漏洞组件 - WordPress - 知道创宇 Seebug 漏洞平台

'

漏洞组件 — WordPress

漏洞详情：: WordPress是一种使用PHP语言开发的博客平台，用户可以在支持PHP和MySQL 数据库的服务器上架设自己的网志。也可以把 WordPress 当作一个内容管理系统（CMS）来使用。WordPress 是一个免费的开源项目，在GNU通用公共许可证下授权发布。 WordPress 被认为是Michel Valdrighi所开发的网志平台b2 cafelog的正式继承者。“WordPress”这个名字出自 Christine Selleck 的主意，他是主要开发者Matt Mullenweg的朋友。

相关漏洞

SSV ID	提交时间	漏洞等级	漏洞名称	漏洞状态	人气 \| 评论
SSV-99839	2024-05-22		WordPress-XStore-Core-Plugin-SQL-Injection(CVE-2024-33551)		10277 \| 0
SSV-99530	2022-06-22		Wordpress 存储型XSS漏洞（CVE-2022-21662）		6361 \| 2
SSV-99516	2022-05-20		Wordpress 插件Tatsu builder 未授权RCE漏洞（CVE-2021-25094）		4420 \| 0
SSV-99431	2022-01-10		wordpress SQL注入漏洞（CVE-2022–21661）		13086 \| 0
SSV-99235	2021-04-28		wordpress 5.7 授权XXE漏洞（CVE-2021-29447）		9972 \| 0
SSV-99166	2021-03-25		WordPress BuddyPress插件远程代码执行漏洞		6820 \| 0
SSV-99153	2021-03-10		WordPress The Plus Addons for Elementor插件身份验证绕过漏洞（CVE-2021-24175）		7536 \| 0
SSV-99077	2020-12-18		wordpress wp-file-manager插件远程代码执行漏洞（CVE-2020-25213）		12991 \| 0
SSV-99070	2020-12-14		WordPress SMTP 插件任意密码修改 0 Day漏洞		10909 \| 0
SSV-98247	2020-06-16		Wordpress IMPress for IDX Broker 低权限xss漏洞		13511 \| 0
SSV-98098	2019-10-31		wordpress 查看未经身份验证的文章(CVE-2019-17671)		13305 \| 0
SSV-98052	2019-08-02		wordpress 5.2.2 安装处任意文件读取		3555 \| 0
SSV-98004	2019-06-12		WordPress 5.x 某页面存在暴力破解漏洞		10949 \| 1
SSV-97871	2019-03-26		Social Warfare XSS and RCE Vulnerabilities and Attack Data		6191 \| 0
SSV-97857	2019-03-14		WordPress 5.1 CSRF to Remote Code Execution		5543 \| 1
SSV-97817	2019-02-20		WordPress 5.0.0 Remote Code Execution		7025 \| 0
SSV-97751	2018-12-27		WordPress Privilege Escalation through Post Types		4599 \| 0
SSV-97750	2018-12-26		Stored XSS on WordPress.org		4251 \| 0
SSV-97500	2018-08-28		WordPress 插件Dreamsmiths v0.0.1 任意文件下载漏洞		4451 \| 0
SSV-97378	2018-06-27		WordPress File Delete to Code Execution		4256 \| 0
SSV-97249	2018-04-28		WordPress Plugin File Upload 4.3.3 - Stored Cross-Site Scripting (PoC)		4505 \| 0
SSV-97129	2018-02-07		WordPress Core - 'load-scripts.php' Denial of Service(CVE-2018-6389)		3758 \| 0
SSV-96851	2017-11-14		Wordpress SQLi — PoC		2436 \| 0
SSV-96850	2017-11-14		Wordpress <= 4.8.2 SQL Injection POC		2652 \| 0
SSV-96790	2017-11-01		Disclosure: WordPress WPDB SQL Injection - Technical		2334 \| 1
SSV-96376	2017-08-28		Wordpress SQLi		3358 \| 0
SSV-96338	2017-08-11		wordpress plugin updraftplus ssrf		1747 \| 0
SSV-96337	2017-08-11		wordpress plugin updraftplus 任意文件上传		2623 \| 0
SSV-96269	2017-07-06		WP Statistics Authenticated XSS Vulnerability		1338 \| 0
SSV-96263	2017-07-04		WP Statistics SQL Injection vulnerability		1957 \| 0
SSV-93078	2017-05-04		WordPress Core <= 4.7.4 Potential Unauthorized Password Reset		2638 \| 0
SSV-93077	2017-05-04		WordPress Core 4.6 - Unauthenticated Remote Code Execution		3042 \| 0
SSV-93056	2017-04-26		WordPress Plugin WA Form Builder SQL Injection		1101 \| 0
