脆弱性情報一覧

お問い合わせ

WordPress脆弱性情報

WordPressのコア・テーマ・プラグインの
脆弱性情報を配信しています

脆弱性情報一覧

【plugin】『School Management System – WPSchoolPress』(versions 2.2.16 以下)　Missing Authorization to Arbitrary User Deletionの脆弱性

2025年3月17日(月) 9:37

重大性 4.3

【plugin】『WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto』(versions 8.0.9 以下)　Unauthenticated Stored Cross-Site Scriptingの脆弱性

2025年3月17日(月) 9:37

重大性 7.2

【plugin】『School Management System – WPSchoolPress』(versions 2.2.16 以下)　Authenticated (Parent+) SQL Injectionの脆弱性

2025年3月17日(月) 9:37

重大性 6.5

【plugin】『School Management System – WPSchoolPress』(versions 2.2.16 以下)　Missing Authorization to Privilege Escalation via Account Takeoverの脆弱性

2025年3月17日(月) 9:37

重大性 8.8

【plugin】『WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto』(versions 8.0.9 以下)　Cross-Site Request Forgery to Arbitrary Results Deletionの脆弱性

2025年3月17日(月) 9:37

重大性 4.3

【plugin】『WC Affiliate – A Complete WooCommerce Affiliate Plugin』(versions 2.5.3 以下)　Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure via wf-export-allの脆弱性

2025年3月17日(月) 9:37

重大性 6.5

【plugin】『School Management System – WPSchoolPress』(versions 2.2.16 以下)　Authenticated (Teacher+) SQL Injectionの脆弱性

2025年3月17日(月) 9:37

重大性 6.5

【plugin】『WP01 – Speed, Security, SEO consultant』(versions 2.6.2 以下)　Authenticated (Subscriber+) Arbitrary File Downloadの脆弱性

2025年3月17日(月) 9:37

重大性 6.5

【plugin】『pixelstats』(versions 0.8.2 以下)　Reflected Cross-Site Scriptingの脆弱性

2025年3月17日(月) 9:37

重大性 6.1

【plugin】『Directory Listings WordPress plugin – uListing』(versions 2.1.7 以下)　Authenticated (Subscriber+) Privilege Escalationの脆弱性

2025年3月17日(月) 9:37

重大性 8.8

【plugin】『GiveWP – Donation Plugin and Fundraising Platform』(versions 3.22.0 以下)　Missing Authorization to Unauthenticated Arbitrary Earning Reports Disclosure via give_reports_earnings Functionの脆弱性

2025年3月17日(月) 9:37

重大性 6.5

【plugin】『Zoorum Comments』(versions 0.9 以下)　Cross-Site Request Forgery to Stored Cross-Site Scriptingの脆弱性

2025年3月17日(月) 9:37

重大性 6.1

【plugin】『Directory Listings WordPress plugin – uListing』(versions 2.1.7 以下)　Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Meta Update and PHP Object Injectionの脆弱性

2025年3月17日(月) 9:37

重大性 8.8

【plugin】『Portfolio and Projects』(versions 1.5.3 以下)　Authenticated (Administrator+) Stored Cross-Site Scriptingの脆弱性

2025年3月17日(月) 9:37

重大性 4.9

【plugin】『WP Ghost (Hide My WP Ghost) – Security & Firewall』(versions 5.4.01 以下)　Unauthenticated Limited File Readの脆弱性

2025年3月14日(金) 9:31

重大性 7.5

【plugin】『Realteo』(versions 1.2.8 以下)　Authentication Bypass via ‘do_register_user’の脆弱性

2025年3月14日(金) 9:31

重大性 9.8

【theme】『Zegen – Church WordPress Theme』(versions 1.1.9 以下)　Missing Authorization to Authenticated (Subscriber+) Theme Options Updatesの脆弱性

2025年3月14日(金) 9:31

重大性 4.3

【plugin】『Search & Filter Pro』(versions 2.5.19 以下)　Missing Authorization to Authenticated (Subscriber+) Post Meta Exposureの脆弱性

