Cross-Site Request Forgery (CSRF) vulnerability in WordPress Performance Team Performance Lab plugin <= 2.2.0 versions.
Source: Patchstack
Max CVSS
8.8
EPSS Score
0.06%
Published
2023-05-25
Updated
2023-06-01
Cross-Site Request Forgery (CSRF) vulnerability in The WordPress.Org community Health Check & Troubleshooting plugin <= 1.5.1 versions.
Source: Patchstack
Max CVSS
8.8
EPSS Score
0.06%
Published
2023-05-25
Updated
2023-05-30
WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to lack of proper sanitization in one of the classes, there's potential for unintended SQL queries to be executed. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 4.1.34. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this issue.
Source: GitHub, Inc.
Max CVSS
8.8
EPSS Score
0.47%
Published
2022-01-06
Updated
2022-04-12
WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Low-privileged authenticated users (like author) in WordPress core are able to execute JavaScript/perform stored XSS attack, which can affect high-privileged users. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 3.7.37. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this issue.
Source: GitHub, Inc.
Max CVSS
8.0
EPSS Score
0.36%
Published
2022-01-06
Updated
2022-04-12
WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to improper sanitization in WP_Query, there can be cases where SQL injection is possible through plugins or themes that use it in a certain way. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 3.7.37. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this vulnerability.
Source: GitHub, Inc.
Max CVSS
8.0
EPSS Score
94.44%
Published
2022-01-06
Updated
2022-04-12
In affected versions of WordPress, a password reset link emailed to a user does not expire upon changing the user password. Access would be needed to the email account of the user by a malicious party for successful execution. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33).
Source: GitHub, Inc.
Max CVSS
8.1
EPSS Score
0.80%
Published
2020-04-30
Updated
2023-06-20
In affected versions of WordPress, files with a specially crafted name when uploaded to the Media section can lead to script execution upon accessing the file. This requires an authenticated user with privileges to upload files. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33).
Source: GitHub, Inc.
Max CVSS
8.7
EPSS Score
0.32%
Published
2020-04-30
Updated
2023-03-01
WordPress before 5.2.4 does not properly consider type confusion during validation of the referer in the admin pages, possibly leading to CSRF.
Source: MITRE
Max CVSS
8.8
EPSS Score
0.20%
Published
2019-10-17
Updated
2023-02-03
WordPress before 5.1.1 does not properly filter comment content, leading to Remote Code Execution by unauthenticated users in a default configuration. This occurs because CSRF protection is mishandled, and because Search Engine Optimization of A elements is performed incorrectly, leading to XSS. The XSS results in administrative access, which allows arbitrary changes to .php files. This is related to wp-admin/includes/ajax-actions.php and wp-includes/comment.php.
Source: MITRE
Max CVSS
8.8
EPSS Score
83.67%
Published
2019-03-14
Updated
2019-03-31

CVE-2019-8942

Public exploit
WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an _wp_attached_file Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image containing PHP code in the Exif metadata. Exploitation can leverage CVE-2019-8943.
Source: MITRE
Max CVSS
8.8
EPSS Score
95.71%
Published
2019-02-20
Updated
2021-07-21
WordPress version 4.9.8 and earlier contains a CWE-20 Input Validation vulnerability in thumbnail processing that can result in remote code execution due to an incomplete fix for CVE-2017-1000600. This attack appears to be exploitable via thumbnail upload by an authenticated user and may require additional plugins in order to be exploited however this has not been confirmed at this time.
Source: MITRE
Max CVSS
8.8
EPSS Score
0.99%
Published
2018-09-06
Updated
2018-11-14
PHPMailer before 5.2.27 and 6.x before 6.0.6 is vulnerable to an object injection attack.
Source: MITRE
Max CVSS
8.8
EPSS Score
0.63%
Published
2018-11-16
Updated
2022-12-02
WordPress through 4.9.6 allows Author users to execute arbitrary code by leveraging directory traversal in the wp-admin/post.php thumb parameter, which is passed to the PHP unlink function and can delete the wp-config.php file. This is related to missing filename validation in the wp-includes/post.php wp_delete_attachment function. The attacker must have capabilities for files and posts that are normally available only to the Author, Editor, and Administrator roles. The attack methodology is to delete wp-config.php and then launch a new installation process to increase the attacker's privileges.
