Wordpress Vulnerabilities


The following list includes some of the most critical Wordpress vulnerabilities known to the security community. In any case you find that there is anything missing in this list, please let us know and we will update it as soon as possible.
  1. WordPress Unrestricted File Upload Arbitrary PHP Code Execution
  2. WordPress Unchecked Privileges in admin.php and Multiple Information Disclosures
  3. WordPress MU wpmu-Blogs.php Crose Site Scrpting Vulnerability
  4. Wordpress user_login Column SQL Truncation Vulnerability
  5. Wordpress Column Truncation Allows Adminstrative Takeover (register)
  6. WordPress SQL Column Truncation Vulnerability (PoC)
  7. Wordpress Cookie Integrity Protection Vulnerability
  8. WordPress metaWeblog.editPost Post Arbitrary Modification (xmlrpc, Exploit, Patch)
  9. WordPress Charset SQL Injection Vulnerability
  10. WordPress wp_title() XSS
  11. WordPress Multiple Script Injection Vulnerabilities
  12. Multiple Vulnerabilities in WordPress (pingback, local files)
  13. WordPress Trackback UTF-7 SQL Injection (Exploit)
  14. WordPress CSRF Protection XSS Vulnerability
  15. WordPress Trackback Charset Decoding SQL Injection Vulnerability
  16. WordPress Persistent XSS (templates.php)
  17. Wordpress WP-DB Backup Plugin Directory Traversal
  18. WordPress DoS (Exploit)
  19. WordPress User Privilege Escalation
  20. WordPress Command Execution Vulnerability (Cache_lastpostdate)
  21. WordPress Multiple Vulnerability (wp-trackback.php)
  22. Multiple XSS Vulnerabilities in WordPress
  23. HTTP Response Splitting in WordPress