40 Total advisories
40 Vulnerabilities
0 Malware
Vulnerabilities
MEDIUM 4.3
CVE-2026-54262
CVE-2026-54262
LOW 2.7
CVE-2026-54260
CVE-2026-54260
MEDIUM 6.5
CVE-2026-54261
CVE-2026-54261
MEDIUM 4.3
CVE-2026-54259
CVE-2026-54259
HIGH 7.3
CVE-2026-54263
CVE-2026-54263
MEDIUM 6.5
CVE-2024-39317
Wagtail regular expression denial-of-service via search query parsing
MEDIUM 5.4
CVE-2021-32681
Cross-site Scripting in wagtail
MEDIUM 6.1
CVE-2020-11037
Potential Observable Timing Discrepancy in Wagtail
MEDIUM 6.5
CVE-2026-44199
Wagtail has improper permission handling when deleting form submissions
MEDIUM 5.3
CVE-2026-44201
Wagtail has improper restriction handling on Documents and Images API
MEDIUM 6.5
CVE-2026-44197
Wagtail has improper permission handling when comparing revisions
MEDIUM 4.3
CVE-2026-44198
Wagtail has improper permission handling when viewing page history
MEDIUM 6.5
CVE-2026-44200
Wagtail has improper permission handling when copying pages
MEDIUM 4.9
CVE-2024-39317
CVE-2024-39317
UNKNOWN
CVE-2023-28836
CVE-2023-28836
UNKNOWN
CVE-2020-11037
CVE-2020-11037
UNKNOWN
CVE-2021-32681
CVE-2021-32681
MEDIUM 5.3
CVE-2026-44201
CVE-2026-44201
MEDIUM 6.5
CVE-2026-44200
CVE-2026-44200
MEDIUM 6.5
CVE-2026-44199
CVE-2026-44199
MEDIUM 4.3
CVE-2026-44198
CVE-2026-44198
MEDIUM 6.5
CVE-2026-44197
CVE-2026-44197
MEDIUM 5.8
CVE-2020-11001
Possible XSS attack in Wagtail
MEDIUM 5.7
CVE-2020-15118
Cross-Site Scripting in Wagtail
MEDIUM 6.1
CVE-2021-29434
Improper validation of URLs ('Cross-site Scripting') in Wagtail rich text fields
MEDIUM 6.1
CVE-2026-28222
Wagtail Vulnerable to Cross-site Scripting in TableBlock class attributes
MEDIUM 6.1
CVE-2026-28223
Wagtail Vulnerable to Cross-site Scripting in simple_translation admin interface
UNKNOWN
CVE-2026-25517
Wagtail has improper permission handling on admin preview endpoints
MEDIUM 4.4
CVE-2023-28837
Wagtail vulnerable to denial-of-service via memory exhaustion when uploading large files
MEDIUM 6.4
CVE-2023-28836
Wagtail vulnerable to stored Cross-site Scripting attack via ModelAdmin views
LOW 3.5
CVE-2022-21683
Comment reply notifications sent to incorrect users
MEDIUM 5.5
CVE-2024-35228
Improper Handling of Insufficient Permissions in `wagtail.contrib.settings`
LOW 2.7
CVE-2024-32882
Wagtail has permission check bypass when editing a model with per-field restrictions through `wagtail.contrib.settings` or `ModelViewSet`
LOW 2.7
CVE-2023-45809
Wagtail vulnerable to disclosure of user names via admin bulk action views
LOW 2.7
CVE-2023-45809
CVE-2023-45809
UNKNOWN
CVE-2023-28837
CVE-2023-28837
UNKNOWN
CVE-2022-21683
CVE-2022-21683
UNKNOWN
CVE-2021-29434
CVE-2021-29434
UNKNOWN
CVE-2020-15118
CVE-2020-15118
UNKNOWN
CVE-2020-11001
CVE-2020-11001
Ready to move
Start Securing
Free, no credit card | First findings in minutes