cpe:2.3:a:wordpress:wordpress:1.5.2:*:*:*:*:*:*:*
WordPress before 5.8 lacks support for the Update URI plugin header. This makes it easier for remote attackers to execute arbitrary code via a supply-chain attack against WordPress installations that use any plugin for which the slug satisfies the naming constraints of the WordPress.org Plugin Directory but is not yet present in that directory.
Max CVSS
9.8
EPSS Score
0.68%
Published
2021-11-25
Updated
2021-11-30
is_protected_meta in wp-includes/meta.php in WordPress before 5.5.2 allows arbitrary file deletion because it does not properly determine whether a meta key is considered protected.
Max CVSS
9.1
EPSS Score
0.33%
Published
2020-11-02
Updated
2022-06-29
is_blog_installed in wp-includes/functions.php in WordPress before 5.5.2 improperly determines whether WordPress is already installed, which might allow an attacker to perform a new installation, leading to remote code execution (as well as a denial of service for the old installation).
Max CVSS
9.8
EPSS Score
2.42%
Published
2020-11-02
Updated
2022-04-28
wp-includes/class-wp-xmlrpc-server.php in WordPress before 5.5.2 allows attackers to gain privileges by using XML-RPC to comment on a post.
Max CVSS
9.8
EPSS Score
0.73%
Published
2020-11-02
Updated
2022-04-28
WordPress before 5.5.2 allows attackers to gain privileges via XML-RPC.
Max CVSS
9.8
EPSS Score
0.29%
Published
2020-11-02
Updated
2022-04-28
WordPress before 5.5.2 mishandles deserialization requests in wp-includes/Requests/Utility/FilteredIterator.php.
Max CVSS
9.8
EPSS Score
0.71%
Published
2020-11-02
Updated
2022-06-29
wp_kses_bad_protocol in wp-includes/kses.php in WordPress before 5.3.1 mishandles the HTML5 colon named entity, allowing attackers to bypass input sanitization, as demonstrated by the javascript: substring.
Max CVSS
9.8
EPSS Score
0.62%
Published
2019-12-27
Updated
2022-11-23
WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because Windows paths are mishandled during certain validation of relative URLs.
Max CVSS
9.8
EPSS Score
0.71%
Published
2019-10-17
Updated
2022-11-07
WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because URL validation does not consider the interpretation of a name as a series of hex characters.
Max CVSS
9.8
EPSS Score
1.53%
Published
2019-10-17
Updated
2023-02-03
In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could conduct PHP object injection attacks via crafted metadata in a wp.getMediaItem XMLRPC call. This is caused by mishandling of serialized data at phar:// URLs in the wp_get_attachment_thumb_file function in wp-includes/post.php.
Max CVSS
9.8
EPSS Score
1.58%
Published
2018-12-14
Updated
2019-03-04
WordPress before 4.8.3 is affected by an issue where $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi) in plugins and themes, as demonstrated by a "double prepare" approach, a different vulnerability than CVE-2017-14723.
Max CVSS
9.8
EPSS Score
0.39%
Published
2017-11-02
Updated
2018-02-04
Before version 4.8.2, WordPress mishandled % characters and additional placeholder values in $wpdb->prepare, and thus did not properly address the possibility of plugins and themes enabling SQL injection attacks.
Max CVSS
9.8
EPSS Score
0.38%
Published
2017-09-23
Updated
2017-11-10
SQL injection vulnerability in wp-includes/class-wp-query.php in WP_Query in WordPress before 4.7.2 allows remote attackers to execute arbitrary SQL commands by leveraging the presence of an affected plugin or theme that mishandles a crafted post type name.
Max CVSS
9.8
EPSS Score
0.32%
Published
2017-01-30
Updated
2021-01-30

CVE-2016-10045

Public exploit
The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal escaping performed in the mail function in PHP. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-10033.
Max CVSS
9.8
EPSS Score
96.69%
Published
2016-12-30
Updated
2021-09-30

CVE-2016-10033

Public exploit
The mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property.
Max CVSS
9.8
EPSS Score
97.13%
Published
2016-12-30
Updated
2021-09-30
Unspecified vulnerability in wp-includes/js/swfobject.js in WordPress before 3.3.2 has unknown impact and attack vectors.
Max CVSS
10.0
EPSS Score
0.53%
Published
2012-04-21
Updated
2017-12-19
Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFupload 2.2.0.1 and earlier, as used in WordPress before 3.5.2, TinyMCE Image Manager 1.1 and earlier, and other products allows remote attackers to inject arbitrary web script or HTML via the buttonText parameter, a different vulnerability than CVE-2012-3414.
Max CVSS
10.0
EPSS Score
1.46%
Published
2012-04-21
Updated
2017-12-19
Wordpress before 2.8.3 allows remote attackers to gain privileges via a direct request to (1) admin-footer.php, (2) edit-category-form.php, (3) edit-form-advanced.php, (4) edit-form-comment.php, (5) edit-link-category-form.php, (6) edit-link-form.php, (7) edit-page-form.php, and (8) edit-tag-form.php in wp-admin/.
Max CVSS
10.0
EPSS Score
1.39%
Published
2009-08-18
Updated
2017-11-16
The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3 and earlier, as used in (1) ampache, (2) libphp-snoopy, (3) mahara, (4) mediamate, (5) opendb, (6) pixelpost, and possibly other products, allows remote attackers to execute arbitrary commands via shell metacharacters in https URLs.
Max CVSS
10.0
EPSS Score
1.12%
Published
2008-10-30
Updated
2021-09-30
Directory traversal vulnerability in the get_category_template function in wp-includes/theme.php in WordPress 2.3.3 and earlier, and 2.5, allows remote attackers to include and possibly execute arbitrary PHP files via the cat parameter in index.php. NOTE: some of these details are obtained from third party information.
Max CVSS
9.3
EPSS Score
0.85%
Published
2008-10-28
Updated
2017-08-08
Unrestricted file upload vulnerability in WordPress 2.5.1 and earlier might allow remote authenticated administrators to upload and execute arbitrary PHP files via the Upload section in the Write Tabs area of the dashboard.
Max CVSS
9.0
EPSS Score
0.19%
Published
2008-05-21
Updated
2018-10-31
Wordpress 1.5 through 2.3.1 uses cookie values based on the MD5 hash of a password MD5 hash, which allows attackers to bypass authentication by obtaining the MD5 hash from the user database, then generating the authentication cookie from that hash.
Max CVSS
9.8
EPSS Score
0.78%
Published
2007-11-19
Updated
2024-02-09
22 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!