Wordpress : Security Vulnerabilities, CVEs, Published In 2019 CVSS score >= 6
In wp-includes/formatting.php in WordPress 3.7 to 5.3.0, the function wp_targeted_link_rel() can be used in a particular way to result in a stored cross-site scripting (XSS) vulnerability. This has been patched in WordPress 5.3.1, along with all the previous WordPress versions from 3.7 to 5.3 via a minor release.
Max CVSS
6.1
EPSS Score
0.27%
Published
2019-12-27
Updated
2023-01-19
wp_kses_bad_protocol in wp-includes/kses.php in WordPress before 5.3.1 mishandles the HTML5 colon named entity, allowing attackers to bypass input sanitization, as demonstrated by the javascript: substring.
Max CVSS
9.8
EPSS Score
0.62%
Published
2019-12-27
Updated
2022-11-23
WordPress before 5.2.4 does not properly consider type confusion during validation of the referer in the admin pages, possibly leading to CSRF.
Max CVSS
8.8
EPSS Score
0.20%
Published
2019-10-17
Updated
2023-02-03
WordPress before 5.2.4 is vulnerable to poisoning of the cache of JSON GET requests because certain requests lack a Vary: Origin header.
Max CVSS
7.5
EPSS Score
0.42%
Published
2019-10-17
Updated
2022-03-31
WordPress before 5.2.4 is vulnerable to a stored XSS attack to inject JavaScript into STYLE elements.
Max CVSS
6.1
EPSS Score
1.69%
Published
2019-10-17
Updated
2023-02-03
WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because Windows paths are mishandled during certain validation of relative URLs.
Max CVSS
9.8
EPSS Score
0.71%
Published
2019-10-17
Updated
2022-11-07
WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because URL validation does not consider the interpretation of a name as a series of hex characters.
Max CVSS
9.8
EPSS Score
1.53%
Published
2019-10-17
Updated
2023-02-03
WordPress before 5.2.3 has an issue with URL sanitization in wp_kses_bad_protocol_once in wp-includes/kses.php that can lead to cross-site scripting (XSS) attacks.
Max CVSS
6.1
EPSS Score
0.60%
Published
2019-09-11
Updated
2023-01-31
WordPress before 5.2.3 allows reflected XSS in the dashboard.
Max CVSS
6.1
EPSS Score
1.02%
Published
2019-09-11
Updated
2023-01-31
In WordPress before 5.2.3, validation and sanitization of a URL in wp_validate_redirect in wp-includes/pluggable.php could lead to an open redirect.
Max CVSS
6.1
EPSS Score
0.18%
Published
2019-09-11
Updated
2023-01-31
WordPress before 5.2.3 allows XSS in shortcode previews.
Max CVSS
6.1
EPSS Score
5.96%
Published
2019-09-11
Updated
2023-01-31
WordPress before 5.2.3 allows XSS in stored comments.
Max CVSS
6.1
EPSS Score
1.02%
Published
2019-09-11
Updated
2023-01-31
WordPress before 5.2.3 allows XSS in media uploads because wp_ajax_upload_attachment is mishandled.
Max CVSS
6.1
EPSS Score
1.06%
Published
2019-09-11
Updated
2023-01-31
WordPress before 5.1.1 does not properly filter comment content, leading to Remote Code Execution by unauthenticated users in a default configuration. This occurs because CSRF protection is mishandled, and because Search Engine Optimization of A elements is performed incorrectly, leading to XSS. The XSS results in administrative access, which allows arbitrary changes to .php files. This is related to wp-admin/includes/ajax-actions.php and wp-includes/comment.php.
Max CVSS
8.8
EPSS Score
83.67%
Published
2019-03-14
Updated
2019-03-31
CVE-2019-8943
Public exploit
WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An attacker (who has privileges to crop an image) can write the output image to an arbitrary directory via a filename containing two image extensions and ../ sequences, such as a filename ending with the .jpg?/../../file.jpg substring.
Max CVSS
6.5
EPSS Score
95.88%
Published
2019-02-20
Updated
2021-02-23
CVE-2019-8942
Public exploit
WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an _wp_attached_file Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image containing PHP code in the Exif metadata. Exploitation can leverage CVE-2019-8943.
Max CVSS
8.8
EPSS Score
95.71%
Published
2019-02-20
Updated
2021-07-21
16 vulnerabilities found