U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): Wordpress
  • Search Type: Search All
There are 9,521 matching records.
Displaying matches 8,501 through 8,520.
Vuln ID Summary CVSS Severity
CVE-2016-7168

Cross-site scripting (XSS) vulnerability in the media_handle_upload function in wp-admin/includes/media.php in WordPress before 4.6.1 might allow remote attackers to inject arbitrary web script or HTML by tricking an administrator into uploading an image file that has a crafted filename.

Published: January 04, 2017; 9:59:03 PM -0500 		V4.0:(not available)
 V3.0: 4.8 MEDIUM
V2.0: 3.5 LOW
CVE-2016-10112

Cross-site scripting (XSS) vulnerability in the WooCommerce plugin before 2.6.9 for WordPress allows remote authenticated administrators to inject arbitrary web script or HTML by providing crafted tax-rate table values in CSV format.

Published: January 03, 2017; 9:59:03 PM -0500 		V4.0:(not available)
 V3.0: 4.8 MEDIUM
V2.0: 3.5 LOW
CVE-2016-1000155

Reflected XSS in wordpress plugin wpsolr-search-engine v7.6

Published: October 10, 2016; 4:59:33 PM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-1000154

Reflected XSS in wordpress plugin whizz v1.0.7

Published: October 10, 2016; 4:59:32 PM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-1000153

Reflected XSS in wordpress plugin tidio-gallery v1.1

Published: October 10, 2016; 4:59:31 PM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-1000152

Reflected XSS in wordpress plugin tidio-form v1.0

Published: October 10, 2016; 4:59:30 PM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-1000151

Reflected XSS in wordpress plugin tera-charts v1.0

Published: October 10, 2016; 4:59:29 PM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-1000150

Reflected XSS in wordpress plugin simplified-content v1.0.0

Published: October 10, 2016; 4:59:28 PM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-1000149

Reflected XSS in wordpress plugin simpel-reserveren v3.5.2

Published: October 10, 2016; 4:59:27 PM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-1000148

Reflected XSS in wordpress plugin s3-video v0.983

Published: October 10, 2016; 4:59:26 PM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-1000147

Reflected XSS in wordpress plugin recipes-writer v1.0.4

Published: October 10, 2016; 4:59:25 PM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-1000146

Reflected XSS in wordpress plugin pondol-formmail v1.1

Published: October 10, 2016; 4:59:24 PM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-1000145

Reflected XSS in wordpress plugin pondol-carousel v1.0

Published: October 10, 2016; 4:59:23 PM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-1000144

Reflected XSS in wordpress plugin photoxhibit v2.1.8

Published: October 10, 2016; 4:59:21 PM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-1000143

Reflected XSS in wordpress plugin photoxhibit v2.1.8

Published: October 10, 2016; 4:59:20 PM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-1000142

Reflected XSS in wordpress plugin parsi-font v4.2.5

Published: October 10, 2016; 4:59:19 PM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-1000141

Reflected XSS in wordpress plugin page-layout-builder v1.9.3

Published: October 10, 2016; 4:59:18 PM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-1000140

Reflected XSS in wordpress plugin new-year-firework v1.1.9

Published: October 10, 2016; 4:59:17 PM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-1000139

Reflected XSS in wordpress plugin infusionsoft v1.5.11

Published: October 10, 2016; 4:59:15 PM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2016-1000138

Reflected XSS in wordpress plugin indexisto v1.0.5

Published: October 10, 2016; 4:59:14 PM -0400 		V4.0:(not available)
 V3.0: 6.1 MEDIUM
V2.0: 4.3 MEDIUM