johnpbloch/wordpress vulnerabilities

Known vulnerabilities in the johnpbloch/wordpress package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M Cross-site Scripting (XSS)	>=5.9.0, <5.9.10>=6.0.0, <6.0.9>=6.1.0, <6.1.7>=6.2.0, <6.2.6>=6.3.0, <6.3.5>=6.4.0, <6.4.5>=6.5.0, <6.5.5
M Directory Traversal	>=4.1.0, <4.1.38>=4.2.0, <4.2.35>=4.3.0, <4.3.31>=4.4.0, <4.4.30>=4.5.0, <4.5.29>=4.6.0, <4.6.26>=4.7.0, <4.7.26>=4.8.0, <4.8.22>=4.0.0, <4.9.23>=5.0.0, <5.0.19>=5.1.0, <5.1.16>=5.2.0, <5.2.18>=5.3.0, <5.3.15>=5.4.0, <5.4.13>=5.5.0, <5.5.12>=5.6.0, <5.6.11>=5.7.0, <5.7.9>=5.8.0, <5.8.7>=5.9.0, <5.9.6>=6.0.0, <6.0.4>=6.1.0, <6.1.2>=6.2.0, <6.2.1
L Authentication Bypass	>=6.0.0, <6.0.3>=5.9.0, <5.9.5>=5.8.0, <5.8.6>=5.7.0, <5.7.8>=5.6.0, <5.6.10>=5.5.0, <5.5.11>=5.4.0, <5.4.12>=5.3.0, <5.3.14>=5.2.0, <5.2.17>=5.1.0, <5.1.15>=5.0.0, <5.0.18>=4.0.0, <4.9.22>=4.8.0, <4.8.21>=4.7.0, <4.7.25>=4.6.0, <4.6.25>=4.5.0, <4.5.28>=4.4.0, <4.4.29>=4.3.0, <4.3.30>=4.2.0, <4.2.34>=4.1.0, <4.1.37>=4.0.0, <4.0.37>=3.9.0, <3.9.39>=3.8.0, <3.8.40>=3.7.0, <3.7.40
M Cross-site Scripting (XSS)	>=6.0.0, <6.0.3>=5.9.0, <5.9.5>=5.8.0, <5.8.6>=5.7.0, <5.7.8>=5.6.0, <5.6.10>=5.5.0, <5.5.11>=5.4.0, <5.4.12>=5.3.0, <5.3.14>=5.2.0, <5.2.17>=5.1.0, <5.1.15>=5.0.0, <5.0.18>=4.0.0, <4.9.22>=4.8.0, <4.8.21>=4.7.0, <4.7.25>=4.6.0, <4.6.25>=4.5.0, <4.5.28>=4.4.0, <4.4.29>=4.3.0, <4.3.30>=4.2.0, <4.2.34>=4.1.0, <4.1.37>=4.0.0, <4.0.37>=3.9.0, <3.9.39>=3.8.0, <3.8.40>=3.7.0, <3.7.40
M Cross-site Scripting (XSS)	>=6.0.0, <6.0.3>=5.9.0, <5.9.5>=5.8.0, <5.8.6>=5.7.0, <5.7.8>=5.6.0, <5.6.10>=5.5.0, <5.5.11>=5.4.0, <5.4.12>=5.3.0, <5.3.14>=5.2.0, <5.2.17>=5.1.0, <5.1.15>=5.0.0, <5.0.18>=4.0.0, <4.9.22>=4.8.0, <4.8.21>=4.7.0, <4.7.25>=4.6.0, <4.6.25>=4.5.0, <4.5.28>=4.4.0, <4.4.29>=4.3.0, <4.3.30>=4.2.0, <4.2.34>=4.1.0, <4.1.37>=4.0.0, <4.0.37>=3.9.0, <3.9.39>=3.8.0, <3.8.40>=3.7.0, <3.7.40
M Information Exposure	>=5.1, <5.1.6>=5.2, <5.2.7>=5.3, <5.3.4>=5.4, <5.4.2
M Arbitrary Code Execution	>=5.4.0, <5.4.1>=5.3.0, <5.3.3>=5.2.0, <5.2.6>=5.1.0, <5.1.5>=5.0.0, <5.0.9>=4.0.0, <4.9.14>=4.8.0, <4.8.13>=4.7.0, <4.7.17>=4.6.0, <4.6.18>=4.5.0, <4.5.21>=4.4.0, <4.4.22>=4.3.0, <4.3.23>=4.2.0, <4.2.27>=4.1.0, <4.1.30>=4.0.0, <4.0.30>=3.9.0, <3.9.31>=3.8.0, <3.8.33>=3.7.0, <3.7.33
H Cross-site Scripting (XSS)	>=5.4.0, <5.4.1>=5.3.0, <5.3.3>=5.2.0, <5.2.6>=5.1.0, <5.1.5>=5.0.0, <5.0.9>=4.0.0, <4.9.14>=4.8.0, <4.8.13>=4.7.0, <4.7.17>=4.6.0, <4.6.18>=4.5.0, <4.5.21>=4.4.0, <4.4.22>=4.3.0, <4.3.23>=4.2.0, <4.2.27>=4.1.0, <4.1.30>=4.0.0, <4.0.30>=3.9.0, <3.9.31>=3.8.0, <3.8.33>=3.7.0, <3.7.33
C Improper Access Control	>=5.4.0, <5.4.1>=5.3.0, <5.3.3>=5.2.0, <5.2.6>=5.1.0, <5.1.5>=5.0.0, <5.0.9>=4.0.0, <4.9.14>=4.8.0, <4.8.13>=4.7.0, <4.7.17>=4.6.0, <4.6.18>=4.5.0, <4.5.21>=4.4.0, <4.4.22>=4.3.0, <4.3.23>=4.2.0, <4.2.27>=4.1.0, <4.1.30>=4.0.0, <4.0.30>=3.9.0, <3.9.31>=3.8.0, <3.8.33>=3.7.0, <3.7.33
M Information Disclosure	>=5.4.0, <5.4.1>=5.3.0, <5.3.3>=5.2.0, <5.2.6>=5.1.0, <5.1.5>=5.0.0, <5.0.9>=4.0.0, <4.9.14>=4.8.0, <4.8.13>=4.7.0, <4.7.17>=4.6.0, <4.6.18>=4.5.0, <4.5.21>=4.4.0, <4.4.22>=4.3.0, <4.3.23>=4.2.0, <4.2.27>=4.1.0, <4.1.30>=4.0.0, <4.0.30>=3.9.0, <3.9.31>=3.8.0, <3.8.33>=3.7.0, <3.7.33
M Cross-site Scripting (XSS)	>=5.4.0, <5.4.1>=5.3.0, <5.3.3>=5.2.0, <5.2.6>=5.1.0, <5.1.5>=5.0.0, <5.0.9>=4.0.0, <4.9.14>=4.8.0, <4.8.13>=4.7.0, <4.7.17>=4.6.0, <4.6.18>=4.5.0, <4.5.21>=4.4.0, <4.4.22>=4.3.0, <4.3.23>=4.2.0, <4.2.27>=4.1.0, <4.1.30>=4.0.0, <4.0.30>=3.9.0, <3.9.31>=3.8.0, <3.8.33>=3.7.0, <3.7.33
M Cross-site Scripting (XSS)	>=5.4.0, <5.4.1>=5.3.0, <5.3.3>=5.2.0, <5.2.6>=5.1.0, <5.1.5>=5.0.0, <5.0.9>=4.0.0, <4.9.14>=4.8.0, <4.8.13>=4.7.0, <4.7.17>=4.6.0, <4.6.18>=4.5.0, <4.5.21>=4.4.0, <4.4.22>=4.3.0, <4.3.23>=4.2.0, <4.2.27>=4.1.0, <4.1.30>=4.0.0, <4.0.30>=3.9.0, <3.9.31>=3.8.0, <3.8.33>=3.7.0, <3.7.33