SSV-93055	2017-04-26		WordPress Plugin Delete All Comments Arbitrary File Upload		1555 \| 0
SSV-93054	2017-04-26		WordPress Plugin WP Vault Local File Inclusion		1537 \| 0
SSV-93053	2017-04-25		WordPress Plugin Podlove Podcast Publisher Cross Site Scripting and SQL Injection Vulnerabilities		1029 \| 0
SSV-93052	2017-04-25		WordPress Plugin All In One WP Security & Firewall Cross-Site Scripting		1125 \| 0
SSV-93051	2017-04-25		WordPress Plugin Quiz And Survey Master (Formerly Quiz Master Next) Multiple Vulnerabilities		1179 \| 0
SSV-93050	2017-04-25		CSRF vulnerability in Multisite Post Duplicator could allow an attacker to do almost anything an admin user can do (WordPress plugin)		975 \| 0
SSV-93049	2017-04-25		Cross-Site Request Forgery (CSRF)/Cross-Site Scripting (XSS) Vulnerability in Twitter Cards Meta		1073 \| 0
SSV-93048	2017-04-25		Authenticated Persistent Cross-Site Scripting (XSS) Vulnerability in wpDataTables Lite		1064 \| 0
SSV-93047	2017-04-25		WP Support Plus Responsive Ticket System 7.1.3 – WordPress Plugin – Sql Injection		995 \| 0
SSV-93046	2017-04-25		WordPress Plugin Social Share Buttons-Social Pug Cross-Site Scripting		1022 \| 0
SSV-93045	2017-04-25		WordPress Plugin Nelio AB Testing Server-Side Request Forgery (SSRF)		1092 \| 0
SSV-92917	2017-04-07		Wordpress Plugin Firewall 2 CSRF/储存型XSS漏洞		1439 \| 0
SSV-92845	2017-03-29		WordPress Core before 4.7 Stored XSS		1889 \| 0
SSV-92800	2017-03-20		Wordpress Plugin Membership Simplified 1.58 - 任意文件下载		1756 \| 0
SSV-92796	2017-03-20		Wordpress Plugin Photo Gallery v3.0 - 任意文件下载		1460 \| 0
SSV-92753	2017-03-08		WordPress audio playlist functionality is affected by Cross-Site Scripting		1832 \| 0
SSV-92735	2017-03-06		WordPress Plugin Mail Masta 1.0 - SQL Injection		1315 \| 0
SSV-92732	2017-03-04		Wordpress < 4.7.1 - Username Enumeration (CVE-2017-5487)		3658 \| 0
SSV-92727	2017-03-01		WordPress 插件 NextGEN Gallery SQL 注入漏洞		2785 \| 1
SSV-92680	2017-02-13		Wordpress 插件cmw-speakers speaker_details.php 参数id SQL注入漏洞		2228 \| 0
SSV-92637	2017-02-02		WordPress REST API 内容注入漏洞		10668 \| 9
SSV-92618	2017-01-12		WordPress Plugin WP Support Plus Responsive Ticket System 7.1.3 -特权提升		1910 \| 0
SSV-92589	2016-12-27		wordpress 插件FancyBox admin-head.php 物理路径泄露漏洞		4953 \| 0
SSV-92572	2016-12-12		WordPress functions.php 主题文件后门漏洞		7811 \| 0
SSV-92566	2016-12-06		Wordpress Plugin Single Personal Message 1.0.3 SQL 注入漏洞		8093 \| 0
SSV-92565	2016-12-06		Wordpress Plugin Olimometer 2.56 - SQL Injection		7666 \| 0
SSV-92549	2016-11-22		Wordpress Plugin Answer My Question 1.3 - SQL Injection		6136 \| 2
SSV-92485	2016-10-19		WordPress Plugin KBoard 2.7 board.php 参数uid SQL注入漏洞		3259 \| 0
SSV-92459	2016-10-09		Wordpress <= 4.6.1 使用语言文件任意代码执行漏洞		7483 \| 0
SSV-92458	2016-10-08		Wordpress <= 4.6.1 Stored XSS Via Theme File		6382 \| 0
