Browse all 6 CVE security advisories affecting WordPress.org. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-64253 | WordPress Health Check & Troubleshooting plugin <= 1.7.1 - Path Traversal vulnerability — Health Check & TroubleshootingCWE-35 | 8.2AI | HighAI | 2025-12-16 |
| CVE-2023-39999 | WordPress < 6.3.2 is vulnerable to Broken Access Control — WordPressCWE-200 | 4.3 | Medium | 2023-10-13 |
| CVE-2023-38000 | Auth. Stored Cross-Site Scripting (XSS) vulnerability in WordPress core and Gutenberg plugin via Navigation Links Block — WordPressCWE-79 | 6.5 | Medium | 2023-10-13 |
| CVE-2022-43497 | WordPress 跨站脚本漏洞 — WordPress | 6.1 | - | 2022-12-05 |
| CVE-2022-43500 | WordPress 跨站脚本漏洞 — WordPress | 6.1 | - | 2022-12-05 |
| CVE-2022-43504 | WordPress 授权问题漏洞 — WordPress | 5.3 | - | 2022-12-05 |
This page lists every published CVE security advisory associated with WordPress.org. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.