漏洞组件 - WordPress - 知道创宇 Seebug 漏洞平台

'

漏洞组件 — WordPress

漏洞详情：: WordPress是一种使用PHP语言开发的博客平台，用户可以在支持PHP和MySQL 数据库的服务器上架设自己的网志。也可以把 WordPress 当作一个内容管理系统（CMS）来使用。WordPress 是一个免费的开源项目，在GNU通用公共许可证下授权发布。 WordPress 被认为是Michel Valdrighi所开发的网志平台b2 cafelog的正式继承者。“WordPress”这个名字出自 Christine Selleck 的主意，他是主要开发者Matt Mullenweg的朋友。

相关漏洞

SSV ID	提交时间	漏洞等级	漏洞名称	漏洞状态	人气 \| 评论
SSV-89528	2015-09-24		WordPress StageShow Plugin 'stageshow_redirect.php' 重定向漏洞		2012 \| 0
SSV-89527	2015-09-24		WordPress Vertical Image Slider 1.0 CSRF / XSS		1353 \| 0
SSV-89524	2015-09-24		WordPress Video Gallery 2.7 SQL Injection		1933 \| 0
SSV-89497	2015-09-21		WordPress Landing Pages 1.8.4 Cross Site Scripting ( CVE-2015-4065 )		1306 \| 0
SSV-89488	2015-09-21		WordPress WP-Shop 3.4.3.18 Cross Site Scripting		1645 \| 0
SSV-89480	2015-09-19		WordPress <= 4.3.0 权限提升漏洞		3411 \| 0
SSV-89479	2015-09-19		WordPress <= 4.3.0 跨站脚本漏洞		2730 \| 0
SSV-89478	2015-09-19		WordPress <=4.2.2 由竞争条件导致的权限提升		2854 \| 0
SSV-89463	2015-09-18		WordPress CP Reservation Calendar Plugin 1.1.6 - SQL Injection		1580 \| 2
SSV-89423	2015-09-14		WordPress Car Rental System SQL Injection Vulnerability		2461 \| 0
SSV-89411	2015-09-14		WordPress White-Label Framework 2.0.6 - XSS Vulnerability		1885 \| 0
SSV-89403	2015-09-11		WordPress media-file-manager-advanced Plugin Multiple Vulnerabilites		1272 \| 0
SSV-89356	2015-09-07		WordPress Aviary Image Editor Add On For Gravity Forms Plugin 3.0 /includes/upload.php File Upload		1265 \| 0
SSV-89311	2015-09-06		WordPress <= 4.2 - Stored XSS		1401 \| 0
SSV-89309	2015-09-06		WordPress CP Multi View Event Calendar Plugin 1.1.7 - SQL Injection		1486 \| 0
SSV-89299	2015-09-02		WordPress Responsive Thumbnail Slider Plugin 1.0 - Arbitrary File Upload		1331 \| 1
SSV-89294	2015-09-02		WordPress WP Symposium插件SQL注入漏洞		1905 \| 1
SSV-89284	2015-09-01		Wordpress Plugin 'WP Mobile Edition' LFI Vulnerability		2147 \| 0
SSV-89281	2015-09-01		WordPress Swim Team Plugin 1.44.10777 - Arbitrary File Download		2825 \| 0
SSV-89278	2015-09-01		Google Analyticator Multiple XSS Vulnerabilities		952 \| 0
SSV-89277	2015-08-31		WordPress NewStatPress Plugin 0.9.8 xss+sql注入		2186 \| 0
SSV-89276	2015-08-31		WordPress Shopping Cart 3.0.4 --任意文件上传		1736 \| 0
SSV-89269	2015-08-31		WordPress Googmonify Plugin 0.8.1 - XSS/CSRF		1439 \| 0
SSV-89217	2015-05-27		WordPress Booking Calendar Contact Form Plugin 1.0.2 /dex_bccf.php SQL注入漏洞		1248 \| 0
SSV-89180	2015-05-12		WordPress TheCartPress Plugin 1.3.9 /checkout/CheckoutEditor.class.php 本地文件包含漏洞		1804 \| 0
SSV-89179	2015-05-12		WordPress example.html 跨站脚本漏洞		1773 \| 0
SSV-89166	2015-05-04		Wordpress N-Media Website Contact Form 1.3.4 /classes/plugin.class.php 文件上传漏洞		1508 \| 0
SSV-89167	2015-05-04		Wordpress Reflex Gallery 3.1.3 /reflex-gallery-php.php 文件上传漏洞		1186 \| 0
SSV-89159	2015-04-24		Wordpress Tune Library Plugin 1.5.4 /tune-library.php SQL注入漏洞		1382 \| 0
SSV-89158	2015-04-24		Wordpress MiwoFTP 1.0.4 /admin/quixplorer/_include/fun_down.php 任意文件下载漏洞		1760 \| 0
SSV-89141	2015-04-20		WordPress VideoWhisper Video Presentation Plugin 3.31.17 /vp/vw_upload.php 文件上传漏洞		1052 \| 0
SSV-89142	2015-04-20		Wordpress Video Gallery Plugin 2.8 /hdflvvideoshare.php SQL注入漏洞		1292 \| 0
