Vulnerability Component - WordPress - Seebug Vulnerability Platform

'

Vulnerability Component — WordPress

Detail：: WordPress是一种使用PHP语言开发的博客平台，用户可以在支持PHP和MySQL 数据库的服务器上架设自己的网志。也可以把 WordPress 当作一个内容管理系统（CMS）来使用。WordPress 是一个免费的开源项目，在GNU通用公共许可证下授权发布。 WordPress 被认为是Michel Valdrighi所开发的网志平台b2 cafelog的正式继承者。“WordPress”这个名字出自 Christine Selleck 的主意，他是主要开发者Matt Mullenweg的朋友。

Related Vulnerabilities

SSV ID	Submit Time	Level	Name	Status	Popularity \| Comments
SSV-99839	2024-05-22		WordPress-XStore-Core-Plugin-SQL-Injection(CVE-2024-33551)		11573 \| 0
SSV-99530	2022-06-22		Wordpress 存储型XSS漏洞（CVE-2022-21662）		6959 \| 2
SSV-99516	2022-05-20		Wordpress 插件Tatsu builder 未授权RCE漏洞（CVE-2021-25094）		4879 \| 0
SSV-99431	2022-01-10		wordpress SQL注入漏洞（CVE-2022–21661）		13624 \| 0
SSV-99235	2021-04-28		wordpress 5.7 授权XXE漏洞（CVE-2021-29447）		10650 \| 0
SSV-99166	2021-03-25		WordPress BuddyPress插件远程代码执行漏洞		7265 \| 0
SSV-99153	2021-03-10		WordPress The Plus Addons for Elementor插件身份验证绕过漏洞（CVE-2021-24175）		7994 \| 0
SSV-99077	2020-12-18		wordpress wp-file-manager插件远程代码执行漏洞（CVE-2020-25213）		13960 \| 0
SSV-99070	2020-12-14		WordPress SMTP 插件任意密码修改 0 Day漏洞		11341 \| 0
SSV-98247	2020-06-16		Wordpress IMPress for IDX Broker 低权限xss漏洞		13951 \| 0
SSV-98098	2019-10-31		wordpress 查看未经身份验证的文章(CVE-2019-17671)		13753 \| 0
SSV-98052	2019-08-02		wordpress 5.2.2 安装处任意文件读取		4074 \| 0
SSV-98004	2019-06-12		WordPress 5.x 某页面存在暴力破解漏洞		11292 \| 1
SSV-97871	2019-03-26		Social Warfare XSS and RCE Vulnerabilities and Attack Data		6485 \| 0
SSV-97857	2019-03-14		WordPress 5.1 CSRF to Remote Code Execution		5824 \| 1
SSV-97817	2019-02-20		WordPress 5.0.0 Remote Code Execution		7309 \| 0
SSV-97751	2018-12-27		WordPress Privilege Escalation through Post Types		4839 \| 0
SSV-97750	2018-12-26		Stored XSS on WordPress.org		4565 \| 0
SSV-97500	2018-08-28		WordPress 插件Dreamsmiths v0.0.1 任意文件下载漏洞		4741 \| 0
SSV-97378	2018-06-27		WordPress File Delete to Code Execution		4612 \| 0
SSV-97249	2018-04-28		WordPress Plugin File Upload 4.3.3 - Stored Cross-Site Scripting (PoC)		4801 \| 0
SSV-97129	2018-02-07		WordPress Core - 'load-scripts.php' Denial of Service(CVE-2018-6389)		4077 \| 0
SSV-96851	2017-11-14		Wordpress SQLi — PoC		2728 \| 0
SSV-96850	2017-11-14		Wordpress <= 4.8.2 SQL Injection POC		2916 \| 0
SSV-96790	2017-11-01		Disclosure: WordPress WPDB SQL Injection - Technical		2606 \| 1
SSV-96376	2017-08-28		Wordpress SQLi		3727 \| 0
SSV-96338	2017-08-11		wordpress plugin updraftplus ssrf		2185 \| 0
SSV-96337	2017-08-11		wordpress plugin updraftplus 任意文件上传		2833 \| 0
SSV-96269	2017-07-06		WP Statistics Authenticated XSS Vulnerability		1578 \| 0
SSV-96263	2017-07-04		WP Statistics SQL Injection vulnerability		2204 \| 0
SSV-93078	2017-05-04		WordPress Core <= 4.7.4 Potential Unauthorized Password Reset		3025 \| 0
SSV-93077	2017-05-04		WordPress Core 4.6 - Unauthenticated Remote Code Execution		3374 \| 0
