Filtered by vendor Wordpress
Subscriptions
Filtered by product Wordpress
Subscriptions
Total
4970 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-49838 | 1 Wordpress | 1 Wordpress | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in KlbTheme Clotya theme, KlbTheme Cosmetsy theme, KlbTheme Furnob theme, KlbTheme Bacola theme, KlbTheme Partdo theme, KlbTheme Medibazar theme, KlbTheme Machic theme.This issue affects Clotya theme: from n/a through 1.1.6; Cosmetsy theme: from n/a through 1.7.7; Furnob theme: from n/a through 1.2.2; Bacola theme: from n/a through 1.3.3; Partdo theme: from n/a through 1.1.1; Medibazar theme: from n/a through 1.8.6; Machic theme: from n/a through 1.2.8. | ||||
| CVE-2023-49748 | 2 Wordpress, Wpserveur | 2 Wordpress, Wps Hide Login | 2024-11-21 | 3.7 Low |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WPServeur, NicolasKulka, wpformation WPS Hide Login allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPS Hide Login: from n/a through 1.9.11. | ||||
| CVE-2023-49741 | 2 Wordpress, Wpdevart | 2 Wordpress, Coming Soon And Maintenance Mode | 2024-11-21 | 3.7 Low |
| Authentication Bypass by Spoofing vulnerability in wpdevart Coming soon and Maintenance mode allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Coming soon and Maintenance mode: from n/a through 3.7.3. | ||||
| CVE-2023-48763 | 2 Crocoblock, Wordpress | 2 Jetformbuilder, Wordpress | 2024-11-21 | 5.3 Medium |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS vulnerability in Crocoblock JetFormBuilder allows Code Injection.This issue affects JetFormBuilder: from n/a through 3.1.4. | ||||
| CVE-2023-48757 | 2 Crocoblock, Wordpress | 2 Jetengine, Wordpress | 2024-11-21 | 8.8 High |
| Improper Privilege Management vulnerability in Crocoblock JetEngine allows Privilege Escalation.This issue affects JetEngine: from n/a through 3.2.4. | ||||
| CVE-2023-48753 | 2 10up, Wordpress | 2 Restricted Site Access, Wordpress | 2024-11-21 | 5.3 Medium |
| Authentication Bypass by Spoofing vulnerability in 10up Restricted Site Access allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Restricted Site Access: from n/a through 7.4.1. | ||||
| CVE-2023-48335 | 1 Wordpress | 1 Wordpress | 2024-11-21 | 3.7 Low |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Webcraftic Hide login page allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Hide login page: from n/a through 1.1.9. | ||||
| CVE-2023-48318 | 2 Codepeople, Wordpress | 2 Contact Form Email, Wordpress | 2024-11-21 | 5.3 Medium |
| Improper Restriction of Excessive Authentication Attempts vulnerability in CodePeople Contact Form Email allows Functionality Bypass.This issue affects Contact Form Email: from n/a through 1.3.41. | ||||
| CVE-2023-48273 | 1 Wordpress | 1 Wordpress | 2024-11-21 | 5.3 Medium |
| Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Preloader for Website.This issue affects Preloader for Website: from n/a through 1.2.2. | ||||
| CVE-2023-47845 | 1 Wordpress | 1 Wordpress | 2024-11-21 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Lim Kai Yang Grab & Save.This issue affects Grab & Save: from n/a through 1.0.4. | ||||
| CVE-2023-47843 | 1 Wordpress | 1 Wordpress | 2024-11-21 | 7.6 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Zachary Segal CataBlog.This issue affects CataBlog: from n/a through 1.7.0. | ||||
| CVE-2023-47774 | 2 Automattic, Wordpress | 2 Jetpack, Wordpress | 2024-11-21 | 5.4 Medium |
| Improper Restriction of Rendered UI Layers or Frames vulnerability in Automattic Jetpack allows Clickjacking.This issue affects Jetpack: from n/a before 12.7. | ||||
| CVE-2023-47683 | 2 Miniorange, Wordpress | 2 Wordpress Social Login And Register (discord, Google, Twitter, Linkedin), Wordpress | 2024-11-21 | 8 High |
| Improper Privilege Management vulnerability in miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) allows Privilege Escalation.This issue affects WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn): from n/a through 7.6.6. | ||||
| CVE-2023-47663 | 1 Wordpress | 1 Wordpress | 2024-11-21 | 4.6 Medium |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Menno Luitjes Foyer allows Code Injection.This issue affects Foyer: from n/a through 1.7.5. | ||||
| CVE-2023-46784 | 1 Wordpress | 1 Wordpress | 2024-11-21 | 8.2 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Server-Side Request Forgery (SSRF) vulnerability in Room 34 Creative Services, LLC ICS Calendar ics-calendar allows Absolute Path Traversal, : Server Side Request Forgery.This issue affects ICS Calendar: from n/a through 10.12.0.3. | ||||
| CVE-2023-45652 | 1 Wordpress | 1 Wordpress | 2024-11-21 | 6.5 Medium |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Justin Silver Remote Content Shortcode allows PHP Local File Inclusion.This issue affects Remote Content Shortcode: from n/a through 1.5. | ||||
| CVE-2023-45009 | 1 Wordpress | 1 Wordpress | 2024-11-21 | 5.3 Medium |
| Improper Restriction of Excessive Authentication Attempts vulnerability in Forge12 Interactive GmbH Captcha/Honeypot for Contact Form 7 allows Functionality Bypass.This issue affects Captcha/Honeypot for Contact Form 7: from n/a through 1.11.3. | ||||
| CVE-2023-45000 | 2 Litespeed Technologies, Wordpress | 2 Litespeed Cache, Wordpress | 2024-11-21 | 8.2 High |
| Missing Authorization vulnerability in LiteSpeed Technologies LiteSpeed Cache.This issue affects LiteSpeed Cache: from n/a through 5.7. | ||||
| CVE-2023-44235 | 2 Devnath Verma, Wordpress | 2 Wp Captcha, Wordpress | 2024-11-21 | 5.3 Medium |
| Improper Restriction of Excessive Authentication Attempts vulnerability in Devnath verma WP Captcha allows Functionality Bypass.This issue affects WP Captcha: from n/a through 2.0.0. | ||||
| CVE-2023-41955 | 2 Wordpress, Wpdeveloper | 2 Wordpress, Essential Addons For Elementor | 2024-11-21 | 8.8 High |
| Improper Privilege Management vulnerability in WPDeveloper Essential Addons for Elementor allows Privilege Escalation.This issue affects Essential Addons for Elementor: from n/a through 5.8.8. | ||||