{ "entity_id": "wordpress", "entity_type": "system", "display_name": "WordPress", "parent_entity_id": null, "root_system_id": "wordpress", "category": "cms", "ecosystem": "cms", "official": true, "status": "cataloged", "history_policy": "history-full", "repo_url": "", "package_registry": "", "marketplace_url": "", "latest_version": "7.9", "version_scheme": "vendor", "latest_release_at": "", "latest_release_url": "https://wpscan.com/blog/object-injection-vulnerability-fixed-in-seopress-7-9/", "version_source_refs": [ "https://wpscan.com/blog/object-injection-vulnerability-fixed-in-seopress-7-9/", "https://patchstack.com/database/wordpress/plugin/ft-rockpress/vulnerability/wordpress-rockpress-plugin-1-0-17-missing-authorization-to-authenticated-subscriber-arbitrary-modification-via-ajax-actions-vulnerability", "https://patchstack.com/database/wordpress/plugin/instant-popup-builder/vulnerability/wordpress-instant-popup-builder-plugin-1-1-7-unauthenticated-arbitrary-shortcode-execution-via-token-parameter-vulnerability", "https://patchstack.com/database/wordpress/plugin/cm-custom-reports/vulnerability/wordpress-cm-custom-reports-plugin-1-2-7-authenticated-administrator-stored-cross-site-scripting-via-plugin-labels-vulnerability", "https://patchstack.com/database/wordpress/plugin/wc-carta-docente/vulnerability/wordpress-ilghera-carta-docente-for-woocommerce-plugin-1-5-0-authenticated-administrator-path-traversal-to-arbitrary-file-deletion-via-cert-parameter-vulnerability", "https://patchstack.com/database/wordpress/plugin/emailkit/vulnerability/wordpress-emailkit-plugin-1-6-3-authenticated-administrator-path-traversal-via-emailkit-editor-template-rest-api-parameter-vulnerability", "https://patchstack.com/database/wordpress/plugin/simply-schedule-appointments/vulnerability/wordpress-appointment-booking-calendar-plugin-1-6-10-0-unauthenticated-sql-injection-via-fields-parameter-vulnerability", "https://patchstack.com/database/wordpress/plugin/alt-manager/vulnerability/wordpress-image-alt-text-manager-plugin-1-8-2-authenticated-author-stored-cross-site-scripting-via-post-title-vulnerability", "https://patchstack.com/database/wordpress/plugin/add-custom-fields-to-media/vulnerability/wordpress-add-custom-fields-to-media-plugin-2-0-3-cross-site-request-forgery-to-custom-field-deletion-via-delete-parameter-vulnerability", "https://patchstack.com/database/wordpress/plugin/info-cards/vulnerability/wordpress-info-cards-plugin-2-0-7-authenticated-contributor-stored-cross-site-scripting-via-block-attributes-vulnerability", "https://patchstack.com/database/wordpress/plugin/keep-backup-daily/vulnerability/wordpress-keep-backup-daily-plugin-2-1-1-authenticated-admin-limited-path-traversal-via-kbd-path-parameter-vulnerability" ], "version_sync_status": "green", "security_version_count": 55, "last_version_synced_at": "2026-03-22T01:17:31+00:00", "latest_version_evidence": [ "WPScan Vulnerability Database", "Patchstack Database" ], "catalog_source": "", "catalog_reason": "", "auto_cataloged": false, "last_discovered_at": "2025-04-09T00:30:58+00:00", "last_synced_at": "2025-04-09T00:30:58+00:00", "history_backfill_status": "complete", "latest_sync_status": "green", "official_source_covered": true, "advisory_count": 140, "workflow_complete_advisory_count": 140, "version_mapped_advisory_count": 0, "first_advisory_at": "2004-12-31T05:00:00+00:00", "latest_advisory_at": "2025-04-09T00:30:58+00:00", "advisory_ids": [ "wordpress--06006e9fb7", "wordpress--06a219901c", "wordpress--10d0d8f3f9", "wordpress--1129617837", "wordpress--12cc024a36", "wordpress--12fca2abea", "wordpress--13ce5128b4", "wordpress--148b831760", "wordpress--14cf81010e", "wordpress--159a635b11", "wordpress--17030a8718", "wordpress--1c6aa83433", "wordpress--213ff5c60e", "wordpress--23d14ed85a", "wordpress--2cd6936b0a", "wordpress--2e850b3e28", "wordpress--2fe5e39d3a", "wordpress--3094ee5dd1", "wordpress--30bd187991", "wordpress--33d0089d9b", "wordpress--37e9df8b25", "wordpress--38e031b62a", "wordpress--3f7222ce61", "wordpress--490100c57e", "wordpress--4dc1ee03ad", "