Vulnerability Component - WordPress - Knownsec Seebug Vulnerability Platform

'

Vulnerability Component — WordPress

Detail：: WordPress是一种使用PHP语言开发的博客平台，用户可以在支持PHP和MySQL 数据库的服务器上架设自己的网志。也可以把 WordPress 当作一个内容管理系统（CMS）来使用。WordPress 是一个免费的开源项目，在GNU通用公共许可证下授权发布。 WordPress 被认为是Michel Valdrighi所开发的网志平台b2 cafelog的正式继承者。“WordPress”这个名字出自 Christine Selleck 的主意，他是主要开发者Matt Mullenweg的朋友。

Related Vulnerabilities

SSV ID	Submit Time	Level	Name	Status	Popularity \| Comments
SSV-91580	2016-05-18		Wordpress fresh-page 插件-phpThumb.php文件src参数-跨站脚本漏洞		3276 \| 0
SSV-91579	2016-05-17		Wordpress optinfirex 插件-/lp/index.php文件id参数-跨站脚本漏洞		2997 \| 0
SSV-91578	2016-05-17		Wordpress Recommend-a-friend 插件-raf_form.php文件current_url参数-跨站脚本漏洞		2880 \| 0
SSV-91570	2016-05-16		WordPress leenk.me Plugin 2.5.0 - CSRF/XSS		3264 \| 0
SSV-91569	2016-05-16		Wordpress Plugin IMDb Profile Widget 1.0.8 - Local File Inclusion		3174 \| 0
SSV-91568	2016-05-16		WordPress Photocart Link Plugin 1.6 - Local File Inclusion		2963 \| 0
SSV-91561	2016-05-14		Wordpress Seo Link Rotator 插件-pusher.php文件title参数--跨站脚本漏洞		2608 \| 0
SSV-91543	2016-05-13		WordPress 插件 Brandfolder v3.0 本地文件包含漏洞		3205 \| 0
SSV-91542	2016-05-13		WordPress Memphis Document Library Plugin 3.1.5 - Arbitrary File Download		3141 \| 0
SSV-91527	2016-05-11		WordPress SOME bug in plupload.flash.swf		2503 \| 0
SSV-91521	2016-05-11		Wordpress Js-Multi-Hotel 插件-refreshDate.php文件-跨站脚本漏洞		5032 \| 0
SSV-91520	2016-05-11		WordPress Blooog-v1.1 Theme-jplayer.swf文件-跨站脚本漏洞		4598 \| 0
SSV-91515	2016-05-10		WordPress 4.2.0-4.5.1 flashmediaelement.swf 反射型 XSS 漏洞		7760 \| 1
SSV-91511	2016-05-10		WordPress Dharma booking Plugin 2.38.3 本地文件包含漏洞		3111 \| 0
SSV-91505	2016-05-10		Wordpress Popup Images 插件-popup.php文件-跨站脚本漏洞		2746 \| 0
SSV-91504	2016-05-10		Wordpress SS Downloads 插件-emailform.php文件-跨站脚本漏洞		2629 \| 0
SSV-91503	2016-05-10		Wordpress Photocrati theme-ecomm-sizes.php文件prod_id参数-跨站脚本漏洞		2528 \| 0
SSV-91502	2016-05-10		WordPress WP-Password 插件-login.php文件err参数-跨站脚本漏洞		2725 \| 0
SSV-91474	2016-05-09		WordPress Abtest本地文件包含漏洞		3129 \| 0
SSV-91463	2016-05-05		Wordpress 4.5.1 Remote Command Execute		8858 \| 1
SSV-91439	2016-05-04		Wordpress kento-post-view-counter 插件存储型 XSS		2224 \| 0
SSV-91435	2016-05-04		WordPress Robo Gallery 2.0.14 Code Execution		2075 \| 0
SSV-91428	2016-05-04		WordPress 支付插件SQL 注入漏洞		2094 \| 0
SSV-91424	2016-05-04		Wordpress spreadsheet 插件-spreadsheet.php文件page参数-跨站脚本漏洞		2078 \| 0
SSV-91372	2016-04-23		WordPress Community Events Plugin 1.3.5 - SQL Injection Vulnerability		3494 \| 1
SSV-91371	2016-04-23		Wordpress Memphis Document Library 插件3.1.5-mdocs-img-preview-任意文件下载漏洞		2911 \| 0
SSV-91370	2016-04-23		Wordpress EZLeadPro 插件-lp/index.php文件id参数-跨站脚本漏洞		2354 \| 0
SSV-91369	2016-04-23		Wordpress Conversionninja 插件-/lp/index.php文件-跨站脚本漏洞		2905 \| 0
SSV-91332	2016-04-18		WordPress Memphis Document Library Plugin 2.3 - 3.1.5任意文件下载漏洞		2514 \| 0
