wordpress wordpress-develop Vulnerabilities: CVEs, CISA KEV & Security Advisories

Severity and exploitation

How the CVSS severity of wordpress wordpress-develop's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.

Critical1

High7

Medium8

Low2

1 additional CVE has no CVSS severity score.

In CISA’s Known Exploited Vulnerabilities catalog

None of wordpress wordpress-develop's CVEs are currently listed in CISA's KEV catalog.

Public exploits

4 of wordpress wordpress-develop's CVEs have a known public exploit available.

Affected versions and CVEs

Browse every wordpress wordpress-develop version named in a CVE, then pick one to see only the CVEs that affect it.

Specific versions

>= 3.7.0, < 3.7.345 CVEs
>= 3.8.0, < 3.8.345 CVEs
>= 3.9.0, < 3.9.325 CVEs
>= 4.0.0, < 4.0.315 CVEs
>= 4.1.0, < 4.1.315 CVEs
>= 4.2.0, < 4.2.285 CVEs
>= 4.3.0, < 4.3.245 CVEs
>= 4.4.0, < 4.4.235 CVEs
>= 4.5.0, < 4.5.225 CVEs
>= 4.6.0, < 4.6.195 CVEs
>= 4.7.0, < 4.7.185 CVEs
>= 4.8.0, < 4.8.145 CVEs
>= 4.9.0, < 4.9.155 CVEs
>= 5.0.0, < 5.0.105 CVEs
>= 5.1.0, < 5.1.65 CVEs
>= 5.2.0, < 5.2.75 CVEs
>= 5.3.0, < 5.3.45 CVEs
>= 5.4.0, < 5.4.25 CVEs
< 4.1.401 CVE
>= 4.2.0, < 4.2.371 CVE
>= 4.3.0, < 4.3.331 CVE
>= 4.4.0, < 4.4.321 CVE
>= 4.5.0, < 4.5.311 CVE
>= 4.6.0, < 4.6.281 CVE
>= 4.7.0, < 4.7.281 CVE
>= 4.8.0, < 4.8.241 CVE
>= 4.9.0, < 4.9.251 CVE
>= 5.0.0, < 5.0.211 CVE
>= 5.1.0, < 5.1.181 CVE
>= 5.2.0, < 5.2.201 CVE
>= 5.3.0, < 5.3.171 CVE
>= 5.4.0, < 5.4.151 CVE
>= 5.5.0, < 5.5.141 CVE
>= 5.6.0, < 5.6.131 CVE
>= 5.7.0, < 5.7.111 CVE
>= 5.8.0, < 5.8.91 CVE
>= 5.9.0, < 5.9.91 CVE
>= 6.0.0, < 6.0.71 CVE
>= 6.1.0, < 6.1.51 CVE
>= 6.2.0, < 6.2.41 CVE
>= 6.3.0, < 6.3.31 CVE
>= 6.4.0, < 6.4.31 CVE
5.8 beta 11 CVE
5.8 beta 21 CVE

Fixed in

d01af687fab3faff4b3d406a0b4daff6915b50dc4 CVEs
04a69861fbf292ee78a5b19a6f641fac67132c391 CVE
04c277c9a111ab5a2149e49bbcbc85cda6845e041 CVE
15521409abefbfe61293a459bda1a503a8903f021 CVE
1a6e6f7c67ce757c312a308400f3de2f11d39d7f1 CVE
262936bc5fa41bf807a9fbf8cb72d1f78c2fc01c1 CVE
286d1f0b6707331f2a3e31cfcfdeb455e1bc677b1 CVE
3c767d6867fba173c59c85d9ba72747a30c98d4f1 CVE
4732b951abfa838305f464979902fb01634f4afb1 CVE
51e1504558785e87360fe93a9178608551960ea11 CVE
57a0893fc820b425ba1ebe76e56d67499d0c06141 CVE

Find a version

19 CVEs

Sort

Medium vulnerability · 2024-04-04
CVE-2024-31211
Patch
CWE-502
Medium · CVSS 5.5
EPSS 39.7% (97th pct)2024-04-04
High vulnerability · 2024-04-04
CVE-2024-31210
Patch
CWE-434
High · CVSS 7.7
EPSS 1.2% (79th pct)2024-04-04
Server side NTLM does not properly check parameters in FreeRDP
CVE-2022-24882
Public exploit
Patch
CWE-287
Critical · CVSS 9.1
EPSS 0.8% (74th pct)2022-04-26
High vulnerability · 2022-01-06
CVE-2022-21662
Patch
CWE-79
High · CVSS 8.0
EPSS 14.2% (95th pct)2022-01-06
Authenticated Object Injection in Multisites in WordPress
CVE-2022-21663
Public exploit
Patch
CWE-74
Medium · CVSS 6.6
EPSS 0.3% (55th pct)2022-01-06
High vulnerability · 2022-01-06
CVE-2022-21664
Patch
CWE-89
High · CVSS 7.4
EPSS 3.7% (88th pct)2022-01-06
SQL injection in WordPress
CVE-2022-21661
Public exploit
Patch
CWE-89
High · CVSS 8.0
EPSS 90.4% (100th pct)2022-01-06
Medium vulnerability · 2021-09-09
CVE-2021-39203CWE-200
Medium · CVSS 6.8
EPSS 1.2% (80th pct)2021-09-09
High vulnerability · 2021-09-09
CVE-2021-39202CWE-79
High · CVSS 7.6
EPSS 0.8% (75th pct)2021-09-09
High vulnerability · 2021-09-09
CVE-2021-39201
Patch
CWE-79
High · CVSS 7.6
EPSS 0.5% (66th pct)2021-09-09
Medium vulnerability · 2021-09-09
CVE-2021-39200
Patch
CWE-200
Medium · CVSS 5.3
EPSS 1.8% (83th pct)2021-09-09
Medium vulnerability · 2021-04-15
CVE-2021-29450
Patch
CWE-200
Medium · CVSS 6.5
EPSS 2.1% (84th pct)2021-04-15
High vulnerability · 2021-04-15
CVE-2021-29447
Public exploit
Patch
CWE-611
High · CVSS 7.1
EPSS 90.0% (100th pct)2021-04-15
Medium vulnerability · 2020-06-12
CVE-2020-4047
Patch
CWE-80
Medium · CVSS 6.8
EPSS 5.6% (90th pct)2020-06-12
Medium vulnerability · 2020-06-12
CVE-2020-4048
Patch
CWE-601
Medium · CVSS 5.7
EPSS 3.5% (88th pct)2020-06-12
Low vulnerability · 2020-06-12
CVE-2020-4049
Patch
CWE-80
Low · CVSS 2.4
EPSS 5.9% (91th pct)2020-06-12
Low vulnerability · 2020-06-12
CVE-2020-4050
Patch
CWE-288
Low · CVSS 3.5
EPSS 2.4% (85th pct)2020-06-12
Medium vulnerability · 2020-06-12
CVE-2020-4046
Patch
CWE-80
Medium · CVSS 5.4
EPSS 6.9% (92th pct)2020-06-12
Vulnerability · 2016-05-22
CVE-2016-1564
Unscored
EPSS 0.7% (72th pct)2016-05-22

Severity and exploitation

wordpress wordpress-develop Vulnerabilities

Overview

Severity and exploitation

Affected versions and CVEs

Specific versions

Fixed in

Common weakness types

Disclosure activity by year

Other wordpress products

Frequently asked questions

How many CVEs does wordpress wordpress-develop have?

How many wordpress wordpress-develop CVEs are in CISA KEV?

Are there public exploits for wordpress wordpress-develop vulnerabilities?

Which versions of wordpress wordpress-develop are affected?

What are the most common weakness types in wordpress wordpress-develop CVEs?

How many critical wordpress wordpress-develop vulnerabilities are there?

What is the average severity of wordpress wordpress-develop CVEs?

References

Track wordpress wordpress-develop vulnerabilities