Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

wordpress — Vulnerabilities & Security Advisories 27

All 27 CVE vulnerabilities found in wordpress, with AI-generated Chinese analysis, references, and POCs.

Vendor: n/a

CVE IDTitleCVSSSeverityPaused
CVE-2026-3906 WordPress 6.9 - 6.9.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Note Creation via REST API CWE-862 4.3 Medium2026-03-11
CVE-2025-58674 WordPress core <= 6.8.2 - (Author+) Cross Site Scripting (XSS) Vulnerability CWE-79 5.9 Medium2025-09-23
CVE-2025-58246 WordPress <= 6.8.2 - (Contributor+) Sensitive Data Exposure Vulnerability CWE-201 4.3 Medium2025-09-23
CVE-2025-54352 WordPress 安全漏洞 CWE-669 3.7 Low2025-07-21
CVE-2022-4973 WordPress Core < 6.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via use of the_meta(); function CWE-79 4.9 Medium2024-10-16
CVE-2024-32111 WordPress core < 6.5.5 - Auth. Arbitrary .html File Read (Windows Only) vulnerability CWE-22 5.0 Medium2024-06-25
CVE-2024-31111 WordPress Core < 6.5.5 - Cross Site Scripting (XSS) vulnerability CWE-79 6.5 Medium2024-06-25
CVE-2024-6307 WordPress Core < 6.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via HTML API 6.4 Medium2024-06-25
CVE-2024-4439 WordPress 跨站脚本漏洞 7.2 High2024-05-03
CVE-2023-5692 WordPress Core <= 6.4.3 - Sensitive Information Exposure via redirect_guess_404_permalink CWE-200 5.3 Medium2024-04-05
CVE-2023-5561 WordPress < 6.3.2 - Unauthenticated Post Author Email Disclosure 5.3 -2023-10-16
CVE-2023-39999 WordPress < 6.3.2 is vulnerable to Broken Access Control CWE-200 4.3 Medium2023-10-13
CVE-2023-38000 Auth. Stored Cross-Site Scripting (XSS) vulnerability in WordPress core and Gutenberg plugin via Navigation Links Block CWE-79 6.5 Medium2023-10-13
CVE-2023-2745 WordPress Core < 6.2.1 - Directory Traversal CWE-22 5.4 Medium2023-05-17
CVE-2022-3590 WP <= 6.1.1 - Unauthenticated Blind SSRF via DNS Rebinding 5.9 -2022-12-14
CVE-2022-43504 WordPress 授权问题漏洞 5.3 -2022-12-05
CVE-2022-43500 WordPress 跨站脚本漏洞 6.1 -2022-12-05
CVE-2022-43497 WordPress 跨站脚本漏洞 6.1 -2022-12-05
CVE-2011-1762 Wordpress 安全漏洞 CWE-284 6.5 -2022-04-18
CVE-2020-11026 Specially crafted filenames in WordPress leading to XSS CWE-707 8.7 High2020-04-30
CVE-2020-11028 Unauthenticated disclosure of certain private posts in WordPress CWE-284 5.8 Medium2020-04-30
CVE-2020-11029 Cross-site scripting in stats method (object cache) in WordPress CWE-79 5.8 Medium2020-04-30
CVE-2020-11030 Cross-site scripting (XSS) in Search block in WordPress CWE-707 6.4 Medium2020-04-30
CVE-2020-11025 Authenticated cross-site scripting (XSS) in WordPress Customizer CWE-79 5.8 Medium2020-04-30
CVE-2020-11027 Password reset links invalidation issue in WordPress CWE-672 6.1 Medium2020-04-30
CVE-2019-16781 Stored cross-site scripting (XSS) in WordPress block editor CWE-79 5.8 Medium2019-12-26
CVE-2019-16780 Stored cross-site scripting (XSS) in WordPress block editor CWE-79 5.8 Medium2019-12-26

All 27 known CVE vulnerabilities affecting wordpress with full Chinese analysis, references, and POCs where available.