Filtered by vendor Wordpress Subscriptions

Search

Switch to Advanced Search (Beta)
Total 5039 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-54708 2 Bplugins, Wordpress 2 B Blocks, Wordpress 2025-08-15 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins B Blocks allows DOM-Based XSS. This issue affects B Blocks: from n/a through 2.0.5.
CVE-2025-54717 2 E-plugins, Wordpress 2 Wp Membership, Wordpress 2025-08-15 5.4 Medium
Missing Authorization vulnerability in e-plugins WP Membership allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Membership: from n/a through 1.6.3.
CVE-2025-54732 2 Shahjada, Wordpress 2 Wpdm Premium Packages, Wordpress 2025-08-15 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Shahjada WPDM – Premium Packages allows Cross Site Request Forgery. This issue affects WPDM – Premium Packages: from n/a through 6.0.2.
CVE-2025-54740 2 Michael Nelson, Wordpress 2 Print My Blog, Wordpress 2025-08-15 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michael Nelson Print My Blog allows Stored XSS. This issue affects Print My Blog: from n/a through 3.27.9.
CVE-2025-54746 2 Cartpauj, Wordpress 2 Shortcode-redirect, Wordpress 2025-08-15 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cartpauj Shortcode Redirect allows Stored XSS. This issue affects Shortcode Redirect: from n/a through 1.0.02.
CVE-2025-53221 2 Codeablepress, Wordpress 2 Codeablepress, Wordpress 2025-08-15 4.3 Medium
Missing Authorization vulnerability in codeablepress CodeablePress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CodeablePress: from n/a through 1.0.0.
CVE-2025-52767 2 Lisensee, Wordpress 2 Netinsight Analytics Implementation Plugin, Wordpress 2025-08-15 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in lisensee NetInsight Analytics Implementation Plugin allows Cross Site Request Forgery. This issue affects NetInsight Analytics Implementation Plugin: from n/a through 1.0.3.
CVE-2025-53343 2 Goodlayers, Wordpress 2 Modernize, Wordpress 2025-08-15 4.3 Medium
Missing Authorization vulnerability in GoodLayers Modernize allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Modernize: from n/a through 3.4.0.
CVE-2025-55713 2 Creativethemes, Wordpress 2 Blocksy, Wordpress 2025-08-15 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CreativeThemes Blocksy allows Stored XSS. This issue affects Blocksy: from n/a through 2.1.6.
CVE-2025-8676 2 Bplugins, Wordpress 2 B Slider, Wordpress 2025-08-15 4.3 Medium
The B Slider- Gutenberg Slider Block for WP plugin for WordPress is vulnerable to Sensitive Information Exposure in versions less than, or equal to, 2.0.0 via the get_active_plugins function. This makes it possible for authenticated attackers, with subscriber-level access and above to extract sensitive data including installed plugin information.
CVE-2025-52765 2 Lisensee, Wordpress 2 Netinsight Analytics Implementation Plugin, Wordpress 2025-08-15 7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in lisensee NetInsight Analytics Implementation Plugin allows Stored XSS. This issue affects NetInsight Analytics Implementation Plugin: from n/a through 1.0.3.
CVE-2025-53219 2 Pl4g4, Wordpress 2 Wp-database-optimizer-tools, Wordpress 2025-08-15 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in pl4g4 WP-Database-Optimizer-Tools allows Cross Site Request Forgery. This issue affects WP-Database-Optimizer-Tools: from n/a through 0.2.
CVE-2025-53330 2 Wordpress, Wpestate 2 Wordpress, Wp Rentals 2025-08-15 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WpEstate WP Rentals allows Stored XSS. This issue affects WP Rentals: from n/a through 3.13.1.
CVE-2025-53341 2 Themovation, Wordpress 2 Stratus, Wordpress 2025-08-15 4.3 Medium
Missing Authorization vulnerability in Themovation Stratus allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Stratus: from n/a through 4.2.5.
CVE-2025-53342 2 Goodlayers, Wordpress 2 Modernize, Wordpress 2025-08-15 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GoodLayers Modernize allows Stored XSS. This issue affects Modernize: from n/a through 3.4.0.
CVE-2025-54054 2 Aa Web Servant, Wordpress 2 12 Step Meeting List, Wordpress 2025-08-15 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AA Web Servant 12 Step Meeting List allows Stored XSS. This issue affects 12 Step Meeting List: from n/a through 3.18.3.
CVE-2025-54736 2 Nordicmade, Wordpress 2 Savoy, Wordpress 2025-08-15 5.3 Medium
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in NordicMade Savoy allows Retrieve Embedded Sensitive Data. This issue affects Savoy: from n/a through 3.0.8.
CVE-2025-54739 2 Posimyth, Wordpress 2 Nexter Blocks, Wordpress 2025-08-15 5.3 Medium
Missing Authorization vulnerability in POSIMYTH Nexter Blocks allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Nexter Blocks: from n/a through 4.5.4.
CVE-2025-54747 2 Wordpress, Wpbakery 2 Wordpress, Templatera 2025-08-15 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpbakery Templatera allows DOM-Based XSS. This issue affects Templatera: from n/a through 2.3.0.
CVE-2025-54749 2 Crocoblock, Wordpress 2 Jetproductgallery, Wordpress 2025-08-15 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetProductGallery allows Stored XSS. This issue affects JetProductGallery: from n/a through 2.2.0.2.