2025年3月14日(金) 9:31

重大性 4.3

【plugin】『CRM and Lead Management by vcita』(versions 2.7.1 以下)　Missing Authorization to Authenticated (Susbcriber+) Widget Toggleの脆弱性

2025年3月13日(木) 9:31

重大性 4.3

【plugin】『CC-IMG-Shortcode』(versions 1.1.0 以下)　Authenticated (Contributor+) Stored Cross-Site Scriptingの脆弱性

2025年3月13日(木) 9:31

重大性 6.4

前の20記事

次の20記事

1 … 340 次の20記事

脆弱性情報一覧

【plugin】『School Management System – WPSchoolPress』(versions 2.2.16 以下)　Missing Authorization to Arbitrary User Deletionの脆弱性

2025年3月17日(月) 9:37

重大性 4.3

【plugin】『WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto』(versions 8.0.9 以下)　Unauthenticated Stored Cross-Site Scriptingの脆弱性

2025年3月17日(月) 9:37

重大性 7.2

【plugin】『School Management System – WPSchoolPress』(versions 2.2.16 以下)　Authenticated (Parent+) SQL Injectionの脆弱性

2025年3月17日(月) 9:37

重大性 6.5

【plugin】『School Management System – WPSchoolPress』(versions 2.2.16 以下)　Missing Authorization to Privilege Escalation via Account Takeoverの脆弱性

2025年3月17日(月) 9:37

重大性 8.8

【plugin】『WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto』(versions 8.0.9 以下)　Cross-Site Request Forgery to Arbitrary Results Deletionの脆弱性

2025年3月17日(月) 9:37

重大性 4.3

【plugin】『WC Affiliate – A Complete WooCommerce Affiliate Plugin』(versions 2.5.3 以下)　Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure via wf-export-allの脆弱性

2025年3月17日(月) 9:37

重大性 6.5

【plugin】『School Management System – WPSchoolPress』(versions 2.2.16 以下)　Authenticated (Teacher+) SQL Injectionの脆弱性

2025年3月17日(月) 9:37

重大性 6.5

【plugin】『WP01 – Speed, Security, SEO consultant』(versions 2.6.2 以下)　Authenticated (Subscriber+) Arbitrary File Downloadの脆弱性

2025年3月17日(月) 9:37

重大性 6.5

【plugin】『pixelstats』(versions 0.8.2 以下)　Reflected Cross-Site Scriptingの脆弱性

2025年3月17日(月) 9:37

重大性 6.1

【plugin】『Directory Listings WordPress plugin – uListing』(versions 2.1.7 以下)　Authenticated (Subscriber+) Privilege Escalationの脆弱性

2025年3月17日(月) 9:37

重大性 8.8

前の10記事

次の10記事

1 … 680 次の10記事

注目記事

脆弱性情報を受け取る

WordPress脆弱性情報

脆弱性情報一覧

【plugin】『School Management System – WPSchoolPress』(versions 2.2.16 以下) Missing Authorization to Arbitrary User Deletionの脆弱性

【plugin】『WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto』(versions 8.0.9 以下) Unauthenticated Stored Cross-Site Scriptingの脆弱性

【plugin】『School Management System – WPSchoolPress』(versions 2.2.16 以下) Authenticated (Parent+) SQL Injectionの脆弱性

【plugin】『School Management System – WPSchoolPress』(versions 2.2.16 以下) Missing Authorization to Privilege Escalation via Account Takeoverの脆弱性

【plugin】『WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto』(versions 8.0.9 以下) Cross-Site Request Forgery to Arbitrary Results Deletionの脆弱性

【plugin】『WC Affiliate – A Complete WooCommerce Affiliate Plugin』(versions 2.5.3 以下) Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure via wf-export-allの脆弱性

【plugin】『School Management System – WPSchoolPress』(versions 2.2.16 以下) Authenticated (Teacher+) SQL Injectionの脆弱性

【plugin】『WP01 – Speed, Security, SEO consultant』(versions 2.6.2 以下) Authenticated (Subscriber+) Arbitrary File Downloadの脆弱性

