Wordpress Vulnerabilities


The following list includes some of the most critical Wordpress vulnerabilities known to the security community. In any case you find that there is anything missing in this list, please let us know and we will update it as soon as possible.
  1. WordPress BackWPUp Remote Code Execution Vulnerability
  2. Recaptcha WordPress Plugin Cross Site Scripting Vulnerability
  3. WordPress Unrestricted File Upload Arbitrary PHP Code Execution
  4. WordPress Unchecked Privileges in admin.php and Multiple Information Disclosures
  5. WordPress MU wpmu-Blogs.php Crose Site Scrpting Vulnerability
  6. Wordpress user_login Column SQL Truncation Vulnerability
  7. Wordpress Column Truncation Allows Adminstrative Takeover (register)
  8. WordPress SQL Column Truncation Vulnerability (PoC)
  9. Wordpress Cookie Integrity Protection Vulnerability
  10. WordPress metaWeblog.editPost Post Arbitrary Modification (xmlrpc, Exploit, Patch)
  11. WordPress Charset SQL Injection Vulnerability
  12. WordPress wp_title() XSS
  13. WordPress Multiple Script Injection Vulnerabilities
  14. Multiple Vulnerabilities in WordPress (pingback, local files)
  15. WordPress Trackback UTF-7 SQL Injection (Exploit)
  16. WordPress CSRF Protection XSS Vulnerability
  17. WordPress Trackback Charset Decoding SQL Injection Vulnerability
  18. WordPress Persistent XSS (templates.php)
  19. Wordpress WP-DB Backup Plugin Directory Traversal
  20. WordPress DoS (Exploit)
  21. WordPress User Privilege Escalation
  22. WordPress Command Execution Vulnerability (Cache_lastpostdate)
  23. WordPress Multiple Vulnerability (wp-trackback.php)
  24. Multiple XSS Vulnerabilities in WordPress
  25. HTTP Response Splitting in WordPress