3: 6.1 | 2% Низкий | больше 6 лет назад |
| CVE-2019-16221 WordPress before 5.2.3 allows reflected XSS in the dashboard. | CVSS3: 6.1 | 2% Низкий | больше 6 лет назад |
| CVE-2019-16220 In WordPress before 5.2.3, validation and sanitization of a URL in wp_validate_redirect in wp-includes/pluggable.php could lead to an open redirect if a provided URL path does not start with a forward slash. | CVSS3: 6.1 | 1% Низкий | больше 6 лет назад |
| CVE-2019-16220 In WordPress before 5.2.3, validation and sanitization of a URL in wp_validate_redirect in wp-includes/pluggable.php could lead to an open redirect if a provided URL path does not start with a forward slash. | CVSS3: 6.1 | 1% Низкий | больше 6 лет назад |
| CVE-2019-16220 In WordPress before 5.2.3, validation and sanitization of a URL in wp_ ... | CVSS3: 6.1 | 1% Низкий | больше 6 лет назад |
| CVE-2019-16219 WordPress before 5.2.3 allows XSS in shortcode previews. | CVSS3: 6.1 | 5% Низкий | больше 6 лет назад |
| CVE-2019-16219 WordPress before 5.2.3 allows XSS in shortcode previews. | CVSS3: 6.1 | 5% Низкий | больше 6 лет назад |
| CVE-2019-16219 WordPress before 5.2.3 allows XSS in shortcode previews. | CVSS3: 6.1 | 5% Низкий | больше 6 лет назад |
| CVE-2019-16218 WordPress before 5.2.3 allows XSS in stored comments. | CVSS3: 6.1 | 2% Низкий | больше 6 лет назад |
| CVE-2019-16218 WordPress before 5.2.3 allows XSS in stored comments. | CVSS3: 6.1 | 2% Низкий | больше 6 лет назад |
| CVE-2019-16218 WordPress before 5.2.3 allows XSS in stored comments. | CVSS3: 6.1 | 2% Низкий | больше 6 лет назад |
| CVE-2019-16217 WordPress before 5.2.3 allows XSS in media uploads because wp_ajax_upload_attachment is mishandled. | CVSS3: 6.1 | 3% Низкий | больше 6 лет назад |
| CVE-2019-16217 WordPress before 5.2.3 allows XSS in media uploads because wp_ajax_upload_attachment is mishandled. | CVSS3: 6.1 | 3% Низкий | больше 6 лет назад |
| CVE-2019-16217 WordPress before 5.2.3 allows XSS in media uploads because wp_ajax_upl ... | CVSS3: 6.1 | 3% Низкий | больше 6 лет назад |
| CVE-2018-6389 In WordPress through 4.9.2, unauthenticated attackers can cause a denial of service (resource consumption) by using the large list of registered .js files (from wp-includes/script-loader.php) to construct a series of requests to load every file many times. | CVSS3: 7.5 | 87% Высокий | почти 8 лет назад |
Уязвимостей на страницу