Filtered by vendor Wordpress
Subscriptions
Total
11498 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-30530 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Atikul AI Preloader ai-preloader allows Stored XSS.This issue affects AI Preloader: from n/a through <= 1.0.2. | ||||
| CVE-2025-30528 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in wpshopee Awesome Logos awesome-logos allows SQL Injection.This issue affects Awesome Logos: from n/a through <= 1.2. | ||||
| CVE-2025-30527 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in codetoolbox My Bootstrap Menu my-bootstrap-menu allows Stored XSS.This issue affects My Bootstrap Menu: from n/a through <= 1.2.1. | ||||
| CVE-2025-30522 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Damian Orzol Contact Form 7 Material Design cf7-material-design allows Stored XSS.This issue affects Contact Form 7 Material Design: from n/a through <= 1.0.0. | ||||
| CVE-2025-30521 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in giangmd93 GP Back To Top gp-back-to-top allows Cross Site Request Forgery.This issue affects GP Back To Top: from n/a through <= 3.0. | ||||
| CVE-2025-29013 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in faaiq Custom Category/Post Type Post order custom-post-order-category allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Custom Category/Post Type Post order: from n/a through <= 1.6.0. | ||||
| CVE-2025-29007 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in LMSACE LMSACE Connect lmsace-connect allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LMSACE Connect: from n/a through <= 3.4. | ||||
| CVE-2025-29000 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in August Infotech Multi-language Responsive Contact Form responsive-contact-form allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Multi-language Responsive Contact Form: from n/a through <= 2.8. | ||||
| CVE-2025-28997 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in EXEIdeas International WP AutoKeyword wp-autokeyword allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP AutoKeyword: from n/a through <= 1.0. | ||||
| CVE-2025-28995 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in viralloops Viral Loops WP Integration viral-loops-wp-integration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Viral Loops WP Integration: from n/a through <= 3.8.1. | ||||
| CVE-2025-28994 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in viralloops Viral Loops WP Integration viral-loops-wp-integration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Viral Loops WP Integration: from n/a through <= 3.8.1. | ||||
| CVE-2025-28990 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme SNS Vicky snsvicky allows PHP Local File Inclusion.This issue affects SNS Vicky: from n/a through <= 3.7. | ||||
| CVE-2025-28989 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in arildur Read More Login read-more-login allows Stored XSS.This issue affects Read More Login: from n/a through <= 2.0.3. | ||||
| CVE-2025-28988 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in aharonyan WP Front User Submit / Front Editor front-editor allows Reflected XSS.This issue affects WP Front User Submit / Front Editor: from n/a through <= 4.9.3. | ||||
| CVE-2025-28987 | 2 Pressforward, Wordpress | 2 Pressforward, Wordpress | 2026-04-01 | N/A |
| Server-Side Request Forgery (SSRF) vulnerability in PressForward PressForward pressforward allows Server Side Request Forgery.This issue affects PressForward: from n/a through <= 5.9.5. | ||||
| CVE-2025-28986 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Webaholicson Epicwin Plugin epicwin-subscribers allows SQL Injection.This issue affects Epicwin Plugin: from n/a through <= 1.5. | ||||
| CVE-2025-28980 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in machouinard Aviation Weather from NOAA aviation-weather-from-noaa allows Path Traversal.This issue affects Aviation Weather from NOAA: from n/a through <= 0.7.2. | ||||
| CVE-2025-28978 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hung Trang Si SB Breadcrumbs sb-breadcrumbs allows Reflected XSS.This issue affects SB Breadcrumbs: from n/a through <= 1.0. | ||||
| CVE-2025-28975 | 2 Redqteam, Wordpress | 2 Alike Wordpress Custom Post Comparison, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in redqteam Alike - WordPress Custom Post Comparison alike allows Reflected XSS.This issue affects Alike - WordPress Custom Post Comparison: from n/a through <= 3.0.1. | ||||
| CVE-2025-28971 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CWD Web Designer Easy Elements Hider easy-elements-hider allows Stored XSS.This issue affects Easy Elements Hider: from n/a through <= 2.0. | ||||