SSV-93056	2017-04-26		WordPress Plugin WA Form Builder SQL Injection		1326 \| 0
SSV-93055	2017-04-26		WordPress Plugin Delete All Comments Arbitrary File Upload		1869 \| 0
SSV-93054	2017-04-26		WordPress Plugin WP Vault Local File Inclusion		1795 \| 0
SSV-93053	2017-04-25		WordPress Plugin Podlove Podcast Publisher Cross Site Scripting and SQL Injection Vulnerabilities		1267 \| 0
SSV-93052	2017-04-25		WordPress Plugin All In One WP Security & Firewall Cross-Site Scripting		1420 \| 0
SSV-93051	2017-04-25		WordPress Plugin Quiz And Survey Master (Formerly Quiz Master Next) Multiple Vulnerabilities		1437 \| 0
SSV-93050	2017-04-25		CSRF vulnerability in Multisite Post Duplicator could allow an attacker to do almost anything an admin user can do (WordPress plugin)		1249 \| 0
SSV-93049	2017-04-25		Cross-Site Request Forgery (CSRF)/Cross-Site Scripting (XSS) Vulnerability in Twitter Cards Meta		1314 \| 0
SSV-93048	2017-04-25		Authenticated Persistent Cross-Site Scripting (XSS) Vulnerability in wpDataTables Lite		1313 \| 0
SSV-93047	2017-04-25		WP Support Plus Responsive Ticket System 7.1.3 – WordPress Plugin – Sql Injection		1289 \| 0
SSV-93046	2017-04-25		WordPress Plugin Social Share Buttons-Social Pug Cross-Site Scripting		1292 \| 0
SSV-93045	2017-04-25		WordPress Plugin Nelio AB Testing Server-Side Request Forgery (SSRF)		1376 \| 0
SSV-92917	2017-04-07		Wordpress Plugin Firewall 2 CSRF/储存型XSS漏洞		1666 \| 0
SSV-92845	2017-03-29		WordPress Core before 4.7 Stored XSS		2207 \| 0
SSV-92800	2017-03-20		Wordpress Plugin Membership Simplified 1.58 - 任意文件下载		2190 \| 0
SSV-92796	2017-03-20		Wordpress Plugin Photo Gallery v3.0 - 任意文件下载		1826 \| 0
SSV-92753	2017-03-08		WordPress audio playlist functionality is affected by Cross-Site Scripting		2078 \| 0
SSV-92735	2017-03-06		WordPress Plugin Mail Masta 1.0 - SQL Injection		1633 \| 0
SSV-92732	2017-03-04		Wordpress < 4.7.1 - Username Enumeration (CVE-2017-5487)		5071 \| 0
SSV-92727	2017-03-01		WordPress 插件 NextGEN Gallery SQL 注入漏洞		3138 \| 1
SSV-92680	2017-02-13		Wordpress 插件cmw-speakers speaker_details.php 参数id SQL注入漏洞		2478 \| 0
SSV-92637	2017-02-02		WordPress REST API 内容注入漏洞		11873 \| 9
SSV-92618	2017-01-12		WordPress Plugin WP Support Plus Responsive Ticket System 7.1.3 -特权提升		2232 \| 0
SSV-92589	2016-12-27		wordpress 插件FancyBox admin-head.php 物理路径泄露漏洞		5370 \| 0
SSV-92572	2016-12-12		WordPress functions.php 主题文件后门漏洞		8129 \| 0
SSV-92566	2016-12-06		Wordpress Plugin Single Personal Message 1.0.3 SQL 注入漏洞		8344 \| 0
SSV-92565	2016-12-06		Wordpress Plugin Olimometer 2.56 - SQL Injection		7920 \| 0
SSV-92549	2016-11-22		Wordpress Plugin Answer My Question 1.3 - SQL Injection		6396 \| 2
SSV-92485	2016-10-19		WordPress Plugin KBoard 2.7 board.php 参数uid SQL注入漏洞		3561 \| 0
SSV-92459	2016-10-09		Wordpress <= 4.6.1 使用语言文件任意代码执行漏洞		7820 \| 0
SSV-92458	2016-10-08		Wordpress <= 4.6.1 Stored XSS Via Theme File		6618 \| 0