【plugin】『pixelstats』(versions 0.8.2 以下) Reflected Cross-Site Scriptingの脆弱性

【plugin】『Directory Listings WordPress plugin – uListing』(versions 2.1.7 以下) Authenticated (Subscriber+) Privilege Escalationの脆弱性

【plugin】『GiveWP – Donation Plugin and Fundraising Platform』(versions 3.22.0 以下) Missing Authorization to Unauthenticated Arbitrary Earning Reports Disclosure via give_reports_earnings Functionの脆弱性

【plugin】『Zoorum Comments』(versions 0.9 以下) Cross-Site Request Forgery to Stored Cross-Site Scriptingの脆弱性

【plugin】『Directory Listings WordPress plugin – uListing』(versions 2.1.7 以下) Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Meta Update and PHP Object Injectionの脆弱性

【plugin】『Portfolio and Projects』(versions 1.5.3 以下) Authenticated (Administrator+) Stored Cross-Site Scriptingの脆弱性

【plugin】『WP Ghost (Hide My WP Ghost) – Security & Firewall』(versions 5.4.01 以下) Unauthenticated Limited File Readの脆弱性

【plugin】『Realteo』(versions 1.2.8 以下) Authentication Bypass via ‘do_register_user’の脆弱性

【theme】『Zegen – Church WordPress Theme』(versions 1.1.9 以下) Missing Authorization to Authenticated (Subscriber+) Theme Options Updatesの脆弱性

【plugin】『Search & Filter Pro』(versions 2.5.19 以下) Missing Authorization to Authenticated (Subscriber+) Post Meta Exposureの脆弱性

【plugin】『CRM and Lead Management by vcita』(versions 2.7.1 以下) Missing Authorization to Authenticated (Susbcriber+) Widget Toggleの脆弱性

【plugin】『CC-IMG-Shortcode』(versions 1.1.0 以下) Authenticated (Contributor+) Stored Cross-Site Scriptingの脆弱性

脆弱性情報一覧

【plugin】『School Management System – WPSchoolPress』(versions 2.2.16 以下) Missing Authorization to Arbitrary User Deletionの脆弱性

【plugin】『WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto』(versions 8.0.9 以下) Unauthenticated Stored Cross-Site Scriptingの脆弱性

【plugin】『School Management System – WPSchoolPress』(versions 2.2.16 以下) Authenticated (Parent+) SQL Injectionの脆弱性

【plugin】『School Management System – WPSchoolPress』(versions 2.2.16 以下) Missing Authorization to Privilege Escalation via Account Takeoverの脆弱性

【plugin】『WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto』(versions 8.0.9 以下) Cross-Site Request Forgery to Arbitrary Results Deletionの脆弱性

【plugin】『WC Affiliate – A Complete WooCommerce Affiliate Plugin』(versions 2.5.3 以下) Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure via wf-export-allの脆弱性

【plugin】『School Management System – WPSchoolPress』(versions 2.2.16 以下) Authenticated (Teacher+) SQL Injectionの脆弱性

【plugin】『WP01 – Speed, Security, SEO consultant』(versions 2.6.2 以下) Authenticated (Subscriber+) Arbitrary File Downloadの脆弱性

【plugin】『pixelstats』(versions 0.8.2 以下) Reflected Cross-Site Scriptingの脆弱性

【plugin】『Directory Listings WordPress plugin – uListing』(versions 2.1.7 以下) Authenticated (Subscriber+) Privilege Escalationの脆弱性

注目記事

【plugin】『School Management System – WPSchoolPress』(versions 2.2.16 以下)　Missing Authorization to Arbitrary User Deletionの脆弱性

【plugin】『WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto』(versions 8.0.9 以下)　Unauthenticated Stored Cross-Site Scriptingの脆弱性

【plugin】『School Management System – WPSchoolPress』(versions 2.2.16 以下)　Authenticated (Parent+) SQL Injectionの脆弱性

【plugin】『School Management System – WPSchoolPress』(versions 2.2.16 以下)　Missing Authorization to Privilege Escalation via Account Takeoverの脆弱性

