Vulnerability Component - WordPress - Knownsec Seebug Vulnerability Platform

'

Vulnerability Component — WordPress

Detail：: WordPress是一种使用PHP语言开发的博客平台，用户可以在支持PHP和MySQL 数据库的服务器上架设自己的网志。也可以把 WordPress 当作一个内容管理系统（CMS）来使用。WordPress 是一个免费的开源项目，在GNU通用公共许可证下授权发布。 WordPress 被认为是Michel Valdrighi所开发的网志平台b2 cafelog的正式继承者。“WordPress”这个名字出自 Christine Selleck 的主意，他是主要开发者Matt Mullenweg的朋友。

Related Vulnerabilities

SSV ID	Submit Time	Level	Name	Status	Popularity \| Comments
SSV-11860	2009-07-23		WordPress Comment Author URI跨站脚本漏洞		578 \| 0
SSV-11858	2009-07-22		WordPress < 2.8.1 Security Bypass 0day		1127 \| 0
SSV-11824	2009-07-17		wordpress 281评论显示xss漏洞		804 \| 0
SSV-14833	2009-07-15		WordPress Plugin My Category Order <= 2.8 SQL Injection Vulnerability		1111 \| 0
SSV-11788	2009-07-10		WordPress wp-admin/admin.php模块错误权限检查漏洞		959 \| 0
SSV-11787	2009-07-10		WordPress口令重置用户名枚举漏洞		1123 \| 0
SSV-14855	2009-07-10		WordPress Privileges Unchecked in admin.php and Multiple Information		964 \| 0
SSV-11777	2009-07-09		WordPress Privileges Unchecked in admin.php and Multiple Information Disclosures		1045 \| 0
SSV-11739	2009-07-02		WordPress Plugin Related Sites 2.1 Blind SQL Injection Vulnerability		1021 \| 0
SSV-11737	2009-07-02		WordPress Plugin DM Albums 1.9.2 Remote File Disclosure Vulnerability		1102 \| 0
SSV-11726	2009-06-30		WordPress Plugin DM Albums 1.9.2 Remote File Inclusion Vuln		1088 \| 0
SSV-11655	2009-06-18		WordPress Photoracer插件id参数SQL注入漏洞		797 \| 0
SSV-11639	2009-06-17		WordPress Plugin Photoracer 1.0 (id) SQL Injection Vulnerability		887 \| 0
SSV-11617	2009-06-13		WordPress Plugin FireStats <= 1.6.1(fs_javascript) RFI Vulnerability		906 \| 0
SSV-11440	2009-05-27		Wordpress Plugin Lytebox (wp-lytebox) Local File Inclusion Vulnerability		1078 \| 0
SSV-4902	2009-03-14		WordPress MU wp-includes/wpmu-functions.php模块跨站脚本漏洞		903 \| 0
SSV-10804	2009-03-11		Wordpress MU < 2.7 'HOST' HTTP Header XSS Vulnerability		901 \| 0
SSV-10459	2009-01-13		Wordpress plugin WP-Forum 1.7.8 Remote SQL Injection Vulnerability		888 \| 0
SSV-4656	2009-01-12		Wordpress 2.7.0 admin remote code execution vulnerability		713 \| 0
SSV-10310	2008-12-23		Wordpress Plugin Page Flip Image Gallery <= 0.2.2 Remote FD Vuln		1092 \| 0
SSV-4498	2008-11-28		WordPress wp-includes/feed.php模块跨站脚本漏洞		853 \| 0
SSV-9841	2008-10-30		Wordpress Plugin e-Commerce <= 3.4 Arbitrary File Upload Exploit		920 \| 0
SSV-9810	2008-10-27		WordPress Media Holder (mediaHolder.php id) SQL Injection vulnerability		1103 \| 0
SSV-17436	2008-10-26		WordPress Media Holder (mediaHolder.php id) SQL Injection Vuln		1185 \| 0
SSV-9751	2008-10-18		Wordpress Plugin st_newsletter (stnl_iframe.php) SQL Injection Vulnerability		862 \| 0
SSV-17431	2008-10-17		Wordpress Plugin st_newsletter (stnl_iframe.php) SQL Injection Vuln		1076 \| 0
SSV-4037	2008-09-14		WordPress随机密码生成不充分漏洞		711 \| 0
