漏洞组件 - WordPress - 知道创宇 Seebug 漏洞平台

'

漏洞组件 — WordPress

漏洞详情：: WordPress是一种使用PHP语言开发的博客平台，用户可以在支持PHP和MySQL 数据库的服务器上架设自己的网志。也可以把 WordPress 当作一个内容管理系统（CMS）来使用。WordPress 是一个免费的开源项目，在GNU通用公共许可证下授权发布。 WordPress 被认为是Michel Valdrighi所开发的网志平台b2 cafelog的正式继承者。“WordPress”这个名字出自 Christine Selleck 的主意，他是主要开发者Matt Mullenweg的朋友。

相关漏洞

SSV ID	提交时间	漏洞等级	漏洞名称	漏洞状态	人气 \| 评论
SSV-99530	2022-06-22		Wordpress 存储型XSS漏洞（CVE-2022-21662）		5858 \| 2
SSV-99516	2022-05-20		Wordpress 插件Tatsu builder 未授权RCE漏洞（CVE-2021-25094）		3937 \| 0
SSV-99431	2022-01-10		wordpress SQL注入漏洞（CVE-2022–21661）		12731 \| 0
SSV-99235	2021-04-28		wordpress 5.7 授权XXE漏洞（CVE-2021-29447）		9533 \| 0
SSV-99166	2021-03-25		WordPress BuddyPress插件远程代码执行漏洞		6511 \| 0
SSV-99153	2021-03-10		WordPress The Plus Addons for Elementor插件身份验证绕过漏洞（CVE-2021-24175）		6772 \| 0
SSV-99077	2020-12-18		wordpress wp-file-manager插件远程代码执行漏洞（CVE-2020-25213）		12402 \| 0
SSV-99070	2020-12-14		WordPress SMTP 插件任意密码修改 0 Day漏洞		10546 \| 0
SSV-98247	2020-06-16		Wordpress IMPress for IDX Broker 低权限xss漏洞		13019 \| 0
SSV-98098	2019-10-31		wordpress 查看未经身份验证的文章(CVE-2019-17671)		12947 \| 0
SSV-98052	2019-08-02		wordpress 5.2.2 安装处任意文件读取		3218 \| 0
SSV-98004	2019-06-12		WordPress 5.x 某页面存在暴力破解漏洞		10598 \| 1
SSV-97871	2019-03-26		Social Warfare XSS and RCE Vulnerabilities and Attack Data		5900 \| 0
SSV-97857	2019-03-14		WordPress 5.1 CSRF to Remote Code Execution		5310 \| 1
SSV-97817	2019-02-20		WordPress 5.0.0 Remote Code Execution		6774 \| 0
SSV-97751	2018-12-27		WordPress Privilege Escalation through Post Types		4451 \| 0
SSV-97750	2018-12-26		Stored XSS on WordPress.org		3945 \| 0
SSV-97500	2018-08-28		WordPress 插件Dreamsmiths v0.0.1 任意文件下载漏洞		4327 \| 0
SSV-97378	2018-06-27		WordPress File Delete to Code Execution		4041 \| 0
SSV-97249	2018-04-28		WordPress Plugin File Upload 4.3.3 - Stored Cross-Site Scripting (PoC)		4221 \| 0
SSV-97129	2018-02-07		WordPress Core - 'load-scripts.php' Denial of Service(CVE-2018-6389)		3532 \| 0
SSV-96851	2017-11-14		Wordpress SQLi — PoC		2254 \| 0
SSV-96850	2017-11-14		Wordpress <= 4.8.2 SQL Injection POC		2494 \| 0
SSV-96790	2017-11-01		Disclosure: WordPress WPDB SQL Injection - Technical		2142 \| 1
SSV-96376	2017-08-28		Wordpress SQLi		3032 \| 0
SSV-96338	2017-08-11		wordpress plugin updraftplus ssrf		1430 \| 0
SSV-96337	2017-08-11		wordpress plugin updraftplus 任意文件上传		2504 \| 0
SSV-96269	2017-07-06		WP Statistics Authenticated XSS Vulnerability		1135 \| 0
SSV-96263	2017-07-04		WP Statistics SQL Injection vulnerability		1691 \| 0
SSV-93078	2017-05-04		WordPress Core <= 4.7.4 Potential Unauthorized Password Reset		2441 \| 0
SSV-93077	2017-05-04		WordPress Core 4.6 - Unauthenticated Remote Code Execution		2790 \| 0
SSV-93056	2017-04-26		WordPress Plugin WA Form Builder SQL Injection		953 \| 0
SSV-93055	2017-04-26		WordPress Plugin Delete All Comments Arbitrary File Upload		1310 \| 0
