Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • M
Information Exposure
johnpbloch/wordpress-core<3.7.40>=3.8.0, <3.8.40>=3.9.0, <3.9.38>=4.0.0, <4.0.37>=4.1.0, <4.1.37>=4.2.0, <4.2.34>=4.3.0, <4.3.30>=4.4.0, <4.4.29>=4.5.0, <4.5.28>=4.6.0, <4.6.25>=4.7.0, <4.7.25>=4.8.0, <4.8.21>=4.9.0, <4.9.22>=5.0.0, <5.0.18>=5.1.0, <5.1.15>=5.2.0, <5.2.17>=5.3.0, <5.3.14>=5.4.0, <5.4.12>=5.5.0, <5.5.11>=5.6.0, <5.6.10>=5.7.0, <5.7.8>=5.8.0, <5.8.6>=5.9.0, <5.9.5>=6.0.0, <6.0.3Composer21 Jan 2025
  • M
Improper Input Validation
johnpbloch/wordpress-core<4.1.39>=4.2.0, <4.2.36>=4.3.0, <4.3.32>=4.4.0, <4.4.31>=4.5.0, <4.5.30>=4.6.0, <4.6.27>=4.7.0, <4.7.27>=4.8.0, <4.8.23>=4.9.0, <4.9.24>=5.0.0, <5.0.20>=5.1.0, <5.1.17>=5.2.0, <5.2.19>=5.3.0, <5.3.16>=5.4.0, <5.4.14>=5.5.0, <5.5.13>=5.6.0, <5.6.12>=5.7.0, <5.7.10>=5.8.0, <5.8.8>=5.9.0, <5.9.8>=6.0.0, <6.0.6>=6.1.0, <6.1.4>=6.2.0, <6.2.3>=6.3.0, <6.3.2Composer21 Jan 2025
  • M
Cross-site Request Forgery (CSRF)
johnpbloch/wordpress-core<4.1.38>=4.2.0, <4.2.35>=4.3.0, <4.3.31>=4.4.0, <4.4.30>=4.5.0, <4.5.29>=4.6.0, <4.6.26>=4.7.0, <4.7.26>=4.8.0, <4.8.22>=4.9.0, <4.9.23>=5.0.0, <5.0.19>=5.1.0, <5.1.16>=5.2.0, <5.2.18>=5.3.0, <5.3.15>=5.4.0, <5.4.13>=5.5.0, <5.5.12>=5.6.0, <5.6.11>=5.7.0, <5.7.9>=5.8.0, <5.8.7>=5.9.0, <5.9.6>=6.0.0, <6.0.4>=6.1.0, <6.1.2>=6.2.0, <6.2.1Composer21 Jan 2025
  • M
Exposure of Data Element to Wrong Session
johnpbloch/wordpress-core<3.7.40>=3.8.0, <3.8.40>=3.9.0, <3.9.38>=4.0.0, <4.0.37>=4.1.0, <4.1.37>=4.2.0, <4.2.34>=4.3.0, <4.3.30>=4.4.0, <4.4.29>=4.5.0, <4.5.28>=4.6.0, <4.6.25>=4.7.0, <4.7.25>=4.8.0, <4.8.21>=4.9.0, <4.9.22>=5.0.0, <5.0.18>=5.1.0, <5.1.15>=5.2.0, <5.2.17>=5.3.0, <5.3.14>=5.4.0, <5.4.12>=5.5.0, <5.5.11>=5.6.0, <5.6.10>=5.7.0, <5.7.8>=5.8.0, <5.8.6>=5.9.0, <5.9.5>=6.0.0, <6.0.3Composer21 Jan 2025
  • M
SQL Injection
johnpbloch/wordpress-core<3.7.39>=3.8.0, <3.8.39>=3.9.0, <3.9.37>=4.0.0, <4.0.36>=4.1.0, <4.1.36>=4.2.0, <4.2.33>=4.3.0, <4.3.29>=4.4.0, <4.4.28>=4.5.0, <4.5.27>=4.6.0, <4.6.24>=4.7.0, <4.7.24>=4.8.0, <4.8.20>=4.9.0, <4.9.21>=5.0.0, <5.0.17>=5.1.0, <5.1.14>=5.2.0, <5.2.16>=5.3.0, <5.3.13>=5.4.0, <5.4.11>=5.5.0, <5.5.10>=5.6.0, <5.6.9>=5.7.0, <5.7.7>=5.8.0, <5.8.5>=5.9.0, <5.9.4>=6.0.0, <6.0.2Composer21 Jan 2025
  • M
Open Redirect
johnpbloch/wordpress-core<3.7.40>=3.8.0, <3.8.40>=3.9.0, <3.9.38>=4.0.0, <4.0.37>=4.1.0, <4.1.37>=4.2.0, <4.2.34>=4.3.0, <4.3.30>=4.4.0, <4.4.29>=4.5.0, <4.5.28>=4.6.0, <4.6.25>=4.7.0, <4.7.25>=4.8.0, <4.8.21>=4.9.0, <4.9.22>=5.0.0, <5.0.18>=5.1.0, <5.1.15>=5.2.0, <5.2.17>=5.3.0, <5.3.14>=5.4.0, <5.4.12>=5.5.0, <5.5.11>=5.6.0, <5.6.10>=5.7.0, <5.7.8>=5.8.0, <5.8.6>=5.9.0, <5.9.5>=6.0.0, <6.0.3Composer21 Jan 2025
