Wordpress - Wordpress CVE

Filtered by vendor Wordpress Subscriptions

Filtered by product Wordpress Subscriptions

Total 5543 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-53219	2 Pl4g4, Wordpress	2 Wp-database-optimizer-tools, Wordpress	2025-08-15	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in pl4g4 WP-Database-Optimizer-Tools allows Cross Site Request Forgery. This issue affects WP-Database-Optimizer-Tools: from n/a through 0.2.
CVE-2025-53581	2 Artiosmedia, Wordpress	2 Rss Feed Pro, Wordpress	2025-08-15	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in artiosmedia RSS Feed Pro allows Stored XSS. This issue affects RSS Feed Pro: from n/a through 1.1.8.
CVE-2025-52765	2 Lisensee, Wordpress	2 Netinsight Analytics Implementation Plugin, Wordpress	2025-08-15	7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in lisensee NetInsight Analytics Implementation Plugin allows Stored XSS. This issue affects NetInsight Analytics Implementation Plugin: from n/a through 1.0.3.
CVE-2025-53347	2 Laborator, Wordpress	2 Kalium, Wordpress	2025-08-15	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Laborator Kalium allows Cross Site Request Forgery. This issue affects Kalium: from n/a through 3.18.3.
CVE-2025-53330	2 Wordpress, Wpestate	2 Wordpress, Wp Rentals	2025-08-15	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WpEstate WP Rentals allows Stored XSS. This issue affects WP Rentals: from n/a through 3.13.1.
CVE-2025-54746	2 Cartpauj, Wordpress	2 Shortcode-redirect, Wordpress	2025-08-15	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cartpauj Shortcode Redirect allows Stored XSS. This issue affects Shortcode Redirect: from n/a through 1.0.02.
CVE-2025-54717	2 E-plugins, Wordpress	2 Wp Membership, Wordpress	2025-08-15	5.4 Medium
Missing Authorization vulnerability in e-plugins WP Membership allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Membership: from n/a through 1.6.3.
CVE-2025-54739	2 Posimyth, Wordpress	2 Nexter Blocks, Wordpress	2025-08-15	5.3 Medium
Missing Authorization vulnerability in POSIMYTH Nexter Blocks allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Nexter Blocks: from n/a through 4.5.4.
CVE-2025-55714	2 Crocoblock, Wordpress	2 Jetelements For Elementor, Wordpress	2025-08-15	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetElements For Elementor allows Stored XSS. This issue affects JetElements For Elementor: from n/a through 2.7.9.
CVE-2025-49321	2 Themewinter, Wordpress	2 Eventin, Wordpress	2025-08-14	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arraytics Eventin allows Reflected XSS. This issue affects Eventin: from n/a through 4.0.28.
CVE-2025-49064	1 Wordpress	1 Wordpress	2025-08-14	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webilop User Language Switch allows Reflected XSS. This issue affects User Language Switch: from n/a through 1.6.10.
CVE-2025-49063	1 Wordpress	1 Wordpress	2025-08-14	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in i3geek BaiduXZH Submit(百度熊掌号) allows Reflected XSS. This issue affects BaiduXZH Submit(百度熊掌号): from n/a through 1.4.6.
CVE-2025-49062	1 Wordpress	1 Wordpress	2025-08-14	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cornfeed WP-jScrollPane allows Reflected XSS. This issue affects WP-jScrollPane: from n/a through 2.0.3.
CVE-2025-25174	1 Wordpress	1 Wordpress	2025-08-14	10 Critical
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in beeteam368 BeeTeam368 Extensions allows PHP Local File Inclusion. This issue affects BeeTeam368 Extensions: from n/a through 1.9.4.
CVE-2025-49061	1 Wordpress	1 Wordpress	2025-08-14	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in perteus Porn Videos Embed allows Stored XSS. This issue affects Porn Videos Embed: from n/a through 0.9.1.
CVE-2025-28962	1 Wordpress	1 Wordpress	2025-08-14	6.5 Medium
Missing Authorization vulnerability in stefanoai Advanced Google Universal Analytics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Advanced Google Universal Analytics: from n/a through 1.0.3.
CVE-2025-28979	2 Thimpress, Wordpress	2 Wp Pipes, Wordpress	2025-08-14	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThimPress WP Pipes allows PHP Local File Inclusion. This issue affects WP Pipes: from n/a through 1.4.3.
CVE-2025-28987	2 Pressforward, Wordpress	2 Pressforward, Wordpress	2025-08-14	6.4 Medium
Server-Side Request Forgery (SSRF) vulnerability in PressForward PressForward allows Server Side Request Forgery. This issue affects PressForward: from n/a through 5.9.1.
CVE-2025-29014	1 Wordpress	1 Wordpress	2025-08-14	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ZoomIt FoodMenu allows Reflected XSS. This issue affects FoodMenu: from n/a through 1.20.
CVE-2025-31007	1 Wordpress	1 Wordpress	2025-08-14	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alvind Billplz Addon for Contact Form 7 allows Reflected XSS. This issue affects Billplz Addon for Contact Form 7: from n/a through 1.2.0.

« first previous Page 35 of 278. next last »