Filtered by vendor Wordpress
Subscriptions
Total
11490 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-32505 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in SCAND MultiMailer scand-multi-mailer allows Stored XSS.This issue affects MultiMailer: from n/a through <= 1.0.3. | ||||
| CVE-2025-32502 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in lemmentwickler ePaper Lister for Yumpu magazine-lister-for-yumpu allows Stored XSS.This issue affects ePaper Lister for Yumpu: from n/a through <= 1.4.0. | ||||
| CVE-2025-32500 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Sudavar Codescar Radio Widget codescar-radio-widget allows Stored XSS.This issue affects Codescar Radio Widget: from n/a through <= 0.4.2. | ||||
| CVE-2025-32498 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in oleglark VKontakte Cross-Post vkontakte-cross-post allows Stored XSS.This issue affects VKontakte Cross-Post: from n/a through <= 0.3.2. | ||||
| CVE-2025-32497 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in squiter Spoiler Block spoiler-block allows Stored XSS.This issue affects Spoiler Block: from n/a through <= 1.7. | ||||
| CVE-2025-32493 | 2 Vibethemes, Wordpress | 2 Bp Social Connect, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VibeThemes BP Social Connect bp-social-connect allows Stored XSS.This issue affects BP Social Connect: from n/a through <= 1.6.2. | ||||
| CVE-2025-32492 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Eliot Akira Admin Menu Post List admin-menu-post-list allows Stored XSS.This issue affects Admin Menu Post List: from n/a through <= 2.0.7. | ||||
| CVE-2025-32491 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Incorrect Privilege Assignment vulnerability in Rankology Rankology SEO – On-site SEO rankology-seo-all-in-one-seo-analytics allows Privilege Escalation.This issue affects Rankology SEO – On-site SEO: from n/a through <= 2.2.4. | ||||
| CVE-2025-32490 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebsiteDefender wp secure wp-secure-by-sitesecuritymonitorcom allows Stored XSS.This issue affects wp secure: from n/a through <= 1.2. | ||||
| CVE-2025-32486 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Weak Password Recovery Mechanism for Forgotten Password vulnerability in Hossein Material Dashboard material-dashboard.This issue affects Material Dashboard: from n/a through <= 1.4.6. | ||||
| CVE-2025-32485 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Bjoern WP Performance Pack wp-performance-pack allows Cross Site Request Forgery.This issue affects WP Performance Pack: from n/a through <= 2.5.4. | ||||
| CVE-2025-32483 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Salisbury Request Call Back request-call-back allows Stored XSS.This issue affects Request Call Back: from n/a through <= 1.4.1. | ||||
| CVE-2025-32482 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in quanganhdo Custom Smilies custom-smilies allows Stored XSS.This issue affects Custom Smilies: from n/a through <= 1.2. | ||||
| CVE-2025-32479 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in ab-tools Flags Widget flags-widget allows Stored XSS.This issue affects Flags Widget: from n/a through <= 1.0.7. | ||||
| CVE-2025-32478 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Mario Aguiar WP SexyLightBox wp-sexylightbox allows Stored XSS.This issue affects WP SexyLightBox: from n/a through <= 0.5.3. | ||||
| CVE-2025-32477 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Jordi Salord WP-Easy Menu wp-easy-menu allows Stored XSS.This issue affects WP-Easy Menu: from n/a through <= 0.41. | ||||
| CVE-2025-32476 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in blueinstyle Advanced Tag Lists advanced-tag-list allows Stored XSS.This issue affects Advanced Tag Lists: from n/a through <= 1.2. | ||||
| CVE-2025-32305 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sneeit WordPress FlatNews Theme flatnews allows Reflected XSS.This issue affects WordPress FlatNews Theme: from n/a through <= 5.8. | ||||
| CVE-2025-32302 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Winnex winnex allows PHP Local File Inclusion.This issue affects Winnex: from n/a through <= 1.3.2. | ||||
| CVE-2025-32301 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup CountDown Pro WP Plugin circular_countdown allows SQL Injection.This issue affects CountDown Pro WP Plugin: from n/a through <= 2.7. | ||||