SSV-93054	2017-04-26		WordPress Plugin WP Vault Local File Inclusion		1285 \| 0
SSV-93053	2017-04-25		WordPress Plugin Podlove Podcast Publisher Cross Site Scripting and SQL Injection Vulnerabilities		889 \| 0
SSV-93052	2017-04-25		WordPress Plugin All In One WP Security & Firewall Cross-Site Scripting		849 \| 0
SSV-93051	2017-04-25		WordPress Plugin Quiz And Survey Master (Formerly Quiz Master Next) Multiple Vulnerabilities		1014 \| 0
SSV-93050	2017-04-25		CSRF vulnerability in Multisite Post Duplicator could allow an attacker to do almost anything an admin user can do (WordPress plugin)		819 \| 0
SSV-93049	2017-04-25		Cross-Site Request Forgery (CSRF)/Cross-Site Scripting (XSS) Vulnerability in Twitter Cards Meta		932 \| 0
SSV-93048	2017-04-25		Authenticated Persistent Cross-Site Scripting (XSS) Vulnerability in wpDataTables Lite		857 \| 0
SSV-93047	2017-04-25		WP Support Plus Responsive Ticket System 7.1.3 – WordPress Plugin – Sql Injection		842 \| 0
SSV-93046	2017-04-25		WordPress Plugin Social Share Buttons-Social Pug Cross-Site Scripting		814 \| 0
SSV-93045	2017-04-25		WordPress Plugin Nelio AB Testing Server-Side Request Forgery (SSRF)		895 \| 0
SSV-92917	2017-04-07		Wordpress Plugin Firewall 2 CSRF/储存型XSS漏洞		1218 \| 0
SSV-92845	2017-03-29		WordPress Core before 4.7 Stored XSS		1654 \| 0
SSV-92800	2017-03-20		Wordpress Plugin Membership Simplified 1.58 - 任意文件下载		1533 \| 0
SSV-92796	2017-03-20		Wordpress Plugin Photo Gallery v3.0 - 任意文件下载		1141 \| 0
SSV-92753	2017-03-08		WordPress audio playlist functionality is affected by Cross-Site Scripting		1629 \| 0
SSV-92735	2017-03-06		WordPress Plugin Mail Masta 1.0 - SQL Injection		1120 \| 0
SSV-92732	2017-03-04		Wordpress < 4.7.1 - Username Enumeration (CVE-2017-5487)		2838 \| 0
SSV-92727	2017-03-01		WordPress 插件 NextGEN Gallery SQL 注入漏洞		2509 \| 1
SSV-92680	2017-02-13		Wordpress 插件cmw-speakers speaker_details.php 参数id SQL注入漏洞		2005 \| 0
SSV-92637	2017-02-02		WordPress REST API 内容注入漏洞		10035 \| 9
SSV-92618	2017-01-12		WordPress Plugin WP Support Plus Responsive Ticket System 7.1.3 -特权提升		1691 \| 0
SSV-92589	2016-12-27		wordpress 插件FancyBox admin-head.php 物理路径泄露漏洞		4744 \| 0
SSV-92572	2016-12-12		WordPress functions.php 主题文件后门漏洞		7456 \| 0
SSV-92566	2016-12-06		Wordpress Plugin Single Personal Message 1.0.3 SQL 注入漏洞		7860 \| 0
SSV-92565	2016-12-06		Wordpress Plugin Olimometer 2.56 - SQL Injection		7400 \| 0
SSV-92549	2016-11-22		Wordpress Plugin Answer My Question 1.3 - SQL Injection		5771 \| 2
SSV-92485	2016-10-19		WordPress Plugin KBoard 2.7 board.php 参数uid SQL注入漏洞		3007 \| 0
SSV-92459	2016-10-09		Wordpress <= 4.6.1 使用语言文件任意代码执行漏洞		7255 \| 0
SSV-92458	2016-10-08		Wordpress <= 4.6.1 Stored XSS Via Theme File		6236 \| 0
SSV-92445	2016-09-27		WordPress Plugin Image Export 本地文件包含漏洞		7537 \| 0
SSV-92406	2016-09-13		WordPress RB Agency Plugin 2.4.7 - 本地文件包含		2453 \| 0
