 WordPress | WP <= 6.1.1 - Unauthenticated Blind SSRF via DNS Rebinding | 3,568,724 |
| Contact Form 7 | The Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient ... | 2,545,721 |
 Yoast SEO | WordPress Yoast SEO Plugin <= 21.0 is vulnerable to Cross Site Scripting (XSS) | 2,016,067 |
 Swiper | Prototype Pollution | 1,496,708 |
| WordPress | WordPress Core is vulnerable to Directory Traversal in versions up to, and including, 6.2, via the ‘... | 1,188,209 |
 PHP | Security issue with external entity loading in XML without enabling it | 1,089,606 |
| PHP | Buffer overflow and overread in phar_dir_read() | 1,089,606 |
| WordPress | WordPress < 6.3.2 - Unauthenticated Post Author Email Disclosure | 1,079,839 |
| PHP | OOB read due to insufficient input validation in imageloadfont() | 1,076,326 |
| PHP | Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP | 1,061,221 |
| PHP | phar wrapper can occur dos when using quine gzip file | 1,052,163 |
| PHP | $_COOKIE names string replacement (. -> _): cookie integrity vulnerabilities | 1,052,163 |
| PHP | Special characters break path parsing in XML functions | 1,044,385 |
| PHP | PHP-FPM memory access in root process leading to privilege escalation | 1,010,879 |
| PHP | ZipArchive::extractTo may extract outside of destination dir | 977,161 |
 Elementor | WordPress Elementor Website Builder Plugin <= 3.16.4 is vulnerable to Cross Site Scripting (XSS) | 947,249 |
| PHP | Freeing unallocated memory in php_pgsql_free_params() | 945,201 |
| PHP | mysqlnd/pdo password buffer overflow | 945,201 |
| PHP | Multiple vulnerabilities in Firebird client extension | 922,016 |
| PHP | Incorrect URL validation in FILTER_VALIDATE_URL | 922,016 |