cpe:2.3:a:wordpress:wordpress:1.5.1:*:*:*:*:*:*:*
WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to lack of proper sanitization in one of the classes, there's potential for unintended SQL queries to be executed. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 4.1.34. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this issue.
Max CVSS
8.8
EPSS Score
0.47%
Published
2022-01-06
Updated
2022-04-12
WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Low-privileged authenticated users (like author) in WordPress core are able to execute JavaScript/perform stored XSS attack, which can affect high-privileged users. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 3.7.37. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this issue.
Max CVSS
8.0
EPSS Score
0.36%
Published
2022-01-06
Updated
2022-04-12
WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to improper sanitization in WP_Query, there can be cases where SQL injection is possible through plugins or themes that use it in a certain way. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 3.7.37. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this vulnerability.
Max CVSS
8.0
EPSS Score
93.54%
Published
2022-01-06
Updated
2022-04-12
WordPress before 5.8 lacks support for the Update URI plugin header. This makes it easier for remote attackers to execute arbitrary code via a supply-chain attack against WordPress installations that use any plugin for which the slug satisfies the naming constraints of the WordPress.org Plugin Directory but is not yet present in that directory.
Max CVSS
9.8
EPSS Score
0.68%
Published
2021-11-25
Updated
2021-11-30
is_protected_meta in wp-includes/meta.php in WordPress before 5.5.2 allows arbitrary file deletion because it does not properly determine whether a meta key is considered protected.
Max CVSS
9.1
EPSS Score
0.33%
Published
2020-11-02
Updated
2022-06-29
is_blog_installed in wp-includes/functions.php in WordPress before 5.5.2 improperly determines whether WordPress is already installed, which might allow an attacker to perform a new installation, leading to remote code execution (as well as a denial of service for the old installation).
Max CVSS
9.8
EPSS Score
2.42%
Published
2020-11-02
Updated
2022-04-28
wp-includes/class-wp-xmlrpc-server.php in WordPress before 5.5.2 allows attackers to gain privileges by using XML-RPC to comment on a post.
Max CVSS
9.8
EPSS Score
0.73%
Published
2020-11-02
Updated
2022-04-28
WordPress before 5.5.2 allows attackers to gain privileges via XML-RPC.
Max CVSS
9.8
EPSS Score
0.29%
Published
2020-11-02
Updated
2022-04-28
WordPress before 5.5.2 mishandles deserialization requests in wp-includes/Requests/Utility/FilteredIterator.php.
Max CVSS
9.8
EPSS Score
0.71%
Published
2020-11-02
Updated
2022-06-29
wp_kses_bad_protocol in wp-includes/kses.php in WordPress before 5.3.1 mishandles the HTML5 colon named entity, allowing attackers to bypass input sanitization, as demonstrated by the javascript: substring.
Max CVSS
9.8
EPSS Score
0.62%
Published
2019-12-27
Updated
2022-11-23
WordPress before 5.2.4 does not properly consider type confusion during validation of the referer in the admin pages, possibly leading to CSRF.
Max CVSS
8.8
EPSS Score
0.20%
Published
2019-10-17
Updated
2023-02-03
WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because Windows paths are mishandled during certain validation of relative URLs.
Max CVSS
9.8
EPSS Score
0.71%
Published
2019-10-17
Updated
2022-11-07
WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because URL validation does not consider the interpretation of a name as a series of hex characters.
Max CVSS
9.8
EPSS Score
1.53%
Published
2019-10-17
Updated
2023-02-03
WordPress before 5.1.1 does not properly filter comment content, leading to Remote Code Execution by unauthenticated users in a default configuration. This occurs because CSRF protection is mishandled, and because Search Engine Optimization of A elements is performed incorrectly, leading to XSS. The XSS results in administrative access, which allows arbitrary changes to .php files. This is related to wp-admin/includes/ajax-actions.php and wp-includes/comment.php.
Max CVSS
8.8
EPSS Score
83.67%
Published
2019-03-14
Updated
2019-03-31

CVE-2019-8942

Public exploit
WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an _wp_attached_file Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image containing PHP code in the Exif metadata. Exploitation can leverage CVE-2019-8943.
Max CVSS
8.8
EPSS Score
95.71%
Published
2019-02-20
Updated
2021-07-21
WordPress version 4.9.8 and earlier contains a CWE-20 Input Validation vulnerability in thumbnail processing that can result in remote code execution due to an incomplete fix for CVE-2017-1000600. This attack appears to be exploitable via thumbnail upload by an authenticated user and may require additional plugins in order to be exploited however this has not been confirmed at this time.
Max CVSS
8.8
EPSS Score
0.99%
Published
2018-09-06
Updated
2018-11-14
In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could conduct PHP object injection attacks via crafted metadata in a wp.getMediaItem XMLRPC call. This is caused by mishandling of serialized data at phar:// URLs in the wp_get_attachment_thumb_file function in wp-includes/post.php.
Max CVSS
9.8
EPSS Score
1.58%
Published
2018-12-14
Updated
2019-03-04
WordPress through 4.9.6 allows Author users to execute arbitrary code by leveraging directory traversal in the wp-admin/post.php thumb parameter, which is passed to the PHP unlink function and can delete the wp-config.php file. This is related to missing filename validation in the wp-includes/post.php wp_delete_attachment function. The attacker must have capabilities for files and posts that are normally available only to the Author, Editor, and Administrator roles. The attack methodology is to delete wp-config.php and then launch a new installation process to increase the attacker's privileges.
Max CVSS
8.8
EPSS Score
82.32%
Published
2018-06-26
Updated
2021-11-05
WordPress version <4.9 contains a CWE-20 Input Validation vulnerability in thumbnail processing that can result in remote code execution. This attack appears to be exploitable via thumbnail upload by an authenticated user and may require additional plugins in order to be exploited however this has not been confirmed at this time. This issue appears to have been partially, but not completely fixed in WordPress 4.9
Max CVSS
8.8
EPSS Score
0.99%
Published
2018-09-06
Updated
2018-10-26
wp-admin/user-new.php in WordPress before 4.9.1 sets the newbloguser key to a string that can be directly derived from the user ID, which allows remote attackers to bypass intended access restrictions by entering this string.
Max CVSS
8.8
EPSS Score
0.37%
Published
2017-12-02
Updated
2019-10-03
WordPress before 4.8.3 is affected by an issue where $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi) in plugins and themes, as demonstrated by a "double prepare" approach, a different vulnerability than CVE-2017-14723.
Max CVSS
9.8
EPSS Score
0.39%
Published
2017-11-02
Updated
2018-02-04
Before version 4.8.2, WordPress mishandled % characters and additional placeholder values in $wpdb->prepare, and thus did not properly address the possibility of plugins and themes enabling SQL injection attacks.
Max CVSS
9.8
EPSS Score
0.38%
Published
2017-09-23
Updated
2017-11-10
In WordPress before 4.7.5, there is insufficient redirect validation in the HTTP class, leading to SSRF.
Max CVSS
8.6
EPSS Score
1.08%
Published
2017-05-18
Updated
2019-03-15
In WordPress before 4.7.5, a Cross Site Request Forgery (CSRF) vulnerability exists in the filesystem credentials dialog because a nonce is not required for updating credentials.
Max CVSS
8.8
EPSS Score
0.44%
Published
2017-05-18
Updated
2019-03-15
In WordPress before 4.7.5, there is improper handling of post meta data values in the XML-RPC API.
Max CVSS
8.6
EPSS Score
0.62%
Published
2017-05-18
Updated
2019-10-03
41 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!