Wordpress : Security Vulnerabilities, CVEs, Published In 2011 CVSS score between 7 and 10
SQL injection vulnerability in wp-users.php in WordPress Users plugin 1.3 and possibly earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the uid parameter to index.php.
Max CVSS
7.5
EPSS Score
0.14%
Published
2011-12-02
Updated
2017-08-29
wp-includes/taxonomy.php in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Taxonomy query hardening," possibly involving SQL injection.
Max CVSS
7.5
EPSS Score
0.18%
Published
2011-08-10
Updated
2017-08-29
The file upload functionality in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2, when running "on hosts with dangerous security settings," has unknown impact and attack vectors, possibly related to dangerous filenames.
Max CVSS
9.3
EPSS Score
0.32%
Published
2011-08-10
Updated
2016-05-31
Unspecified vulnerability in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Various security hardening."
Max CVSS
10.0
EPSS Score
0.31%
Published
2011-08-10
Updated
2017-08-29
Unspecified vulnerability in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Media security."
Max CVSS
10.0
EPSS Score
0.38%
Published
2011-08-10
Updated
2017-08-29
5 vulnerabilities found