SSV-4005	2008-09-11		WordPress丢失密码SQL栏截断未授权漏洞		676 \| 0
SSV-9467	2008-09-11		Wordpress 2.6.1 (SQL Column Truncation) Admin Takeover Exploit		896 \| 0
SSV-9436	2008-09-10		Wordpress 2.6.1 SQL Column Truncation Vulnerability		914 \| 0
SSV-3722	2008-07-28		WordPress Wp Downloads Manager 'upload.php'任意文件上传漏洞		891 \| 0
SSV-9172	2008-07-24		Wordpress Plugin Download Manager 0.2 Arbitrary File Upload Exploit		990 \| 0
SSV-3671	2008-07-17		WordPress 'press-this.php'多个跨站脚本漏洞		743 \| 0
SSV-3562	2008-07-07		Wordpress XML-RPC接口非授权操作漏洞		1156 \| 0
SSV-3331	2008-05-27		WordPress Upload File插件wp-uploadfile.php SQL注入漏洞		896 \| 0
SSV-3308	2008-05-21		WordPress Write标签任意文件上传漏洞		775 \| 0
SSV-3243	2008-04-30		WordPress下载监控插件id参数SQL注入漏洞		761 \| 0
SSV-3229	2008-04-29		WordPress Cookie完整性保护非授权访问漏洞		704 \| 0
SSV-3227	2008-04-29		WordPress wpSS插件ss_id参数SQL注入漏洞		836 \| 0
SSV-3228	2008-04-29		WordPress cat参数目录遍历漏洞		796 \| 0
SSV-8365	2008-04-23		Wordpress Plugin Spreadsheet <= 0.6 SQL Injection Vulnerability		890 \| 0
SSV-3119	2008-04-03		WordPress wp-download插件dl_id参数SQL注入漏洞		754 \| 0
SSV-8229	2008-04-01		Wordpress Plugin Download (dl_id) SQL Injection Vulnerability		899 \| 0
SSV-2969	2008-03-01		WordPress Sniplets插件多个输入验证漏洞		715 \| 0
SSV-8175	2008-02-28		Wordpress Plugin Sniplets 1.1.2 (RFI/XSS/RCE) Multiple Vulnerabilities		924 \| 0
SSV-8116	2008-02-17		Wordpress Photo album Remote SQL Injection Vulnerability		947 \| 0
SSV-8111	2008-02-16		Wordpress Plugin Simple Forum 2.0-2.1 SQL Injection Vulnerability		1238 \| 0
SSV-8114	2008-02-16		Wordpress Plugin Simple Forum 1.10-1.11 SQL Injection Vulnerability		1126 \| 0
SSV-8063	2008-02-05		Wordpress Plugin st_newsletter Remote SQL Injection Vulnerability		888 \| 0
SSV-17146	2008-02-05		Wordpress MU < 1.3.2 active_plugins option Code Execution Exploit		900 \| 0
SSV-2884	2008-02-03		WordPress WassUp插件spy.php脚本远程SQL注入漏洞		745 \| 0
SSV-8044	2008-02-03		Wordpress Plugin dmsguestbook 1.7.0 Multiple Remote Vulnerabilities		949 \| 0
SSV-8042	2008-02-03		Wordpress Plugin Wordspew Remote SQL Injection Vulnerability		878 \| 0
SSV-8024	2008-01-31		Wordpress Plugin Adserve 0.2 adclick.php SQL Injection Exploit		1971 \| 0
SSV-8028	2008-01-31		Wordpress Plugin WassUp 1.4.3 (spy.php to_date) SQL Injection Exploit		1070 \| 0
SSV-7928	2008-01-28		Wordpress plugin fGallery 2.4.1 fimrss.php SQL Injection Vulnerability		890 \| 0
SSV-7927	2008-01-28		Wordpress Plugin WP-Cal 0.3 editevent.php SQL Injection Vulnerability		938 \| 0
SSV-7886	2008-01-21		Wordpress plugin WP-Forum 1.7.4 Remote SQL Injection Vulnerability		903 \| 0
SSV-2792	2008-01-09		WordPress Plugin Wp-FileManager 'ajaxfilemanager.php'任意文件上传漏洞		872 \| 0
SSV-7796	2008-01-07		Wordpress Plugin Wp-FileManager 1.2 Remote Upload Vulnerability		940 \| 0
SSV-2775	2008-01-06		WordPress Multiple Cross-Site Scripting Vulnerabilities		913 \| 0
SSV-2773	2008-01-06		WordPress wp-db.php Character Set SQL Injection Vulnerability		861 \| 0