  • M
Use of a Key Past its Expiration Date
johnpbloch/wordpress-core<5.2.13>=5.3.0, <5.3.10>=5.4.0, <5.4.8>=5.5.0, <5.5.7>=5.6.0, <5.6.6>=5.7.0, <5.7.4>=5.8.0, <5.8.2Composer21 Jan 2025
  • M
Cross-site Scripting (XSS)
johnpbloch/wordpress-core>=5.9.0, <5.9.2Composer21 Jan 2025
  • M
Cross-site Scripting (XSS)
librenms/librenms<24.11.0Composer17 Jan 2025
  • M
Cross-site Scripting (XSS)
librenms/librenms<24.11.0Composer17 Jan 2025
  • M
Cross-site Scripting (XSS)
librenms/librenms<24.11.0Composer17 Jan 2025
  • M
Cross-site Scripting (XSS)
librenms/librenms<24.11.0Composer17 Jan 2025
  • M
Cross-site Scripting (XSS)
librenms/librenms<24.12.0Composer17 Jan 2025
  • H
Server-side Request Forgery (SSRF)
hillelcoren/invoice-ninja>=5.8.56, <5.11.8Composer16 Jan 2025
  • M
Improper Control of Interaction Frequency
goalgorilla/open_social<12.3.8>=12.4.0, <12.4.5>=13.0.0-alpha1, <13.0.0-alpha11Composer16 Jan 2025
  • C
Failure to Sanitize Paired Delimiters
islandora/crayfish<4.1.0Composer16 Jan 2025
  • M
Cross-site Scripting (XSS)
microweber/microweber>=0.0.0Composer16 Jan 2025
  • M
Cross-site Scripting (XSS)
microweber/microweber>=0.0.0Composer16 Jan 2025
  • M
Cross-site Scripting (XSS)
microweber/microweber>=0.0.0Composer16 Jan 2025
  • M
Cross-site Scripting (XSS)
silverstripe/framework<5.3.8Composer15 Jan 2025
  • M
Cross-site Scripting (XSS)
silverstripe/framework<5.3.8Composer15 Jan 2025
  • M
Cross-site Scripting (XSS)
silverstripe/framework<5.3.8Composer15 Jan 2025
  • M
Cross-site Request Forgery (CSRF)
mediawiki/data-transfer>=1.39.0, <1.39.11>=1.41.0, <1.41.3>=1.42.0, <1.42.2Composer15 Jan 2025
  • M
Exposed Dangerous Method or Function
typo3/cms-belog>=10.0.0, <10.4.48>=11.0.0, <11.5.42>=12.0.0, <12.4.25>=13.0.0, <13.4.3Composer15 Jan 2025
  • M
Exposed Dangerous Method or Function
typo3/cms-beuser>=10.0.0, <10.4.48>=11.0.0, <11.5.42>=12.0.0, <12.4.25>=13.0.0, <13.4.3Composer15 Jan 2025
  • L
Insertion of Sensitive Information into Log File
typo3/cms-install<13.4.3Composer15 Jan 2025
  • M
Open Redirect
typo3/cms-core>=9.0.0, <9.5.49>=10.0.0, <10.4.48>=11.0.0, <11.5.42>=12.0.0, <12.4.25>=13.0.0, <13.4.3Composer15 Jan 2025
  • M
Exposed Dangerous Method or Function
typo3/cms-form>=10.0.0, <10.4.48>=11.0.0, <11.5.42>=12.0.0, <12.4.25>=13.0.0, <13.4.3Composer15 Jan 2025
  • H
Cross-site Request Forgery (CSRF)
typo3/cms-scheduler>=11.0.0, <12.0.0Composer15 Jan 2025
  • M
Exposed Dangerous Method or Function
typo3/cms-lowlevel>=11.0.0, <12.0.0Composer15 Jan 2025