Source: MITRE
Max CVSS
8.8
EPSS Score
53.46%
Published
2018-06-26
Updated
2021-11-05
WordPress version <4.9 contains a CWE-20 Input Validation vulnerability in thumbnail processing that can result in remote code execution. This attack appears to be exploitable via thumbnail upload by an authenticated user and may require additional plugins in order to be exploited however this has not been confirmed at this time. This issue appears to have been partially, but not completely fixed in WordPress 4.9
Source: MITRE
Max CVSS
8.8
EPSS Score
0.99%
Published
2018-09-06
Updated
2018-10-26
wp-admin/user-new.php in WordPress before 4.9.1 sets the newbloguser key to a string that can be directly derived from the user ID, which allows remote attackers to bypass intended access restrictions by entering this string.
Source: MITRE
Max CVSS
8.8
EPSS Score
0.37%
Published
2017-12-02
Updated
2019-10-03
In WordPress before 4.7.5, there is insufficient redirect validation in the HTTP class, leading to SSRF.
Source: MITRE
Max CVSS
8.6
EPSS Score
1.08%
Published
2017-05-18
Updated
2019-03-15
In WordPress before 4.7.5, a Cross Site Request Forgery (CSRF) vulnerability exists in the filesystem credentials dialog because a nonce is not required for updating credentials.
Source: MITRE
Max CVSS
8.8
EPSS Score
0.44%
Published
2017-05-18
Updated
2019-03-15
In WordPress before 4.7.5, there is improper handling of post meta data values in the XML-RPC API.
Source: MITRE
Max CVSS
8.6
EPSS Score
0.62%
Published
2017-05-18
Updated
2019-10-03
Cross-site request forgery (CSRF) vulnerability in the widget-editing accessibility-mode feature in WordPress before 4.7.1 allows remote attackers to hijack the authentication of unspecified victims for requests that perform a widgets-access action, related to wp-admin/includes/class-wp-screen.php and wp-admin/widgets.php.
Source: MITRE
Max CVSS
8.8
EPSS Score
0.28%
Published
2017-01-15
Updated
2017-11-04
Cross-site request forgery (CSRF) vulnerability in WordPress before 4.7.1 allows remote attackers to hijack the authentication of unspecified victims via vectors involving a Flash file upload.
Source: MITRE
Max CVSS
8.8
EPSS Score
0.27%
Published
2017-01-15
Updated
2017-11-04
Cross-site request forgery (CSRF) vulnerability in the wp_ajax_wp_compression_test function in wp-admin/includes/ajax-actions.php in WordPress before 4.5 allows remote attackers to hijack the authentication of administrators for requests that change the script compression option.
Source: MITRE
Max CVSS
8.8
EPSS Score
0.13%
Published
2016-08-07
Updated
2017-11-04
WordPress before 4.5 does not consider octal and hexadecimal IP address formats when determining an intranet address, which allows remote attackers to bypass an intended SSRF protection mechanism via a crafted address.
Source: MITRE
Max CVSS
8.6
EPSS Score
0.54%
Published
2016-08-07
Updated
2024-02-08
The wp_http_validate_url function in wp-includes/http.php in WordPress before 4.4.2 allows remote attackers to conduct server-side request forgery (SSRF) attacks via a zero value in the first octet of an IPv4 address in the u parameter to wp-admin/press-this.php.
Source: Debian GNU/Linux
Max CVSS
8.6
EPSS Score
1.32%
Published
2016-05-22
Updated
2017-11-04
WordPress before 4.4 makes it easier for remote attackers to predict password-recovery tokens via a brute-force approach.
Source: MITRE
Max CVSS
8.1
EPSS Score
1.22%
Published
2018-04-12
Updated
2018-05-17
A vulnerability was found in Blogger Importer Plugin up to 0.5 on WordPress. It has been classified as problematic. Affected is the function start/restart of the file blogger-importer.php. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. Upgrading to version 0.6 is able to address this issue. The patch is identified as b83fa4f862b0f19a54cfee76060ec9c2e7f7ca70. It is recommended to upgrade the affected component. VDB-230658 is the identifier assigned to this vulnerability.
Source: VulDB
Max CVSS
8.8
EPSS Score
0.11%
Published
2023-06-04
Updated
2024-05-17
26 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!