SSV-91315	2016-04-14		WordPress Import CSV Plugin 1.0 - Directory Traversal		1958 \| 1
SSV-91311	2016-04-14		WordPress Abtest Plugin - Local File Inclusion		2084 \| 0
SSV-91295	2016-04-12		Wordpress Scoreme主题跨站漏洞		2051 \| 0
SSV-91283	2016-04-11		Wordpress Spider Video Player插件-settings.php文件-跨站脚本漏洞		1416 \| 0
SSV-91282	2016-04-11		Wordpress MyBand插件-timthumb.php文件-跨站脚本漏洞		1213 \| 0
SSV-91281	2016-04-11		Wordpress SI CAPTCHA AntiSpam 插件-test/index.php-跨站脚本漏洞		1507 \| 0
SSV-91253	2016-04-05		Wordpress Site Import Plugin 1.0.1 - Local and Remote File Inclusion		2498 \| 0
SSV-91252	2016-04-05		WordPress DZS Videogallery Plugin <=8.60 - Multiple Vulnerabilities		1453 \| 0
SSV-91251	2016-04-05		Wordpress Beauty & Clean Theme 1.0.8 - Arbitrary File Upload Vulnerability		1800 \| 0
SSV-91235	2016-04-01		Wordpress Bonuspressx插件-ar_submit.php文件-跨站脚本漏洞		1431 \| 0
SSV-91234	2016-04-01		WordPress FR0_theme插件-down.php文件-任意文件下载漏洞		1712 \| 0
SSV-91233	2016-04-01		WordPress Category-Page-Icons插件-wpdev-flash-uploader.php文件-文件上传漏洞		2071 \| 0
SSV-91232	2016-04-01		Wordpress mTheme Unus-css.php文件-本地文件包含漏洞		1981 \| 0
SSV-91231	2016-04-01		Wordpress Begin 插件-go.php-url重定向漏洞		2990 \| 0
SSV-91230	2016-04-01		Wordpress Formcraft插件-upload.php-文件上传漏洞		1431 \| 0
SSV-91229	2016-04-01		Wordpress Goodnews 插件-跨站脚本漏洞		1344 \| 0
SSV-91228	2016-04-01		Wordpress Music Store 插件 v1.0.14-ms-submit.php-URL重定向漏洞		1948 \| 0
SSV-91216	2016-03-31		wordpress SP Projects and Document Manager V 2.5.9.6 XSS 漏洞		1426 \| 0
SSV-91215	2016-03-31		WordPress Altos Connect Widget 1.3.0 XSS 漏洞		1586 \| 0
SSV-91213	2016-03-30		WordPress的ProjectTheme2.0.9.5多个漏洞(XSS/CSRF)		1155 \| 0
SSV-91211	2016-03-30		WordPress eBook Download Plugin 1.1 - 任意文件下载		2274 \| 0
SSV-91181	2016-03-28		WordPress Twenty Fifteen Theme-DOM型跨站脚本漏洞		2089 \| 0
SSV-91180	2016-03-28		Wordpress PHP Event Calendar 插件-任意文件上传漏洞		1418 \| 0
SSV-91179	2016-03-28		WordPress WPML reminder_popup 跨站脚本漏洞		1401 \| 0
SSV-91178	2016-03-28		WordPress WP All 3.2.3 文件上传漏洞		2101 \| 0
SSV-91177	2016-03-28		Wordpress force-download.php 任意文件下载漏洞		2180 \| 0
SSV-91176	2016-03-28		WordPress Fusion Theme 3.1版本后台文件上传漏洞		1334 \| 0
SSV-91173	2016-03-28		WordPress HB Audio Gallery Lite Plugin 1.0.0 - 任意文件下载		2214 \| 0
SSV-91165	2016-03-25		WordPress Booking Calendar Contact Form 1.0.23 盲注		1747 \| 0
SSV-91146	2016-03-22		Wordpress RedSteel Theme-download.php任意文件下载漏洞		2098 \| 0
SSV-91144	2016-03-22		WordPress WP User Frontend插件3.4.6文件上传漏洞		1305 \| 0
SSV-91134	2016-03-21		WordPress Bulk Delete Plugin 5.5.3 - 提权		1911 \| 0
SSV-91128	2016-03-21		wordpress 插件 site-import V1.0.1 文件包含漏洞		1802 \| 0
SSV-91081	2016-03-18		WordPress CIP4 Folder Download 1.10 本地文件包含漏洞		2419 \| 1
SSV-91045	2016-03-16		Wordpress slideoptinprox插件ar_submit.php文件跨站脚本漏洞		1270 \| 0
SSV-91006	2016-03-13		Wordpress clikstats插件ck.php文件URL重定向漏洞		2289 \| 0
