ID Added Title
8768 2017-03-07 WordPress 4.0-4.7.2 - Authenticated Stored Cross-Site Scripting (XSS) i...
8767 2017-03-07 WordPress 4.7.0-4.7.2 - Authenticated Unintended File Deletion in Plugin...
8766 2017-03-07 WordPress 2.8.1-4.7.2 - Control Characters in Redirect URL Validation
8765 2017-03-07 WordPress 3.6.0-4.7.2 - Authenticated Cross-Site Scripting (XSS) via Med...
8758 2017-03-03 WordPress Download Manager <= 2.9.45 - Cross-Site Request Forgery (CSRF)
8740 2017-02-23 Mail Masta 1.0 - Multiple SQL Injection
8738 2017-02-22 ByREV WP-PICShield - Cross-Site Request Forgery (CSRF)
8735 2017-02-09 Wordpress CodeArt Google MP3 Player - File Disclosure
8734 2017-02-01 WordPress 4.7.0-4.7.1 - Unauthenticated Page/Post Content Modification v...
8731 2017-01-26 WordPress 4.3.0-4.7.1 - Cross-Site Scripting (XSS) in posts list table
8730 2017-01-26 WordPress 3.5-4.7.1 - WP_Query SQL Injection
8729 2017-01-26 WordPress 4.2.0-4.7.1 - Press This UI Available to Unauthorised Users
8721 2017-01-12 WordPress 3.0-4.7 - Cryptographically Weak Pseudo-Random Number Generato...
8720 2017-01-12 WordPress 2.8-4.7 - Accessibility Mode Cross-Site Request Forgery (CSRF)
8719 2017-01-12 WordPress <= 4.7 - Post via Email Checks mail.example.com by Default
8718 2017-01-12 WordPress 3.4-4.7 - Stored Cross-Site Scripting (XSS) via Theme Name fal...
8717 2017-01-12 WordPress <= 4.7 - Cross-Site Request Forgery (CSRF) via Flash Upload
8716 2017-01-12 WordPress 2.9-4.7 - Authenticated Cross-Site scripting (XSS) in update-c...
8715 2017-01-12 WordPress 4.7 - User Information Disclosure via REST API
8714 2017-01-12 WordPress 4.3-4.7 - Remote Code Execution (RCE) in PHPMailer
8707 2017-01-03 XCloner - Backup and Restore <= 3.1.4 - Authenticated Path Traversal
8695 2016-12-13 MailChimp for WordPress <= 4.0.10 - Authenticated Cross-Site Scripting (...
8634 2016-10-04 WordPress Appointment Schedule Booking System - Authenticated Stored XSS
8628 2016-09-26 W3 Total Cache <= 0.9.4.1 – Authenticated Arbitrary File Download
8627 2016-09-26 W3 Total Cache <= 0.9.4.1 – Authenticated Arbitrary File Upload
8622 2016-09-20 Neosense Theme <= 1.7 - Unrestricted File Upload
8616 2016-09-08 WordPress 2.8-4.6 - Path Traversal in Upgrade Package Uploader
8615 2016-09-08 WordPress 2.5-4.6 - Authenticated Stored Cross-Site Scripting via Image ...
8614 2016-09-07 brafton WordPress Plugin <=3.4.7 - Reflected XSS
8611 2016-08-29 404 to 301 <= 2.3.0 - Unauthenticated Stored Cross-Site Scripting (XSS)