Wordpress : Security Vulnerabilities (Bypass)

CVSS Scores Greater Than: 0 1 2 3 4 5 6 7 8 9

Sort Results By : CVE Number Descending CVE Number Ascending CVSS Score Descending Number Of Exploits Descending

#	CVE ID	CWE ID	# of Exploits	Vulnerability Type(s)	Publish Date	Update Date	Score	Gained Access Level	Access	Complexity	Authentication	Conf.	Integ.	Avail.
1	CVE-2017-17091	284		Bypass	2017-12-02	2018-02-03	6.5	None	Remote	Low	Single system	Partial	Partial	Partial
wp-admin/user-new.php in WordPress before 4.9.1 sets the newbloguser key to a string that can be directly derived from the user ID, which allows remote attackers to bypass intended access restrictions by entering this string.
2	CVE-2017-5610	200		Bypass +Info	2017-01-29	2017-11-03	5.0	None	Remote	Low	Not required	Partial	None	None
wp-admin/includes/class-wp-press-this.php in Press This in WordPress before 4.7.2 does not properly restrict visibility of a taxonomy-assignment user interface, which allows remote attackers to bypass intended access restrictions by reading terms.
3	CVE-2017-5493	310		Bypass	2017-01-14	2017-11-03	5.0	None	Remote	Low	Not required	None	Partial	None
wp-includes/ms-functions.php in the Multisite WordPress API in WordPress before 4.7.1 does not properly choose random numbers for keys, which makes it easier for remote attackers to bypass intended access restrictions via a crafted (1) site signup or (2) user signup.
4	CVE-2017-5491	254		Bypass	2017-01-14	2017-11-03	5.0	None	Remote	Low	Not required	None	Partial	None
wp-mail.php in WordPress before 4.7.1 might allow remote attackers to bypass intended posting restrictions via a spoofed mail server with the mail.example.com name.
5	CVE-2016-10148	284		Bypass	2017-01-18	2017-03-15	4.0	None	Remote	Low	Single system	Partial	None	None
The wp_ajax_update_plugin function in wp-admin/includes/ajax-actions.php in WordPress before 4.6 makes a get_plugin_data call before checking the update_plugins capability, which allows remote authenticated users to bypass intended read-access restrictions via the plugin parameter to wp-admin/admin-ajax.php, a related issue to CVE-2016-6896.
6	CVE-2016-5839			Bypass	2016-06-29	2016-11-28	5.0	None	Remote	Low	Not required	None	Partial	None
WordPress before 4.5.3 allows remote attackers to bypass the sanitize_file_name protection mechanism via unspecified vectors.
7	CVE-2016-5838	255		Bypass	2016-06-29	2016-11-29	5.0	None	Remote	Low	Not required	None	Partial	None
WordPress before 4.5.3 allows remote attackers to bypass intended password-change restrictions by leveraging knowledge of a cookie.
8	CVE-2016-5837			Bypass	2016-06-29	2016-11-29	5.0	None	Remote	Low	Not required	None	Partial	None
WordPress before 4.5.3 allows remote attackers to bypass intended access restrictions and remove a category attribute from a post via unspecified vectors.
9	CVE-2016-5832			Bypass	2016-06-29	2016-11-29	5.0	None	Remote	Low	Not required	None	Partial	None
The customizer in WordPress before 4.5.3 allows remote attackers to bypass intended redirection restrictions via unspecified vectors.
10	CVE-2016-4029	285		Bypass	2016-08-07	2017-11-03	5.0	None	Remote	Low	Not required	None	Partial	None
WordPress before 4.5 does not consider octal and hexadecimal IP address formats when determining an intranet address, which allows remote attackers to bypass an intended SSRF protection mechanism via a crafted address.
11	CVE-2015-5715	264		Bypass	2016-05-21	2017-11-03	4.0	None	Remote	Low	Single system	None	Partial	None
The mw_editPost function in wp-includes/class-wp-xmlrpc-server.php in the XMLRPC subsystem in WordPress before 4.3.1 allows remote authenticated users to bypass intended access restrictions, and arrange for a private post to be published and sticky, via unspecified vectors.
