342 matches found
Wordfence Intelligence Weekly WordPress Vulnerability Report (March 23, 2026 to March 29, 2026)
Last week, there were 122 vulnerabilities disclosed in 90 WordPress Plugins and 22 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 46 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities...
Wordfence Intelligence Weekly WordPress Vulnerability Report (March 16, 2026 to March 22, 2026)
Last week, there were 266 vulnerabilities disclosed in 220 WordPress Plugins and 30 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 95 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilitie...
WordPress plugin Pendulum 代码问题漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There we...
Wordfence Intelligence Weekly WordPress Vulnerability Report (March 2, 2026 to March 8, 2026)
Last week, there were 199 vulnerabilities disclosed in 84 WordPress Plugins and 107 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 59 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilitie...
Wordfence Intelligence Weekly WordPress Vulnerability Report (February 23, 2026 to March 1, 2026)
Triple Threat Bug Bounty Challenge Hunt High Threat vulnerabilities and earn triple the incentives! Now through April 6, 2026 , earn three stacked bonuses on all valid submissions from our 'High Threat Vulnerabilities' list: 2x all high threat vulnerability bounties excluding 5,000,000+ installs...
WordPress plugin Charety 代码问题漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress Nutrie theme < 2.0.1 - Arbitrary File Upload vulnerability
Arbitrary File Upload vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Nutrie versions 2.0.1...
Wordfence Intelligence Weekly WordPress Vulnerability Report (February 16, 2026 to February 22, 2026)
Triple Threat Bug Bounty Challenge Hunt High Threat vulnerabilities and earn triple the incentives! Now through April 6, 2026 , earn three stacked bonuses on all valid submissions from our 'High Threat Vulnerabilities' list: 2x all high threat vulnerability bounties excluding 5,000,000+ installs...
CVE-2014-4163
Multiple cross-site request forgery CSRF vulnerabilities in the Featured Comments plugin 1.2.1 for WordPress allow remote attackers to hijack the authentication of administrators for requests that change the 1 buried or 2 featured status of a comment via a request to wp-admin/admin-ajax.php...
CVE-2016-10893
The crayon-syntax-highlighter plugin before 2.8.4 for WordPress has multiple XSS issues via AJAX requests...
CVE-2017-18558
The bws-testimonials plugin before 0.1.9 for WordPress has multiple XSS issues...
CVE-2017-18557
The bws-google-maps plugin before 1.3.6 for WordPress has multiple XSS issues...
CVE-2019-11807
The WooCommerce Checkout Manager plugin before 4.3 for WordPress allows media deletion via the wp-admin/admin-ajax.php?action=updateattachmentwccm wccmdefaultkeysload parameter because of a nopriv registration and a lack of capabilities checks...
GHSA-9CXG-GRMQ-54MQ vulnerabilities
Vulnerabilities for packages: wordpress...
Wordfence Intelligence Weekly WordPress Vulnerability Report (November 3, 2025 to November 9, 2025)
Calling all Vulnerability Researchers and Bug Bounty Hunters! The LFInder Challenge:Refine your LFI hunting skills with an expanded scope. Now through November 24, 2025, all LFI vulnerabilities in software with at least 25 active installs are considered in-scope for all researchers, regardless of...
Wordfence Intelligence Weekly WordPress Vulnerability Report (October 20, 2025 to October 26, 2025)
Calling all Vulnerability Researchers and Bug Bounty Hunters! Operation: Maximum Impact Challenge ! Now through November 10, 2025, earn 2X bounty rewards forall in-scope submissions in software with at least 5,000 active installs and fewer than 5 million active installs. Bounties up to $31,200 pe...
EUVD-2016-1911
Malware in sbrugna...
EUVD-2017-9675
Malware in sbrugna...
EUVD-2015-4134
Malware in sbrugna...
EUVD-2015-1911
Malware in sbrugna...