SSV-92390	2016-09-05		Wordpress 的 timthumb-config.php任意文件下载		6399 \| 0
SSV-92383	2016-09-05		WordPress CYSTEME Finder插件任意文件泄露+上传漏洞		7146 \| 1
SSV-92372	2016-09-01		WordPress Vertical Gallery插件任意文件上传漏洞		6133 \| 0
SSV-92371	2016-09-01		WordPress Zero Spam <= 2.1.1 - 未授权盲注		5117 \| 0
SSV-92370	2016-09-01		WordPress Catpro Gallery插件任意文件上传漏洞		5468 \| 0
SSV-92365	2016-08-31		WordPress Bliss Gallery插件任意文件上传漏洞		5657 \| 0
SSV-92353	2016-08-30		Wordpress Multi Themes 任意文件下载漏洞		2790 \| 0
SSV-92350	2016-08-26		WordPress Bonkersbeat-theme Arbitrary File Download Vulnerability		5199 \| 0
SSV-92349	2016-08-26		WordPress 3.6-4.5.2 Authenticated Revision History Information Disclosure		5356 \| 0
SSV-92346	2016-08-25		WordPress Mail Masta Plugin 1.0 - 本地文件包含		6358 \| 0
SSV-92344	2016-08-25		WordPress 4.5 admin-ajax.php Path traversal & DoS		5957 \| 0
SSV-92336	2016-08-24		WordPress <4.5 SSRF		6662 \| 0
SSV-92293	2016-08-15		wordpress force force-download.php 参数file 任意文件下载漏洞		5636 \| 0
SSV-92284	2016-08-12		wordpress-"Add From Server"插件CSRF		5476 \| 0
SSV-92270	2016-08-10		Wordpress force download Arbitrary File Download		4744 \| 0
SSV-92262	2016-08-09		WordPress theme ypo-theme Arbitrary File Download Vulnerability		3508 \| 0
SSV-92231	2016-08-04		WordPress WP Live Chat Support(6.2.03) 插件存储型 XSS		4824 \| 0
SSV-92097	2016-07-13		WordPress WP-DownloadManager Plugin 1.68.1 任意文件上传漏洞		4792 \| 0
SSV-92083	2016-07-11		WordPress-Mailpress action.php 远程代码执行漏洞		5669 \| 0
SSV-92075	2016-07-11		WordPress Lazy Content Slider 插件 CSRF漏洞		3470 \| 0
SSV-92033	2016-07-06		WordPress Real 3D Flipbook 插件多个漏洞打包		3795 \| 0
SSV-91956	2016-06-27		WordPress Like Dislike Counter 1.2.3 插件 SQL注入漏洞		5309 \| 0
SSV-91941	2016-06-22		WordPress Mobile Detector <=3.5 resize.php src参数本地文件包含漏洞		6659 \| 1
SSV-91878	2016-06-17		Wordpress Ocim MP3 Plugin ocim-mp3/source/pages.php id参数SQL注入漏洞		4544 \| 0
SSV-91835	2016-06-15		WordPress Filedownload Plugin 0.1 任意文件下载		2770 \| 0
SSV-91834	2016-06-15		WordPress TheCartPress Plugin 1.1.1 本地/远程文件包含漏洞		2723 \| 0
SSV-91797	2016-06-10		WordPress WP Mobile Detector Plugin 3.5文件上传漏洞		2885 \| 0
SSV-91782	2016-06-09		WordPress Mobile Detector file_get_contents 函数远程文件读取		3523 \| 0
SSV-91770	2016-06-07		WordPress OPS Old Post Spinner 插件任意文件包含漏洞		3740 \| 0
SSV-91727	2016-06-02		WordPress Ninja Forms Unauthenticated File Upload		3464 \| 0
SSV-91692	2016-05-30		WordPress DB Backup Plugin 任意文件下载		3671 \| 0
SSV-91689	2016-05-27		WordPress Advanced Video Plugin 1.0 本地文件包含漏洞		5157 \| 0
SSV-91680	2016-05-26		WordPress Kento Post View Counter Plugin 2.8 - CSRF/XSS		5064 \| 0
SSV-91671	2016-05-25		WordPress Brafton 3.3.10 反射型 xss		5550 \| 0
SSV-91627	2016-05-21		WordPress Ghost Plugin 0.5.5 未授权下载 ghost 文件		5149 \| 0
SSV-91580	2016-05-18		Wordpress fresh-page 插件-phpThumb.php文件src参数-跨站脚本漏洞		2776 \| 0