Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

wordpress-develop — Vulnerabilities & Security Advisories 17

All 17 CVE vulnerabilities found in wordpress-develop, with AI-generated Chinese analysis, references, and POCs.

This page aggregates vulnerability data for the open-source wordpress-develop project, focusing on common weakness classifications and associated tags. It collects security issues affecting the development version of WordPress, covering reported vulnerabilities from early 2020 through the present date. The dataset includes flaws related to cross-site scripting, privilege escalation, information disclosure, and injection attacks identified in the core repository and related components. Visitors can track the evolution of security advisories issued by the WordPress team to understand how specific weaknesses are addressed over time. The page enables users to explore the history of vulnerabilities within this specific product branch, offering insights into recurring security patterns and the effectiveness of past patches. By examining these records, developers and security researchers can gain a comprehensive view of the threat landscape surrounding the wordpress-develop product. This resource serves as a reference for understanding the severity and impact of known defects, facilitating better risk assessment and mitigation strategies. The information presented here is derived from official security reports and public databases, ensuring accuracy and relevance for those monitoring the project's security posture. This aggregation supports informed decision-making by providing a centralized view of historical and recent security incidents.

Vendor: WordPress

CVE IDTitleCVSSSeverityPublished
CVE-2024-31211 Remote Code Execution in `WP_HTML_Token` CWE-502 5.5 Medium2024-04-04
CVE-2024-31210 PHP file upload bypass via Plugin installer CWE-434 7.7 High2024-04-04
CVE-2022-21662 Stored XSS in WordPress CWE-79 8.0 High2022-01-06
CVE-2022-21663 Authenticated Object Injection in Multisites in WordPress CWE-74 6.6 Medium2022-01-06
CVE-2022-21664 SQL injection in WordPress CWE-89 7.4 High2022-01-06
CVE-2022-21661 SQL injection in WordPress CWE-89 8.0 High2022-01-06
CVE-2021-39203 Private data disclosure/privilege escalation through the block editor in Wordpress CWE-200 6.8 Medium2021-09-09
CVE-2021-39202 WordPress 5.8 beta: Stored Cross-Site Scripting (XSS) vulnerability in widget CWE-79 7.6 High2021-09-09
CVE-2021-39201 Authenticated cross-site scripting (XSS) in WordPress editor CWE-79 7.6 High2021-09-09
CVE-2021-39200 Information Disclosure in wp_die() via JSONP in wordpress CWE-200 5.3 Medium2021-09-09
CVE-2021-29450 WordPress Authenticated disclosure of password-protected posts and pages CWE-200 6.5 Medium2021-04-15
CVE-2021-29447 WordPress Authenticated XXE attack when installation is running PHP 8 CWE-611 7.1 High2021-04-15
CVE-2020-4047 Authenticated XSS via media attachment page in WordPress CWE-80 6.8 Medium2020-06-12
CVE-2020-4048 Open redirect in wp_validate_redirect() in WordPress CWE-601 5.7 Medium2020-06-12
CVE-2020-4049 Authenticated self-XSS via theme uploads in WordPress CWE-80 2.4 Low2020-06-12
CVE-2020-4050 set-screen-option filter misuse by plugins leading to privilege escalation in WordPress CWE-288 3.5 Low2020-06-12
CVE-2020-4046 Authenticated XSS through embed block in WordPress CWE-80 5.4 Medium2020-06-12

All 17 known CVE vulnerabilities affecting wordpress-develop with full Chinese analysis, references, and POCs where available.