SSV-89091	2015-04-01		WordPress Aspose DOC Exporter Plugin 1.0任意文件上传漏洞		1516 \| 0
SSV-89087	2015-03-31		WordPress InBoundio Marketing Plugin 1.0 /admin/partials/csv_uploader.php 文件上传漏洞		1236 \| 0
SSV-89088	2015-03-31		WordPress Marketplace Plugin 2.4.0 /modules/additional-preview-images.php 文件上传漏洞		1493 \| 0
SSV-89089	2015-03-31		WordPress SEO by Yoast 1.7.3.3 /admin/class-bulk-editor-list-table.php SQL注入漏洞		1290 \| 0
SSV-89086	2015-03-31		WordPress BePro Listings Plugin 2.1.995 /bepro_listings.php SQL注入漏洞		1162 \| 0
SSV-89081	2015-03-30		WordPress BePro Listings Plugin 2.1.995 /bepro_listings_functions.php 文件上传漏洞		1180 \| 0
SSV-89070	2015-03-16		Wordpress Gravity Forms 1.8.19 /include/upload.php 文件上传漏洞		1121 \| 0
SSV-89071	2015-03-16		Wordpress MainWP Child Plugin 2.0.9.1 /class/MainWPChild.class.php 登录绕过漏洞		1105 \| 0
SSV-89048	2015-02-25		WordPress Plugin Revslider 4.1.4 /inc_php/framework/base_admin.class.php 文件上传漏洞		1102 \| 0
SSV-89051	2015-02-25		Wordpress Plugin Ajax-Store-Locator 1.2 /ajax-store-locator-wordpress_0/sl_file_download.php 任意文件下载漏洞		1196 \| 0
SSV-89053	2015-02-25		WordPress Video_Gallery Plugin 2.7.0 /videogalleryrss.php SQL注入漏洞		1308 \| 0
SSV-89052	2015-02-25		WordPress Survey_and_poll Plugin 1.1 /settings.php SQL注入漏洞		1374 \| 0
SSV-89050	2015-02-25		WordPress Plugin EasyCart 3.0.4 /inc/amfphp/administration/banneruploaderscript.php 文件上传漏洞		1051 \| 0
SSV-89054	2015-02-25		WordPress Symposium 14.11 /server/php/index.php 文件上传漏洞		1072 \| 0
SSV-89049	2015-02-25		WordPress Plugin DB_Backup 4.5 /download.php 任意文件下载漏洞		1184 \| 0
SSV-89047	2015-02-05		Wordpress Cform2 14.7 文件上传漏洞		1567 \| 0
SSV-89037	2015-01-30		WordPress /wp-content/plugins/html5-mp3-player-with-playlist/html5plus/playlist.php 信息泄露漏洞		938 \| 0
SSV-89036	2015-01-30		WordPress Platform Theme 1.4.3 /includes/library.options.php 本地文件包含漏洞		1861 \| 0
SSV-89038	2015-01-30		Wordpress Download Manager 2.7.4 /wp-content/plugins/download-manager/wpdm-core.php 代码执行漏洞		1213 \| 0
SSV-89035	2015-01-30		Wordpress多个主题任意文件下载漏洞		1223 \| 0
SSV-88988	2014-12-08		Wordpress Google Document Embedder 2.5.16 ~view.php SQL注入漏洞		1330 \| 0
SSV-88989	2014-12-08		Wordpress wpDataTables Plugin 1.5.3 文件上传漏洞		1474 \| 0
SSV-88987	2014-12-08		Wordpress 3.9.2 /wp-includes/formatting.php 跨站脚本漏洞		1280 \| 0
SSV-88990	2014-12-08		Wordpress wpDataTables Plugin 1.5.3 /wpdatatables.php SQL注入漏洞		1027 \| 0
SSV-88962	2014-11-13		wordpress infusionsoft 1.5.10 /wp-content/plugins/infusionsoft/Infusionsoft/utilities/code_generator.php 文件上传漏洞		1050 \| 0
SSV-88963	2014-11-13		Wordpress CP Multi View Event Calendar 1.01 /php-datafeed.php SQL注入漏洞		905 \| 0
SSV-87320	2014-10-10		Wordpress InfusionSoft Plugin Upload Vulnerability		1926 \| 0
SSV-87305	2014-10-10		Wordpress Slideshow Gallery 1.4.6 - Shell Upload (Python Exploit)		1362 \| 0
SSV-87290	2014-09-29		Wordpress Login Widget With Shortcode 3.1.1 - Multiple Vulnerabilities		1307 \| 0
SSV-87286	2014-09-29		Wordpress All In One WP Security Plugin 3.8.2 - SQL Injection		1558 \| 0
SSV-88864	2014-09-22		Wordpress Like Dislike Counter 1.2.3 /wp-content/plugins/like-dislike-counter-for-posts-pages-and-comments/ajax_counter.php SQL注入漏洞		943 \| 0
