The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of WordPress Core

WordPress Core: five vulnerabilities
An attacker can use several vulnerabilities of WordPress Core...
CERTFR-2019-AVI-631, CVE-2019-16773-REJECT, CVE-2019-16780, CVE-2019-16781, CVE-2019-16788-REJECT, CVE-2019-20041, CVE-2019-20042, CVE-2019-20043, DLA-2067-1, DSA-4599-1, DSA-4677-1, Synology-SA-19:41, VIGILANCE-VUL-31153
WordPress Core: six vulnerabilities
An attacker can use several vulnerabilities of WordPress Core...
CERTFR-2019-AVI-504, CVE-2019-17669, CVE-2019-17670, CVE-2019-17671, CVE-2019-17672, CVE-2019-17673, CVE-2019-17674, CVE-2019-17675, DLA-1980-1, DSA-4599-1, DSA-4677-1, Synology-SA-19:34, VIGILANCE-VUL-30610
WordPress Core: multiple vulnerabilities
An attacker can use several vulnerabilities of WordPress Core...
CERTFR-2019-AVI-423, CVE-2019-16217, CVE-2019-16218, CVE-2019-16219, CVE-2019-16220, CVE-2019-16221, CVE-2019-16222, CVE-2019-16223, DLA-1960-1, DSA-4599-1, DSA-4677-1, VIGILANCE-VUL-30251
WordPress Core: Cross Site Scripting via Comments
An attacker can trigger a Cross Site Scripting via Comments of WordPress Core, in order to run JavaScript code in the context of the web site...
CERTFR-2019-AVI-100, CVE-2019-9787, DLA-1742-1, DSA-4677-1, VIGILANCE-VUL-28738
WordPress Core: directory traversal via wp_crop_image
An attacker can traverse directories via wp_crop_image() of WordPress Core, in order to create a file outside the service root path...
CVE-2019-8943, VIGILANCE-VUL-28561
WordPress Core: code execution via _wp_attached_file
An attacker can use a vulnerability via _wp_attached_file of WordPress Core, in order to run code...
CVE-2019-8942, DLA-1742-1, DSA-4401-1, VIGILANCE-VUL-28560
WordPress Core: multiple vulnerabilities
An attacker can use several vulnerabilities of WordPress Core...
CERTFR-2018-AVI-600, CVE-2018-20147, CVE-2018-20148, CVE-2018-20149, CVE-2018-20150, CVE-2018-20151, CVE-2018-20152, CVE-2018-20153, DLA-1673-1, DSA-4401-1, VIGILANCE-VUL-28023
WordPress Core: code execution via PHAR Thumbnail Upload
An attacker can use a vulnerability via PHAR Thumbnail Upload of WordPress Core, in order to run code...
CVE-2017-1000600, CVE-2018-1000773, VIGILANCE-VUL-27177
WordPress Core: denial of service via Media Upload File Deletion
An attacker can generate a fatal error via Media Upload File Deletion of WordPress Core, in order to trigger a denial of service...
CERTFR-2018-AVI-327, VIGILANCE-VUL-26644
WordPress Core: file deletion via Author Delete
An attacker can generate a fatal error via Author Delete of WordPress Core, in order to trigger a denial of service...
CVE-2018-12895, DLA-1452-1, DSA-4250-1, FEDORA-2018-623df1e98d, VIGILANCE-VUL-26554
Our database contains other pages. You can request a free trial to read them.

Display information about WordPress Core: