WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact
WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Vulnerabilities

WordPress 5.7.1 Vulnerabilities

Version released on 2021-04-15

downloadDownload tar
downloadDownload zip
2022-03-11
WordPress < 5.9.2 - Prototype Pollution in jQuery
Fixed in version 5.7.6
2022-03-11
WordPress < 5.9.2 / Gutenberg < 12.7.2 - Prototype Pollution via Gutenberg’s wordpress/url package
Fixed in version 5.7.6
2022-01-06
WordPress < 5.8.3 - SQL Injection via WP_Query
Fixed in version 5.7.5
2022-01-06
WordPress < 5.8.3 - Author+ Stored XSS via Post Slugs
Fixed in version 5.7.5
2022-01-06
WordPress 4.1-5.8.2 - SQL Injection via WP_Meta_Query
Fixed in version 5.7.5
2022-01-06
WordPress < 5.8.3 - Super Admin Object Injection in Multisites
Fixed in version 5.7.5
2021-11-10
WordPress < 5.8.2 - Expired DST Root CA X3 Certificate
Fixed in version 5.7.4
2021-09-09
WordPress 5.4 to 5.8 - Lodash Library Update
Fixed in version 5.7.3
2021-09-09
WordPress 5.4 to 5.8 - Authenticated XSS in Block Editor
Fixed in version 5.7.3
2021-09-09
WordPress 5.4 to 5.8 - Data Exposure via REST API
Fixed in version 5.7.3
2021-05-13
WordPress 3.7 to 5.7.1 - Object Injection in PHPMailer
Fixed in version 5.7.2
WPScan

Vulnerabilities

WordPressPluginsThemesOur StatsSubmit vulnerabilities

About

How it worksPricingWordPress pluginNewsContact

For Developers

StatusAPI detailsCLI scanner

Other

PrivacyTerms of serviceDisclosure policy
jetpackIn partnership with Jetpack
githubtwitterfacebook
Angithubendeavor
Work With Us