WordPress 2.9.2 and 3.0.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by wp-admin/includes/user.php and certain other files.
Max Base Score
5.0
Published
2011-09-24
Updated
2012-05-21
EPSS
0.33%
wp-includes/taxonomy.php in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Taxonomy query hardening," possibly involving SQL injection.
Max Base Score
7.5
Published
2011-08-10
Updated
2017-08-29
EPSS
0.18%
The file upload functionality in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2, when running "on hosts with dangerous security settings," has unknown impact and attack vectors, possibly related to dangerous filenames.
Max Base Score
9.3
Published
2011-08-10
Updated
2016-05-31
EPSS
0.32%
WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 treats unattached attachments as published, which might allow remote attackers to obtain sensitive data via vectors related to wp-includes/post.php.
Max Base Score
5.0
Published
2011-08-10
Updated
2017-08-29
EPSS
0.56%
WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 does not prevent rendering for (1) admin or (2) login pages inside a frame in a third-party HTML document, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.
Max Base Score
5.8
Published
2011-08-10
Updated
2017-08-29
EPSS
0.30%
WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 allows remote attackers to determine usernames of non-authors via canonical redirects.
Max Base Score
5.0
Published
2011-08-10
Updated
2017-08-29
EPSS
0.38%
Unspecified vulnerability in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Various security hardening."
Max Base Score
10.0
Published
2011-08-10
Updated
2017-08-29
EPSS
0.31%
Unspecified vulnerability in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Media security."
Max Base Score
10.0
Published
2011-08-10
Updated
2017-08-29
EPSS
0.38%
wp-admin/async-upload.php in the media uploader in WordPress before 3.0.5 allows remote authenticated users to read (1) draft posts or (2) private posts via a modified attachment_id parameter.
Max Base Score
4.0
Published
2011-03-14
Updated
2017-11-22
EPSS
0.17%
Multiple cross-site scripting (XSS) vulnerabilities in WordPress before 3.0.5 allow remote authenticated users to inject arbitrary web script or HTML via vectors related to (1) the Quick/Bulk Edit title (aka post title or post_title), (2) post_status, (3) comment_status, (4) ping_status, and (5) escaping of tags within the tags meta box.
Max Base Score
3.5
Published
2011-03-14
Updated
2017-11-21
EPSS
0.25%
Multiple cross-site scripting (XSS) vulnerabilities in KSES, as used in WordPress before 3.0.4, allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) the & (ampersand) character, (2) the case of an attribute name, (3) a padded entity, and (4) an entity that is not in normalized form.
Max Base Score
4.3
Published
2011-01-03
Updated
2017-11-21
EPSS
0.67%
11 vulnerabilities found