SQL injection vulnerability in wp-users.php in WordPress Users plugin 1.3 and possibly earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the uid parameter to index.php.
Max CVSS
7.5
EPSS Score
0.14%
Published
2011-12-02
Updated
2017-08-29
wp-includes/taxonomy.php in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Taxonomy query hardening," possibly involving SQL injection.
Max CVSS
7.5
EPSS Score
0.18%
Published
2011-08-10
Updated
2017-08-29
The file upload functionality in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2, when running "on hosts with dangerous security settings," has unknown impact and attack vectors, possibly related to dangerous filenames.
Max CVSS
9.3
EPSS Score
0.32%
Published
2011-08-10
Updated
2016-05-31
Unspecified vulnerability in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Various security hardening."
Max CVSS
10.0
EPSS Score
0.31%
Published
2011-08-10
Updated
2017-08-29
Unspecified vulnerability in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Media security."
Max CVSS
10.0
EPSS Score
0.38%
Published
2011-08-10
Updated
2017-08-29
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!