Filtered by vendor Wordpress
Subscriptions
Total
6177 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-53348 | 2 Laborator, Wordpress | 2 Kalium, Wordpress | 2025-09-11 | 5.3 Medium |
| Missing Authorization vulnerability in Laborator Kalium. This issue affects Kalium: from n/a through 3.18.3. | ||||
| CVE-2025-53340 | 2 Getawesomesupport, Wordpress | 2 Awesome Support, Wordpress | 2025-09-11 | 5.3 Medium |
| Missing Authorization vulnerability in awesomesupport Awesome Support. This issue affects Awesome Support: from n/a through 6.3.4. | ||||
| CVE-2025-49860 | 2 Majesticsupport, Wordpress | 2 Majestic Support, Wordpress | 2025-09-11 | 5.3 Medium |
| Missing Authorization vulnerability in Majestic Support Majestic Support. This issue affects Majestic Support: from n/a through 1.1.0. | ||||
| CVE-2025-49430 | 1 Wordpress | 1 Wordpress | 2025-09-11 | 7.2 High |
| Server-Side Request Forgery (SSRF) vulnerability in FWDesign Ultimate Video Player allows Server Side Request Forgery. This issue affects Ultimate Video Player: from n/a through 10.1. | ||||
| CVE-2025-47437 | 2 Litespeed Technologies, Wordpress | 2 Litespeed Cache, Wordpress | 2025-09-11 | 6.4 Medium |
| Server-Side Request Forgery (SSRF) vulnerability in LiteSpeed Technologies LiteSpeed Cache. This issue affects LiteSpeed Cache: from n/a through 7.0.1. | ||||
| CVE-2025-48101 | 2 Webdevstudios, Wordpress | 2 Constant Contact For Wordpress, Wordpress | 2025-09-11 | 8.8 High |
| Deserialization of Untrusted Data vulnerability in webdevstudios Constant Contact for WordPress allows Object Injection. This issue affects Constant Contact for WordPress: from n/a through 4.1.1. | ||||
| CVE-2025-47571 | 1 Wordpress | 1 Wordpress | 2025-09-11 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in highwarden Super Store Finder. This issue affects Super Store Finder: from n/a through 6.9.7. | ||||
| CVE-2025-39523 | 2 Goodbarber, Wordpress | 2 Goodbarber, Wordpress | 2025-09-11 | 4.7 Medium |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in GoodBarber GoodBarber. This issue affects GoodBarber: from n/a through 1.0.26. | ||||
| CVE-2025-47570 | 2 Villatheme, Wordpress | 2 Woocommerce Photo Reviews, Wordpress | 2025-09-11 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in villatheme WooCommerce Photo Reviews. This issue affects WooCommerce Photo Reviews: from n/a through 1.3.13. | ||||
| CVE-2025-47695 | 1 Wordpress | 1 Wordpress | 2025-09-11 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in solwin Blog Designer PRO. This issue affects Blog Designer PRO: from n/a through 3.4.7. | ||||
| CVE-2025-47694 | 1 Wordpress | 1 Wordpress | 2025-09-11 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in solwin Blog Designer PRO. This issue affects Blog Designer PRO: from n/a through 3.4.7. | ||||
| CVE-2025-47569 | 3 Woocommerce, Wordpress, Wpswings | 4 Gift Cards, Woocommerce, Wordpress and 1 more | 2025-09-11 | 9.3 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPSwings WooCommerce Ultimate Gift Card - Create, Sell and Manage Gift Cards with Customized Email Templates. This issue affects WooCommerce Ultimate Gift Card - Create, Sell and Manage Gift Cards with Customized Email Templates: from n/a through 2.8.10. | ||||
| CVE-2025-58997 | 1 Wordpress | 1 Wordpress | 2025-09-11 | 9.6 Critical |
| Cross-Site Request Forgery (CSRF) vulnerability in Frenify Mow allows Code Injection. This issue affects Mow: from n/a through 4.10. | ||||
| CVE-2025-54709 | 1 Wordpress | 1 Wordpress | 2025-09-11 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in uxper Sala. This issue affects Sala: from n/a through 1.1.6. | ||||
| CVE-2025-59008 | 1 Wordpress | 1 Wordpress | 2025-09-11 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PressTigers ZIP Code Based Content Protection allows SQL Injection. This issue affects ZIP Code Based Content Protection: from n/a through 1.0.0. | ||||
| CVE-2025-59005 | 2 Frenify, Wordpress | 2 Categorify, Wordpress | 2025-09-11 | 4.3 Medium |
| Missing Authorization vulnerability in frenify Categorify allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Categorify: from n/a through 1.0.7.5. | ||||
| CVE-2025-58991 | 3 Cristiano Zanca, Woocommerce, Wordpress | 3 Woocommerce Booking Bundle Hours, Woocommerce, Wordpress | 2025-09-11 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Cristiano Zanca WooCommerce Booking Bundle Hours allows Stored XSS. This issue affects WooCommerce Booking Bundle Hours: from n/a through 0.7.4. | ||||
| CVE-2025-58989 | 1 Wordpress | 1 Wordpress | 2025-09-11 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in silverplugins217 Dynamic Text Field For Contact Form 7 allows Stored XSS. This issue affects Dynamic Text Field For Contact Form 7: from n/a through 1.0. | ||||
| CVE-2025-58987 | 2 Antoineh, Wordpress | 2 Football Pool, Wordpress | 2025-09-11 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AntoineH Football Pool allows Stored XSS. This issue affects Football Pool: from n/a through 2.12.6. | ||||
| CVE-2025-58985 | 3 Woocommerce, Wordpress, Wpfactory | 3 Woocommerce, Wordpress, Additional Custom Product Tabs For Woocommerce | 2025-09-11 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Additional Custom Product Tabs for WooCommerce allows Stored XSS. This issue affects Additional Custom Product Tabs for WooCommerce: from n/a through 1.7.3. | ||||