SSV-92445	2016-09-27		WordPress Plugin Image Export 本地文件包含漏洞		8238 \| 0
SSV-92406	2016-09-13		WordPress RB Agency Plugin 2.4.7 - 本地文件包含		3088 \| 0
SSV-92390	2016-09-05		Wordpress 的 timthumb-config.php任意文件下载		7026 \| 0
SSV-92383	2016-09-05		WordPress CYSTEME Finder插件任意文件泄露+上传漏洞		8011 \| 1
SSV-92372	2016-09-01		WordPress Vertical Gallery插件任意文件上传漏洞		6784 \| 0
SSV-92371	2016-09-01		WordPress Zero Spam <= 2.1.1 - 未授权盲注		5664 \| 0
SSV-92370	2016-09-01		WordPress Catpro Gallery插件任意文件上传漏洞		6107 \| 0
SSV-92365	2016-08-31		WordPress Bliss Gallery插件任意文件上传漏洞		6315 \| 0
SSV-92353	2016-08-30		Wordpress Multi Themes 任意文件下载漏洞		3303 \| 0
SSV-92350	2016-08-26		WordPress Bonkersbeat-theme Arbitrary File Download Vulnerability		5949 \| 0
SSV-92349	2016-08-26		WordPress 3.6-4.5.2 Authenticated Revision History Information Disclosure		5690 \| 0
SSV-92346	2016-08-25		WordPress Mail Masta Plugin 1.0 - 本地文件包含		7091 \| 0
SSV-92344	2016-08-25		WordPress 4.5 admin-ajax.php Path traversal & DoS		6514 \| 0
SSV-92336	2016-08-24		WordPress <4.5 SSRF		7042 \| 0
SSV-92293	2016-08-15		wordpress force force-download.php 参数file 任意文件下载漏洞		6140 \| 0
SSV-92284	2016-08-12		wordpress-"Add From Server"插件CSRF		6427 \| 0
SSV-92270	2016-08-10		Wordpress force download Arbitrary File Download		5255 \| 0
SSV-92262	2016-08-09		WordPress theme ypo-theme Arbitrary File Download Vulnerability		4391 \| 0
SSV-92231	2016-08-04		WordPress WP Live Chat Support(6.2.03) 插件存储型 XSS		5678 \| 0
SSV-92097	2016-07-13		WordPress WP-DownloadManager Plugin 1.68.1 任意文件上传漏洞		5496 \| 0
SSV-92083	2016-07-11		WordPress-Mailpress action.php 远程代码执行漏洞		6307 \| 0
SSV-92075	2016-07-11		WordPress Lazy Content Slider 插件 CSRF漏洞		3928 \| 0
SSV-92033	2016-07-06		WordPress Real 3D Flipbook 插件多个漏洞打包		4269 \| 0
SSV-91956	2016-06-27		WordPress Like Dislike Counter 1.2.3 插件 SQL注入漏洞		5942 \| 0
SSV-91941	2016-06-22		WordPress Mobile Detector <=3.5 resize.php src参数本地文件包含漏洞		7203 \| 1
SSV-91878	2016-06-17		Wordpress Ocim MP3 Plugin ocim-mp3/source/pages.php id参数SQL注入漏洞		5106 \| 0
SSV-91835	2016-06-15		WordPress Filedownload Plugin 0.1 任意文件下载		3219 \| 0
SSV-91834	2016-06-15		WordPress TheCartPress Plugin 1.1.1 本地/远程文件包含漏洞		3224 \| 0
SSV-91797	2016-06-10		WordPress WP Mobile Detector Plugin 3.5文件上传漏洞		3350 \| 0
SSV-91782	2016-06-09		WordPress Mobile Detector file_get_contents 函数远程文件读取		4011 \| 0
SSV-91770	2016-06-07		WordPress OPS Old Post Spinner 插件任意文件包含漏洞		4256 \| 0
SSV-91727	2016-06-02		WordPress Ninja Forms Unauthenticated File Upload		3936 \| 0
SSV-91692	2016-05-30		WordPress DB Backup Plugin 任意文件下载		4181 \| 0
SSV-91689	2016-05-27		WordPress Advanced Video Plugin 1.0 本地文件包含漏洞		5884 \| 0
SSV-91680	2016-05-26		WordPress Kento Post View Counter Plugin 2.8 - CSRF/XSS		5610 \| 0
SSV-91671	2016-05-25		WordPress Brafton 3.3.10 反射型 xss		5819 \| 0
SSV-91627	2016-05-21		WordPress Ghost Plugin 0.5.5 未授权下载 ghost 文件		5638 \| 0