12	CVE-2015-5623	284		Bypass	2015-08-03	2017-09-20	4.0	None	Remote	Low	Single system	None	Partial	None
WordPress before 4.2.3 does not properly verify the edit_posts capability, which allows remote authenticated users to bypass intended access restrictions and create drafts by leveraging the Subscriber role, as demonstrated by a post-quickdraft-save action to wp-admin/post.php.
13	CVE-2014-5205	352		Bypass CSRF	2014-08-18	2014-11-13	6.8	None	Remote	Medium	Not required	Partial	Partial	Partial
wp-includes/pluggable.php in WordPress before 3.9.2 does not use delimiters during concatenation of action values and uid values in CSRF tokens, which makes it easier for remote attackers to bypass a CSRF protection mechanism via a brute-force attack.
14	CVE-2014-5204	352		Bypass CSRF	2014-08-18	2015-11-25	6.8	None	Remote	Medium	Not required	Partial	Partial	Partial
wp-includes/pluggable.php in WordPress before 3.9.2 rejects invalid CSRF nonces with a different timing depending on which characters in the nonce are incorrect, which makes it easier for remote attackers to bypass a CSRF protection mechanism via a brute-force attack.
15	CVE-2013-4339	20		Bypass	2013-09-12	2013-12-30	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
WordPress before 3.6.1 does not properly validate URLs before use in an HTTP redirect, which allows remote attackers to bypass intended redirection restrictions via a crafted string.
16	CVE-2013-2205	79		XSS Bypass	2013-07-08	2016-12-30	4.3	None	Remote	Medium	Not required	None	Partial	None
The default configuration of SWFUpload in WordPress before 3.5.2 has an unrestrictive security.allowDomain setting, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted web site.
17	CVE-2013-2200	264		Bypass	2013-07-08	2013-08-13	4.0	None	Remote	Low	Single system	None	Partial	None
WordPress before 3.5.2 does not properly check the capabilities of roles, which allows remote authenticated users to bypass intended restrictions on publishing and authorship reassignment via unspecified vectors.
18	CVE-2012-6634	264		Bypass +Info	2014-01-20	2014-02-24	6.4	None	Remote	Low	Not required	Partial	Partial	None
wp-admin/media-upload.php in WordPress before 3.3.3 allows remote attackers to obtain sensitive information or bypass intended media-attachment restrictions via a post_id value.
19	CVE-2012-4421	264		Bypass	2012-09-14	2012-09-17	4.0	None	Remote	Low	Single system	None	Partial	None
The create_post function in wp-includes/class-wp-atom-server.php in WordPress before 3.4.2 does not perform a capability check, which allows remote authenticated users to bypass intended access restrictions and publish new posts by leveraging the Contributor role and using the Atom Publishing Protocol (aka AtomPub) feature.
20	CVE-2012-3383	264		XSS Bypass	2012-07-22	2012-09-17	2.6	None	Remote	High	Not required	None	Partial	None
The map_meta_cap function in wp-includes/capabilities.php in WordPress 3.4.x before 3.4.2, when the multisite feature is enabled, does not properly assign the unfiltered_html capability, which allows remote authenticated users to bypass intended access restrictions and conduct cross-site scripting (XSS) attacks by leveraging the Administrator or Editor role and composing crafted text.
21	CVE-2012-2402	264		Bypass	2012-04-21	2017-12-18	5.5	None	Remote	Low	Single system	None	Partial	Partial
wp-admin/plugins.php in WordPress before 3.3.2 allows remote authenticated site administrators to bypass intended access restrictions and deactivate network-wide plugins via unspecified vectors.
22	CVE-2012-2401	264		Bypass	2012-04-21	2017-12-18	5.0	None	Remote	Low	Not required	None	Partial	None
Plupload before 1.5.4, as used in wp-includes/js/plupload/ in WordPress before 3.3.2 and other products, enables scripting regardless of the domain from which the SWF content was loaded, which allows remote attackers to bypass the Same Origin Policy via crafted content.