SSV-87258	2014-09-18		Wordpress WP Support Plus Responsive Ticket System 2.0 Plugin - Multiple Vulnerabilities		1254 \| 0
SSV-87244	2014-09-18		WordPress Acento Theme (view-pdf.php, file param) - Arbitrary File Download		1618 \| 0
SSV-87236	2014-09-18		Wordpress Plugins Premium Gallery Manager Unauthenticated Configuration Access Vulnerability		1259 \| 0
SSV-88858	2014-09-18		WordPress Acento-Theme /wp-content/themes/acento/includes/view-pdf.php 任意文件下载漏洞		990 \| 0
SSV-88841	2014-09-11		WordPress download-shortcode 1.1 /wp-content/force-download.php 本地文件包含漏洞		1357 \| 0
SSV-88837	2014-09-10		WordPress Themes /image_view.class.php 任意文件下载漏洞		1027 \| 0
SSV-87214	2014-09-04		WordPress ShortCode Plugin 1.1 - Local File Inclusion Vulnerability		2561 \| 0
SSV-87219	2014-09-04		Mulitple WordPress Themes (admin-ajax.php, img param) - Arbitrary File Download		1757 \| 0
SSV-87220	2014-09-04		Wordpress Huge-IT Image Gallery 1.0.1 Authenticated SQL Injection		1300 \| 0
SSV-87217	2014-09-04		WordPress Slideshow Gallery Plugin 1.4.6 - Shell Upload Vulnerability		1345 \| 0
SSV-88820	2014-09-01		Wordpress 2.6.6 /wysija_newsletters/trunk/helpers/back.php 任意文件创建漏洞		1684 \| 0
SSV-87183	2014-08-08		WordPress 3.9.2 /xmlrpc.php 拒绝服务漏洞 poc		1929 \| 0
SSV-87155	2014-07-25		Wordpress Video Gallery Plugin 2.5 - Multiple Vulnerabilities		1386 \| 0
SSV-87122	2014-07-08		Wordpress MailPoet (wysija-newsletters) Unauthenticated File Upload		1509 \| 0
SSV-70777	2014-07-01		Wordpress Plugin jQuery Mega Menu 1.0 本地文件包含漏洞		1687 \| 0
SSV-72032	2014-07-01		WordPress SH Slideshow plugin <= 3.1.4 - SQL Injection Vulnerability		1121 \| 0
SSV-88681	2014-06-27		Wordpress Theme Infocus /dl-skin.php 任意文件下载漏洞		996 \| 0
SSV-88682	2014-06-27		Wordpress Theme Elegance /dl-skin.php 任意文件下载漏洞		1134 \| 0
SSV-88678	2014-06-26		WordPress Participants database v1.5.4.8 SQL注入漏洞		910 \| 0
SSV-62633	2014-04-25		Wordpress linenity theme 2.0 /functions/download.php 本地文件包含漏洞		1278 \| 0
SSV-62213	2014-04-17		WordPress Unconfirmed Plugin 's'插件跨站脚本漏洞		966 \| 0
SSV-62212	2014-04-17		WordPress Jetpack插件安全绕过漏洞		1054 \| 0
SSV-62159	2014-04-14		WordPress HK Exif Tags插件EXIF标签脚本注入漏洞		751 \| 0
SSV-62042	2014-04-02		WordPress GD Star Rating插件跨站请求伪造漏洞		838 \| 0
SSV-62038	2014-04-02		WordPress Disable Comments插件跨站请求伪造漏洞		571 \| 0
SSV-62017	2014-04-01		WordPress Ajax Pagination插件'admin-ajax.php'本地文件包含漏洞		2246 \| 0
SSV-62018	2014-04-01		WordPress HTML Sitemap插件'inc/AdminPage.php'跨站请求伪造漏洞		960 \| 0
SSV-61949	2014-03-26		WordPress 3.8.1 /xmlrpc.php拒绝服务漏洞		1206 \| 0
SSV-61884	2014-03-21		WordPress WP-Filebase Download Manager插件任意代码执行漏洞		931 \| 0
SSV-62605	2014-03-20		WordPress 3.8.1 /xmlrpc.php 拒绝服务漏洞		912 \| 0
SSV-61875	2014-03-20		WordPress User Domain Whitelist插件跨站请求伪造漏洞		766 \| 0
SSV-61853	2014-03-19		WordPress XCloner插件跨站请求伪造漏洞		811 \| 0
SSV-61845	2014-03-19		WordPress Subscribe To Comments Reloaded插件跨站请求伪造漏洞		856 \| 0
SSV-62601	2014-03-14		WordPress 插件AdRotate 3.9.4 /wp-content/plugins/adrotate/library/clicktracker.php SQL注入漏洞		948 \| 0
SSV-61795	2014-03-14		WordPress LayerSlider插件跨站请求伪造漏洞		845 \| 0
SSV-61786	2014-03-13		WordPress WP SlimStat插件URL脚本注入漏洞		804 \| 0
SSV-61702	2014-03-07		WordPress Welcart e-Commerce插件跨站脚本和SQL注入漏洞		1227 \| 0