【plugin】『WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto』(versions 8.0.9 以下)　Cross-Site Request Forgery to Arbitrary Results Deletionの脆弱性

【plugin】『WC Affiliate – A Complete WooCommerce Affiliate Plugin』(versions 2.5.3 以下)　Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure via wf-export-allの脆弱性

【plugin】『School Management System – WPSchoolPress』(versions 2.2.16 以下)　Authenticated (Teacher+) SQL Injectionの脆弱性

【plugin】『WP01 – Speed, Security, SEO consultant』(versions 2.6.2 以下)　Authenticated (Subscriber+) Arbitrary File Downloadの脆弱性

【plugin】『pixelstats』(versions 0.8.2 以下)　Reflected Cross-Site Scriptingの脆弱性

【plugin】『Directory Listings WordPress plugin – uListing』(versions 2.1.7 以下)　Authenticated (Subscriber+) Privilege Escalationの脆弱性

【plugin】『GiveWP – Donation Plugin and Fundraising Platform』(versions 3.22.0 以下)　Missing Authorization to Unauthenticated Arbitrary Earning Reports Disclosure via give_reports_earnings Functionの脆弱性

【plugin】『Zoorum Comments』(versions 0.9 以下)　Cross-Site Request Forgery to Stored Cross-Site Scriptingの脆弱性

【plugin】『Directory Listings WordPress plugin – uListing』(versions 2.1.7 以下)　Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Meta Update and PHP Object Injectionの脆弱性

【plugin】『Portfolio and Projects』(versions 1.5.3 以下)　Authenticated (Administrator+) Stored Cross-Site Scriptingの脆弱性

【plugin】『WP Ghost (Hide My WP Ghost) – Security & Firewall』(versions 5.4.01 以下)　Unauthenticated Limited File Readの脆弱性

【plugin】『Realteo』(versions 1.2.8 以下)　Authentication Bypass via ‘do_register_user’の脆弱性

【theme】『Zegen – Church WordPress Theme』(versions 1.1.9 以下)　Missing Authorization to Authenticated (Subscriber+) Theme Options Updatesの脆弱性

【plugin】『Search & Filter Pro』(versions 2.5.19 以下)　Missing Authorization to Authenticated (Subscriber+) Post Meta Exposureの脆弱性

【plugin】『CRM and Lead Management by vcita』(versions 2.7.1 以下)　Missing Authorization to Authenticated (Susbcriber+) Widget Toggleの脆弱性

【plugin】『CC-IMG-Shortcode』(versions 1.1.0 以下)　Authenticated (Contributor+) Stored Cross-Site Scriptingの脆弱性

【plugin】『School Management System – WPSchoolPress』(versions 2.2.16 以下)　Missing Authorization to Arbitrary User Deletionの脆弱性

【plugin】『WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto』(versions 8.0.9 以下)　Unauthenticated Stored Cross-Site Scriptingの脆弱性

【plugin】『School Management System – WPSchoolPress』(versions 2.2.16 以下)　Authenticated (Parent+) SQL Injectionの脆弱性

【plugin】『School Management System – WPSchoolPress』(versions 2.2.16 以下)　Missing Authorization to Privilege Escalation via Account Takeoverの脆弱性

【plugin】『WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto』(versions 8.0.9 以下)　Cross-Site Request Forgery to Arbitrary Results Deletionの脆弱性

【plugin】『WC Affiliate – A Complete WooCommerce Affiliate Plugin』(versions 2.5.3 以下)　Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure via wf-export-allの脆弱性

【plugin】『School Management System – WPSchoolPress』(versions 2.2.16 以下)　Authenticated (Teacher+) SQL Injectionの脆弱性

【plugin】『WP01 – Speed, Security, SEO consultant』(versions 2.6.2 以下)　Authenticated (Subscriber+) Arbitrary File Downloadの脆弱性

【plugin】『pixelstats』(versions 0.8.2 以下)　Reflected Cross-Site Scriptingの脆弱性

【plugin】『Directory Listings WordPress plugin – uListing』(versions 2.1.7 以下)　Authenticated (Subscriber+) Privilege Escalationの脆弱性