Vulnerability

Vulnerable Version

Cross-site Scripting (XSS)

>=5.9.0, <5.9.10>=6.0.0, <6.0.9>=6.1.0, <6.1.7>=6.2.0, <6.2.6>=6.3.0, <6.3.5>=6.4.0, <6.4.5>=6.5.0, <6.5.5

Directory Traversal

>=4.1.0, <4.1.38>=4.2.0, <4.2.35>=4.3.0, <4.3.31>=4.4.0, <4.4.30>=4.5.0, <4.5.29>=4.6.0, <4.6.26>=4.7.0, <4.7.26>=4.8.0, <4.8.22>=4.0.0, <4.9.23>=5.0.0, <5.0.19>=5.1.0, <5.1.16>=5.2.0, <5.2.18>=5.3.0, <5.3.15>=5.4.0, <5.4.13>=5.5.0, <5.5.12>=5.6.0, <5.6.11>=5.7.0, <5.7.9>=5.8.0, <5.8.7>=5.9.0, <5.9.6>=6.0.0, <6.0.4>=6.1.0, <6.1.2>=6.2.0, <6.2.1

Authentication Bypass

>=6.0.0, <6.0.3>=5.9.0, <5.9.5>=5.8.0, <5.8.6>=5.7.0, <5.7.8>=5.6.0, <5.6.10>=5.5.0, <5.5.11>=5.4.0, <5.4.12>=5.3.0, <5.3.14>=5.2.0, <5.2.17>=5.1.0, <5.1.15>=5.0.0, <5.0.18>=4.0.0, <4.9.22>=4.8.0, <4.8.21>=4.7.0, <4.7.25>=4.6.0, <4.6.25>=4.5.0, <4.5.28>=4.4.0, <4.4.29>=4.3.0, <4.3.30>=4.2.0, <4.2.34>=4.1.0, <4.1.37>=4.0.0, <4.0.37>=3.9.0, <3.9.39>=3.8.0, <3.8.40>=3.7.0, <3.7.40

Cross-site Scripting (XSS)

Information Exposure

>=5.1, <5.1.6>=5.2, <5.2.7>=5.3, <5.3.4>=5.4, <5.4.2

Arbitrary Code Execution

>=5.4.0, <5.4.1>=5.3.0, <5.3.3>=5.2.0, <5.2.6>=5.1.0, <5.1.5>=5.0.0, <5.0.9>=4.0.0, <4.9.14>=4.8.0, <4.8.13>=4.7.0, <4.7.17>=4.6.0, <4.6.18>=4.5.0, <4.5.21>=4.4.0, <4.4.22>=4.3.0, <4.3.23>=4.2.0, <4.2.27>=4.1.0, <4.1.30>=4.0.0, <4.0.30>=3.9.0, <3.9.31>=3.8.0, <3.8.33>=3.7.0, <3.7.33

Cross-site Scripting (XSS)

Improper Access Control

Information Disclosure

Cross-site Scripting (XSS)

johnpbloch/wordpress/.../wordpress vulnerabilities

licenses detected

Direct Vulnerabilities

How to fix?