SSV-2684	2007-12-26		WordPress错误paged参数SQL操作信息泄露漏洞		711 \| 0
SSV-2628	2007-12-18		WordPress未授权帖子访问漏洞		850 \| 0
SSV-7640	2007-12-18		WordPress <= 2.0.2 (cache) Remote Shell Injection Exploit		981 \| 0
SSV-2640	2007-12-18		WordPress $_SERVER变量跨站脚本漏洞		865 \| 0
SSV-7592	2007-12-12		Wordpress <= 2.3.1 Charset Remote SQL Injection Vulnerability		1117 \| 0
SSV-2580	2007-12-12		WordPress wp-db.php文件字符集SQL注入漏洞		785 \| 0
SSV-7568	2007-12-06		Wordpress Plugin PictPress <= 0.91 Remote File Disclosure Vulnerability		918 \| 0
SSV-2388	2007-11-05		BackUpWordPress Bkpwp_Plugin_Path远程文件包含漏洞		893 \| 0
SSV-7442	2007-11-01		WordPress Plugin BackUpWordPress <= 0.4.2b RFI Vulnerability		937 \| 0
SSV-7397	2007-10-19		Simple Forum (for WordPress) sql-inject exploit (public version)		922 \| 0
SSV-7275	2007-09-17		Wordpress Multiple Versions Pwnpress Exploitation Tookit (0.2pub)		1192 \| 0
SSV-2218	2007-09-14		WordPress Unfiltered_HTML字段名称HTML注入漏洞		810 \| 0
SSV-7262	2007-09-14		Wordpress Multiple Versions Pwnpress Exploitation Tookit		992 \| 0
SSV-7163	2007-08-25		WordPress MultiUser crossite scripting PoC		936 \| 0
SSV-2091	2007-08-08		Wordpress多个输入验证漏洞		566 \| 0
SSV-2079	2007-08-08		WordPress WP-FeedStats HTML注入漏洞		928 \| 0
SSV-2068	2007-08-03		WordPress多个远程安全漏洞		545 \| 0
SSV-1927	2007-06-28		WordPress Custom字段任意文件上传漏洞		779 \| 0
SSV-6983	2007-06-27		WordPress 2.2 (wp-app.php) Arbitrary File Upload Exploit		1018 \| 0
SSV-1899	2007-06-21		WordPress自动统计模块Referer字段HTML注入漏洞		874 \| 0
SSV-1848	2007-06-10		Wordpress XMLRPC.PHP SQL注入漏洞		1288 \| 0
SSV-6911	2007-06-07		Wordpress 2.2 (xmlrpc.php) Remote SQL Injection Exploit		1180 \| 0
SSV-1786	2007-05-22		Wordpress admin-ajax.php远程SQL注入漏洞		1821 \| 0
SSV-6843	2007-05-22		Wordpress 2.1.3 admin-ajax.php SQL Injection Blind Fishing Exploit		1031 \| 0
SSV-1765	2007-05-18		WordPress Akismet插件未明漏洞		1334 \| 0
SSV-1742	2007-05-11		WordPress多个插件远程文件包含漏洞		672 \| 0
SSV-6733	2007-05-04		Wordpress plugin myflash <= 1.00 (wppath) RFI Vulnerability		1117 \| 0
SSV-6730	2007-05-04		Wordpress plugin wp-Table <= 1.43 (inc_dir) RFI Vulnerability		1043 \| 0
SSV-6731	2007-05-04		Wordpress plugin wordTube <= 1.43 (wpPATH) RFI Vulnerability		921 \| 0
SSV-6718	2007-04-30		Wordpress Plugin myGallery <= 1.4b4 Remote File Inclusion Vulnerability		1382 \| 0
SSV-6576	2007-04-04		Wordpress 2.1.2 (xmlrpc) Remote SQL Injection Exploit		1136 \| 0
SSV-1549	2007-03-26		Wordpress物理路径暴露漏洞		1706 \| 0
SSV-1522	2007-03-21		Wordpress PHP_Self跨站脚本漏洞		831 \| 0
SSV-6376	2007-03-12		WordPress AdminPanel CSRF/XSS - 0day		1038 \| 0
SSV-1453	2007-03-09		Wordpress 2.1.1远程命令执行后门漏洞		1117 \| 0
SSV-1312	2007-01-28		Wordpress Pingback SourceURI拒绝服务和信息泄露漏洞		1361 \| 0
SSV-5984	2007-01-11		Wordpress <= 2.0.6 wp-trackback.php Remote SQL Injection Exploit		1275 \| 0
SSV-1148	2007-01-09		WordPress Charset解码SQL注入漏洞		849 \| 0