Lucene search
K

342 matches found

Wordfence Blog
Wordfence Blog
added 2026/04/02 5:20 p.m.37 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (March 23, 2026 to March 29, 2026)

Last week, there were 122 vulnerabilities disclosed in 90 WordPress Plugins and 22 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 46 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities...

6AI score
Exploits0
Wordfence Blog
Wordfence Blog
added 2026/03/27 9:11 p.m.32 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (March 16, 2026 to March 22, 2026)

Last week, there were 266 vulnerabilities disclosed in 220 WordPress Plugins and 30 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 95 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilitie...

9.9CVSS6.2AI score0.07239EPSS
Exploits5
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.7 views

WordPress plugin Pendulum 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There we...

8.8CVSS5.9AI score0.00344EPSS
Exploits0References1
Wordfence Blog
Wordfence Blog
added 2026/03/12 7:0 p.m.11 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (March 2, 2026 to March 8, 2026)

Last week, there were 199 vulnerabilities disclosed in 84 WordPress Plugins and 107 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 59 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilitie...

9.9CVSS7.5AI score0.25532EPSS
Exploits7
Wordfence Blog
Wordfence Blog
added 2026/03/05 7:30 p.m.16 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (February 23, 2026 to March 1, 2026)

Triple Threat Bug Bounty Challenge Hunt High Threat vulnerabilities and earn triple the incentives! Now through April 6, 2026 , earn three stacked bonuses on all valid submissions from our 'High Threat Vulnerabilities' list: 2x all high threat vulnerability bounties excluding 5,000,000+ installs...

10CVSS7.2AI score0.01722EPSS
Exploits3
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.7 views

WordPress plugin Charety 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

9.9CVSS5.9AI score0.00331EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/03/03 11:26 a.m.7 views

WordPress Nutrie theme < 2.0.1 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Nutrie versions 2.0.1...

9.9CVSS5.9AI score0.00434EPSS
Exploits0Affected Software1
Wordfence Blog
Wordfence Blog
added 2026/02/26 4:2 p.m.30 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (February 16, 2026 to February 22, 2026)

Triple Threat Bug Bounty Challenge Hunt High Threat vulnerabilities and earn triple the incentives! Now through April 6, 2026 , earn three stacked bonuses on all valid submissions from our 'High Threat Vulnerabilities' list: 2x all high threat vulnerability bounties excluding 5,000,000+ installs...

9.9CVSS6AI score0.09396EPSS
Exploits17
RedhatCVE
RedhatCVE
added 2026/01/09 12:51 p.m.17 views

CVE-2014-4163

Multiple cross-site request forgery CSRF vulnerabilities in the Featured Comments plugin 1.2.1 for WordPress allow remote attackers to hijack the authentication of administrators for requests that change the 1 buried or 2 featured status of a comment via a request to wp-admin/admin-ajax.php...

6.8CVSS7.6AI score0.02315EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:12 a.m.13 views

CVE-2016-10893

The crayon-syntax-highlighter plugin before 2.8.4 for WordPress has multiple XSS issues via AJAX requests...

6.1CVSS6.3AI score0.01524EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:34 a.m.8 views

CVE-2017-18558

The bws-testimonials plugin before 0.1.9 for WordPress has multiple XSS issues...

6.1CVSS6.2AI score0.01384EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:31 a.m.6 views

CVE-2017-18557

The bws-google-maps plugin before 1.3.6 for WordPress has multiple XSS issues...

6.1CVSS6.2AI score0.01384EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:11 a.m.12 views

CVE-2019-11807

The WooCommerce Checkout Manager plugin before 4.3 for WordPress allows media deletion via the wp-admin/admin-ajax.php?action=updateattachmentwccm wccmdefaultkeysload parameter because of a nopriv registration and a lack of capabilities checks...

7.5CVSS6.9AI score0.0147EPSS
Exploits1References1
Wolfi
Wolfi
added 2026/01/07 1:51 a.m.5 views

GHSA-9CXG-GRMQ-54MQ vulnerabilities

Vulnerabilities for packages: wordpress...

7AI score
Exploits0
Wordfence Blog
Wordfence Blog
added 2025/11/13 3:35 p.m.20 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (November 3, 2025 to November 9, 2025)

Calling all Vulnerability Researchers and Bug Bounty Hunters! The LFInder Challenge:Refine your LFI hunting skills with an expanded scope. Now through November 24, 2025, all LFI vulnerabilities in software with at least 25 active installs are considered in-scope for all researchers, regardless of...

9.8CVSS9.6AI score0.75063EPSS
Exploits9
Wordfence Blog
Wordfence Blog
added 2025/10/30 4:1 p.m.34 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (October 20, 2025 to October 26, 2025)

Calling all Vulnerability Researchers and Bug Bounty Hunters! Operation: Maximum Impact Challenge ! Now through November 10, 2025, earn 2X bounty rewards forall in-scope submissions in software with at least 5,000 active installs and fewer than 5 million active installs. Bounties up to $31,200 pe...

10CVSS10AI score0.31827EPSS
Exploits12
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2016-1911

Malware in sbrugna...

9.8CVSS9.5AI score0.01872EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-9675

Malware in sbrugna...

6.1CVSS6.3AI score0.00916EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2015-4134

Malware in sbrugna...

7.5CVSS6.2AI score0.02364EPSS
Exploits2References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-1911

Malware in sbrugna...

8.8CVSS8.6AI score0.01927EPSS
Exploits1References3
Rows per page
Query Builder