Facebook
From asdsad, 3 Months ago, written in Plain Text.
Embed
Download Paste or View Raw
Hits: 174
  1. WordPress < 5.8.3 - SQL Injection via WP_Query 5.1.12 2022-21661 8.6 https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-6676-cqfm-gw84 https://hackerone.com/reports/1378209
  2. WordPress < 5.8 - Plugin Confusion 5.8 2021-44223 8.2 https://vavkamil.cz/2021/11/25/wordpress-plugin-confusion-update-can-get-you-pwned/
  3. WordPress 4.1-5.8.2 - SQL Injection via WP_Meta_Query 5.1.12 2022-21664 6.8 https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-jp3p-gw8h-6x86
  4. WP < 6.2.1 - Contributor+ Stored XSS via Open Embed Auto Discovery 5.1.16 N/A 6.8 https://wordpress.org/news/2023/05/wordpress-6-2-1-maintenance-security-release/
  5. WordPress 3.7 to 5.7.1 - Object Injection in PHPMailer 5.1.10 2020-36326 6.6 https://github.com/WordPress/WordPress/commit/267061c9595fedd321582d14c21ec9e7da2dcf62 https://wordpress.org/news/2021/05/wordpress-5-7-2-security-release/ https://github.com/PHPMailer/PHPMailer/commit/e2e07a355ee8ff36aba21d0242c5950c56e4c6f9 https://www.wordfence.com/blog/2021/05/wordpress-5-7-2-security-release-what-you-need-to-know/
  6. WP < 6.2.2 - Shortcode Execution in User Generated Data 5.1.16 N/A 6.5 https://wordpress.org/news/2023/05/wordpress-6-2-1-maintenance-security-release/ https://wordpress.org/news/2023/05/wordpress-6-2-2-security-release/
  7. WP < 6.0.2 - SQLi via Link API 5.1.14 N/A 5.8 https://wordpress.org/news/2022/08/wordpress-6-0-2-security-and-maintenance-release/
  8. WordPress < 5.9.2 - Prototype Pollution in jQuery 5.1.13 N/A 5.6 https://wordpress.org/news/2022/03/wordpress-5-9-2-security-maintenance-release/
  9. WP < 6.2.1 - Contributor+ Content Injection 5.1.16 N/A 5.5 https://wordpress.org/news/2023/05/wordpress-6-2-1-maintenance-security-release/
  10. WordPress < 5.8.3 - Author+ Stored XSS via Post Slugs 5.1.12 2022-21662 5.4 https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-699q-3hj9-889w https://hackerone.com/reports/425342 https://blog.sonarsource.com/wordpress-stored-xss-vulnerability