Wordpress CVEs and Security Vulnerabilities

Filtered by vendor Wordpress Subscriptions

Filtered by product Wordpress Subscriptions

Search

Switch to Advanced Search (Beta)

Total 11696 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-32507	2 Wordpress, Wp3sixty	2 Wordpress, Woo Custom Emails	2025-07-12	7.3 High
Missing Authorization vulnerability in wp3sixty Woo Custom Emails allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Woo Custom Emails: from n/a through 2.2.
CVE-2024-32590	1 Wordpress	1 Wordpress	2025-07-12	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webfood Kattene allows Stored XSS.This issue affects Kattene: from n/a through 1.7.
CVE-2023-23725	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Chris Baldelomar Shortcodes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shortcodes: from n/a through 3.46.
CVE-2024-38724	1 Wordpress	1 Wordpress	2025-07-12	7.1 High
Cross-Site Request Forgery (CSRF), Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Muhammad Rehman Contact Form 7 Summary and Print allows Stored XSS.This issue affects Contact Form 7 Summary and Print: from n/a through 1.2.5.
CVE-2024-37561	1 Wordpress	1 Wordpress	2025-07-12	5.9 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jamie Bergen Plugin Notes Plus allows Stored XSS.This issue affects Plugin Notes Plus: from n/a through 1.2.6.
CVE-2023-28417	1 Wordpress	1 Wordpress	2025-07-12	5.4 Medium
Missing Authorization vulnerability in AlexaCRM Dynamics 365 Integration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Dynamics 365 Integration: from n/a through 1.3.12.
CVE-2023-47693	2 Themefic, Wordpress	2 Ultimate Addons For Contact Form 7, Wordpress	2025-07-12	7.5 High
Missing Authorization vulnerability in Themefic Ultimate Addons for Contact Form 7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Addons for Contact Form 7: from n/a through 3.2.6.
CVE-2023-47523	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Ecreate Infotech Auto Tag Creator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Auto Tag Creator: from n/a through 1.0.2.
CVE-2024-33925	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Adrian Mörchen Embed Google Fonts.This issue affects Embed Google Fonts: from n/a through 3.1.0.
CVE-2024-43137	1 Wordpress	1 Wordpress	2025-07-12	5.9 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WappPress Team WappPress allows Stored XSS.This issue affects WappPress: from n/a through 6.0.4.
CVE-2024-43307	1 Wordpress	1 Wordpress	2025-07-12	6.5 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Gordon Böhme, Antonio Leutsch Structured Content allows Stored XSS.This issue affects Structured Content: from n/a through 1.6.2.
CVE-2024-37929	1 Wordpress	1 Wordpress	2025-07-12	6.3 Medium
Missing Authorization vulnerability in solwin User Activity Log Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Activity Log Pro: from n/a through 2.3.4.
CVE-2024-32510	1 Wordpress	1 Wordpress	2025-07-12	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Loopus WP Cost Estimation & Payment Forms Builder allows Reflected XSS.This issue affects WP Cost Estimation & Payment Forms Builder: from n/a through 10.1.75.
CVE-2024-33942	1 Wordpress	1 Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Eric Alli Google Typography.This issue affects Google Typography: from n/a through 1.1.2.
CVE-2024-27961	1 Wordpress	1 Wordpress	2025-07-12	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Codekraft AntiSpam for Contact Form 7 allows Reflected XSS.This issue affects AntiSpam for Contact Form 7: from n/a through 0.6.0.
CVE-2024-43157	2 Ncrafts, Wordpress	2 Formcraft, Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in nCrafts FormCraft allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FormCraft: from n/a through 1.2.10.
CVE-2023-47692	2 Flothemes, Wordpress	2 Flo Forms, Wordpress	2025-07-12	4.3 Medium
Missing Authorization vulnerability in Flothemes Flo Forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flo Forms: from n/a through 1.0.41.
CVE-2022-46846	1 Wordpress	1 Wordpress	2025-07-12	5.3 Medium
Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Trending/Popular Post Slider and Widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Trending/Popular Post Slider and Widget: from n/a through 1.5.7.
CVE-2024-32722	1 Wordpress	1 Wordpress	2025-07-12	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Coupon & Discount Code Reveal Button allows Stored XSS.This issue affects Coupon & Discount Code Reveal Button: from n/a through 1.2.5.
CVE-2023-39306	1 Wordpress	1 Wordpress	2025-07-12	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Fusion Builder allows Reflected XSS.This issue affects Fusion Builder: from n/a through 3.11.1.

« first previous Page 545 of 585. next last »