SSV-91005	2016-03-13		WordPress WooCommerce 2.4.12 远程命令执行漏洞		1582 \| 0
SSV-91004	2016-03-13		Wordpress Formcraft 插件upload.php文件上传漏洞		1753 \| 0
SSV-91001	2016-03-12		Wordpress Newsletter Pro插件do.php文件-URL重定向漏洞		1952 \| 0
SSV-90994	2016-03-11		WordPress Booking Calendar Contact Form<=1.1.24 - cpabc_appointments.php文件addslashes SQL Injection V		1998 \| 0
SSV-90993	2016-03-11		Wordpress Booking Calendar Contact Form Plugin <=1.1.23 - Shortcode SQL注入漏洞		1457 \| 0
SSV-90989	2016-03-11		WordPress预订日历联系表单1.1.24 多个漏洞 (XSS, CSRF)		1663 \| 0
SSV-90952	2016-03-09		wordpress Begin Themes go.php 参数url URL重定向漏洞		1873 \| 0
SSV-90940	2016-03-08		wordpress comment-rating-plugin edit-comments.php文件tab参数跨站脚本漏洞		1382 \| 0
SSV-90891	2016-03-06		WordPress 插件 WP Easy Gallery v4.1.4 存储xss		1384 \| 0
SSV-90833	2016-02-29		WordPress appointment-booking-calendar <=1.1.23 - Unauthenticated SQL injection		2248 \| 0
SSV-90800	2016-02-21		WordPress /wp-content/plugins/extredj/red.php Open Redirection		2229 \| 0
SSV-90791	2016-02-20		wordpress Extredj插件 red.php 参数ext URL重定向漏洞		1830 \| 0
SSV-90727	2016-02-14		Wordpress Extredj Plugin URL 重定向漏洞		2324 \| 0
SSV-90711	2016-01-29		WordPress 备份与恢复插件 WP Backitup Lite 数据库备份文件泄露漏洞		2283 \| 0
SSV-90559	2016-01-21		Wordpress Tubepress 插件 v2.0 popup.php 参数 name XSS 漏洞		1635 \| 0
SSV-90550	2016-01-21		Commentator WordPress Plugin 2.5.2 XSS Vulnerability		1930 \| 0
SSV-90509	2016-01-19		WP 插件 NEX-Forms Lite 2.1.0 XSS 漏洞		2400 \| 0
SSV-90491	2016-01-18		WP 插件 Easy2Map Photos 1.0.9 SQL注入漏洞		1443 \| 0
SSV-90487	2016-01-18		WordPress AzonPop插件1.0.0版本在/wp-content/plugins/AzonPop/files/view/showpopup.php存在SQL注入漏洞		1546 \| 0
SSV-90484	2016-01-18		WP 插件 Easy Poll 1.1.3 XSS 漏洞		1516 \| 0
SSV-90451	2016-01-15		wordpress的Stanford theme在wp-content/themes/stvp/jwplayer.php处存在XSS漏洞		1299 \| 0
SSV-90260	2016-01-09		wordpress <4.4.1 wp-admin/customize.php 页面 xss		2003 \| 0
SSV-90231	2016-01-07		WordPress Revslider 插件任意文件上传漏洞与任意文件下载漏洞		2158 \| 0
SSV-89959	2015-11-30		WordPress theme parallelus-salutation Arbitrary File Download Vulnerability		2152 \| 0
SSV-89871	2015-11-24		WordPress < 4.1.2 Stored XSS vulnerability		2144 \| 0
SSV-89867	2015-11-20		Wordpress plugin Pods <= 2.4.3 XSS and CSRF vulnerabilities		1429 \| 0
SSV-89863	2015-11-19		WordPress Work The Flow File Upload 2.5.2 - Arbitrary File Upload Vulnerability		1509 \| 0
SSV-89712	2015-11-09		WordPress 利用 XMLRPC 爆破		2455 \| 0
SSV-89591	2015-10-02		WordPress DB-Backup Plugin 4.5 /download.php 任意文件下载漏洞		1875 \| 0
SSV-89573	2015-09-29		WordPress IBS Mappro插件读取任意文件		1732 \| 0
SSV-87944	2015-09-29		Shareaholic 7.6.0.3 XSS		1727 \| 0
SSV-89566	2015-09-28		WordPress RevSlider 3.0.3 上传漏洞		2647 \| 0
SSV-89538	2015-09-25		WordPress 3.8.2 cookie 伪造漏洞		1909 \| 0
SSV-89533	2015-09-25		WordPress Esplanade 1.1.4 Theme Reflected XSS		1659 \| 0
SSV-89532	2015-09-25		Wordpress Plugin Store Locator Plus 4.2.23 Email Injection		1780 \| 0