wordpress--57d5f9df5e", "wordpress--58792b4ae0", "wordpress--59276ee314", "wordpress--59d89f1230", "wordpress--5b7e6857ed", "wordpress--5dd8f12e11", "wordpress--5e0f0aa282", "wordpress--5e2c6a493e", "wordpress--5f95d49feb", "wordpress--60c101bf41", "wordpress--63066ed17e", "wordpress--633cea0b87", "wordpress--65236a70e8", "wordpress--6850d32ee1", "wordpress--69a8f91df1", "wordpress--69bed74e7a", "wordpress--6a726d41d8", "wordpress--6d631adfc0", "wordpress--6f46717425", "wordpress--737216664c", "wordpress--76d8cacd47", "wordpress--79882b1d53", "wordpress--7a096bdecd", "wordpress--7a0d2f5c04", "wordpress--80760b9e99", "wordpress--8654fd6af7", "wordpress--88079feb95", "wordpress--8a3a3a86d7", "wordpress--8aac20fdae", "wordpress--8be181bdf7", "wordpress--8f1d763e2e", "wordpress--90ac8d52d0", "wordpress--93ef1b52ba", "wordpress--9a8ddc580f", "wordpress--9afa4252ce", "wordpress--9b87475497", "wordpress--9cce67b3aa", "wordpress--CVE-2004-1559", "wordpress--CVE-2004-1584", "wordpress--CVE-2005-1102", "wordpress--CVE-2005-1687", "wordpress--CVE-2005-1688", "wordpress--CVE-2005-1810", "wordpress--CVE-2005-1921", "wordpress--CVE-2005-2107", "wordpress--CVE-2005-2108", "wordpress--CVE-2005-2109", "wordpress--CVE-2005-2110", "wordpress--CVE-2005-2612", "wordpress--CVE-2005-3330", "wordpress--CVE-2005-4463", "wordpress--CVE-2006-0733", "wordpress--CVE-2006-0985", "wordpress--CVE-2006-0986", "wordpress--CVE-2006-1012", "wordpress--CVE-2006-1263", "wordpress--CVE-2006-1796", "wordpress--CVE-2006-2667", "wordpress--CVE-2006-2702", "wordpress--CVE-2006-3389", "wordpress--CVE-2006-3390", "wordpress--CVE-2006-4028", "wordpress--CVE-2006-4208", "wordpress--CVE-2006-4743", "wordpress--CVE-2006-5705", "wordpress--CVE-2006-6016", "wordpress--CVE-2006-6017", "wordpress--CVE-2006-6808", "wordpress--CVE-2006-6863", "wordpress--CVE-2007-0106", "wordpress--CVE-2007-0107", "wordpress--CVE-2007-0109", "wordpress--CVE-2007-0233", "wordpress--CVE-2007-0262", "wordpress--CVE-2007-0539", "wordpress--CVE-2007-0540", "wordpress--CVE-2007-0541", "wordpress--CVE-2007-1049", "wordpress--CVE-2007-1230", "wordpress--CVE-2007-1244", "wordpress--CVE-2007-1277", "wordpress--CVE-2007-1409", "wordpress--CVE-2007-1599", "wordpress--CVE-2007-1622", "wordpress--CVE-2007-1732", "wordpress--CVE-2007-1893", "wordpress--CVE-2007-1894", "wordpress--a4f0e68ab5", "wordpress--af099a61a6", "wordpress--af95f34447", "wordpress--b467539b2c", "wordpress--b481717d30", "wordpress--b92a24e31a", "wordpress--bbd4d9a5ed", "wordpress--bc834bfe64", "wordpress--c23a850ec3", "wordpress--c346c10a12", "wordpress--c3e95dab52", "wordpress--c8dbf74c29", "wordpress--cac928e94b", "wordpress--d24a559b69", "wordpress--d4a95ae26d", "wordpress--da71cecbfb", "wordpress--db166494f5", "wordpress--dbc90eee65", "wordpress--dc4426e2f6", "wordpress--e61c231e8b", "wordpress--e6d2a6b634", "wordpress--eda217cbfb", "wordpress--eddfccd91d", "wordpress--ee42b86359", "wordpress--ef12da29f9", "wordpress--fea9c161bb", "wordpress--feb9fe6fdd", "wordpress--ffa886d3ac" ], "source_refs": [ { "name": "WordPress Security News RSS", "url": "https://wordpress.org/news/category/security/feed/", "kind": "rss-feed", "status": "active", "bucket": "official_sources", "official": true }, { "name": "NVD WordPress", "url": null, "kind": "nvd-search", "status": "retired", "bucket": "official_sources", "official": true }, { "name": "Wordfence Vulnerability Database", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/", "kind": "html-links", "status": "active", "bucket": "ecosystem_sources", "official": false }, { "name": "Patchstack Database", "url": "https://patchstack.com/database/", "kind": "html-links", "status": "active", "bucket": "ecosystem_sources", "official": false }, { "name": "WPScan Vulnerability Database", "url": "https://wpscan.com/blog/", "kind": "html-links", "status": "active", "bucket": "ecosystem_sources", "official": false }, { "name": "PortSwigger Research", "url": "https://portswigger.net/research", "kind": "html-links", "status": "active", "bucket": "research_sources", "official": false } ] }