23	CVE-2010-5297	264		Bypass	2014-01-20	2014-01-21	2.1	None	Remote	High	Single system	None	Partial	None
WordPress before 3.0.1, when a Multisite installation is used, permanently retains the "site administrators can add users" option once changed, which might allow remote authenticated administrators to bypass intended access restrictions in opportunistic circumstances via an add action after a temporary change.
24	CVE-2010-5296	264		Bypass	2014-01-20	2014-01-21	4.9	None	Remote	Medium	Single system	Partial	Partial	None
wp-includes/capabilities.php in WordPress before 3.0.2, when a Multisite configuration is used, does not require the Super Admin role for the delete_users capability, which allows remote authenticated administrators to bypass intended access restrictions via a delete action.
25	CVE-2010-5293	264		Bypass	2014-01-20	2014-01-21	5.8	None	Remote	Medium	Not required	Partial	Partial	None
wp-includes/comment.php in WordPress before 3.0.2 does not properly whitelist trackbacks and pingbacks in the blogroll, which allows remote attackers to bypass intended spam restrictions via a crafted URL, as demonstrated by a URL that triggers a substring match.
26	CVE-2010-5106	264		Bypass	2012-09-14	2012-09-17	6.5	None	Remote	Low	Single system	Partial	Partial	Partial
The XML-RPC remote publishing interface in xmlrpc.php in WordPress before 3.0.3 does not properly check capabilities, which allows remote authenticated users to bypass intended access restrictions, and publish, edit, or delete posts, by leveraging the Author or Contributor role.
27	CVE-2009-2762	255	1	Bypass	2009-08-13	2017-11-22	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
wp-login.php in WordPress 2.8.3 and earlier allows remote attackers to force a password reset for the first user in the database, possibly the administrator, via a key[] array variable in a resetpass (aka rp) action, which bypasses a check that assumes that $key is not an array.
28	CVE-2008-7216	264		Bypass	2009-09-11	2017-08-16	4.3	None	Remote	Medium	Not required	Partial	None	None
Peter's Math Anti-Spam Spinoff plugin for WordPress generates audio CAPTCHA clips by concatenating static audio files without any additional distortion, which allows remote attackers to bypass CAPTCHA protection by reading certain bytes from the generated clip.
29	CVE-2008-4616	20		Bypass	2008-10-20	2017-08-07	5.0	None	Remote	Low	Not required	None	Partial	None
The SpamBam plugin for WordPress allows remote attackers to bypass restrictions and add blog comments by using server-supplied values to calculate a shared key.
30	CVE-2008-2146	264		Bypass	2008-05-12	2017-08-07	7.5	User	Remote	Low	Not required	Partial	Partial	Partial
wp-includes/vars.php in Wordpress before 2.2.3 does not properly extract the current path from the PATH_INFO ($PHP_SELF), which allows remote attackers to bypass intended access restrictions for certain pages.
31	CVE-2007-6013	287		Bypass	2007-11-19	2017-07-28	6.8	User	Remote	Medium	Not required	Partial	Partial	Partial
Wordpress 1.5 through 2.3.1 uses cookie values based on the MD5 hash of a password MD5 hash, which allows attackers to bypass authentication by obtaining the MD5 hash from the user database, then generating the authentication cookie from that hash.
32	CVE-2007-1893	264		Bypass	2007-04-09	2017-07-28	4.9	User	Local Network	Medium	Single system	Partial	Partial	Partial
xmlrpc (xmlrpc.php) in WordPress 2.1.2, and probably earlier, allows remote authenticated users with the contributor role to bypass intended access restrictions and invoke the publish_posts functionality, which can be used to "publish a previously saved post."
33	CVE-2007-0107			Exec Code Sql Bypass	2007-01-08	2017-07-28	6.8	User	Remote	Medium	Not required	Partial	Partial	Partial
WordPress before 2.0.6, when mbstring is enabled for PHP, decodes alternate character sets after escaping the SQL query, which allows remote attackers to bypass SQL injection protection schemes and execute arbitrary SQL commands via multibyte charsets, as demonstrated using UTF-7.

Total number of vulnerabilities : 33 Page : 1 (This Page)