SSV-92445	2016-09-27		WordPress Plugin Image Export 本地文件包含漏洞		7922 \| 0
SSV-92406	2016-09-13		WordPress RB Agency Plugin 2.4.7 - 本地文件包含		2722 \| 0
SSV-92390	2016-09-05		Wordpress 的 timthumb-config.php任意文件下载		6695 \| 0
SSV-92383	2016-09-05		WordPress CYSTEME Finder插件任意文件泄露+上传漏洞		7540 \| 1
SSV-92372	2016-09-01		WordPress Vertical Gallery插件任意文件上传漏洞		6479 \| 0
SSV-92371	2016-09-01		WordPress Zero Spam <= 2.1.1 - 未授权盲注		5355 \| 0
SSV-92370	2016-09-01		WordPress Catpro Gallery插件任意文件上传漏洞		5814 \| 0
SSV-92365	2016-08-31		WordPress Bliss Gallery插件任意文件上传漏洞		6013 \| 0
SSV-92353	2016-08-30		Wordpress Multi Themes 任意文件下载漏洞		3022 \| 0
SSV-92350	2016-08-26		WordPress Bonkersbeat-theme Arbitrary File Download Vulnerability		5572 \| 0
SSV-92349	2016-08-26		WordPress 3.6-4.5.2 Authenticated Revision History Information Disclosure		5474 \| 0
SSV-92346	2016-08-25		WordPress Mail Masta Plugin 1.0 - 本地文件包含		6609 \| 0
SSV-92344	2016-08-25		WordPress 4.5 admin-ajax.php Path traversal & DoS		6165 \| 0
SSV-92336	2016-08-24		WordPress <4.5 SSRF		6792 \| 0
SSV-92293	2016-08-15		wordpress force force-download.php 参数file 任意文件下载漏洞		5899 \| 0
SSV-92284	2016-08-12		wordpress-"Add From Server"插件CSRF		5909 \| 0
SSV-92270	2016-08-10		Wordpress force download Arbitrary File Download		4993 \| 0
SSV-92262	2016-08-09		WordPress theme ypo-theme Arbitrary File Download Vulnerability		4029 \| 0
SSV-92231	2016-08-04		WordPress WP Live Chat Support(6.2.03) 插件存储型 XSS		5218 \| 0
SSV-92097	2016-07-13		WordPress WP-DownloadManager Plugin 1.68.1 任意文件上传漏洞		5152 \| 0
SSV-92083	2016-07-11		WordPress-Mailpress action.php 远程代码执行漏洞		5897 \| 0
SSV-92075	2016-07-11		WordPress Lazy Content Slider 插件 CSRF漏洞		3683 \| 0
SSV-92033	2016-07-06		WordPress Real 3D Flipbook 插件多个漏洞打包		4021 \| 0
SSV-91956	2016-06-27		WordPress Like Dislike Counter 1.2.3 插件 SQL注入漏洞		5636 \| 0
SSV-91941	2016-06-22		WordPress Mobile Detector <=3.5 resize.php src参数本地文件包含漏洞		6953 \| 1
SSV-91878	2016-06-17		Wordpress Ocim MP3 Plugin ocim-mp3/source/pages.php id参数SQL注入漏洞		4856 \| 0
SSV-91835	2016-06-15		WordPress Filedownload Plugin 0.1 任意文件下载		3002 \| 0
SSV-91834	2016-06-15		WordPress TheCartPress Plugin 1.1.1 本地/远程文件包含漏洞		2961 \| 0
SSV-91797	2016-06-10		WordPress WP Mobile Detector Plugin 3.5文件上传漏洞		3120 \| 0
SSV-91782	2016-06-09		WordPress Mobile Detector file_get_contents 函数远程文件读取		3749 \| 0
SSV-91770	2016-06-07		WordPress OPS Old Post Spinner 插件任意文件包含漏洞		3974 \| 0
SSV-91727	2016-06-02		WordPress Ninja Forms Unauthenticated File Upload		3710 \| 0
SSV-91692	2016-05-30		WordPress DB Backup Plugin 任意文件下载		3894 \| 0
SSV-91689	2016-05-27		WordPress Advanced Video Plugin 1.0 本地文件包含漏洞		5402 \| 0
SSV-91680	2016-05-26		WordPress Kento Post View Counter Plugin 2.8 - CSRF/XSS		5288 \| 0
SSV-91671	2016-05-25		WordPress Brafton 3.3.10 反射型 xss		5649 \| 0
SSV-91627	2016-05-21		WordPress Ghost Plugin 0.5.5 未授权下载 ghost 文件		5384 \| 0