Filtered by vendor Wordpress
Subscriptions
Total
11497 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-32277 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Ateeq Rafeeq RepairBuddy computer-repair-shop allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RepairBuddy: from n/a through <= 3.8213. | ||||
| CVE-2025-32268 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in www.15.to QR Code Tag for WC qr-code-tag-for-wc-from-goaskle-com allows Cross Site Request Forgery.This issue affects QR Code Tag for WC: from n/a through <= 1.9.42. | ||||
| CVE-2025-32262 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Robert D Payne RDP Wiki Embed rdp-wiki-embed allows Cross Site Request Forgery.This issue affects RDP Wiki Embed: from n/a through <= 1.2.20. | ||||
| CVE-2025-32259 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Alimir WP ULike wp-ulike.This issue affects WP ULike: from n/a through <= 4.7.9.1. | ||||
| CVE-2025-32258 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in InfoGiants Simple Website Logo simple-website-logo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Website Logo: from n/a through <= 1.1. | ||||
| CVE-2025-32255 | 2 Era404, Wordpress | 2 Stafflist, Wordpress | 2026-04-01 | N/A |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in ERA404 StaffList stafflist allows Retrieve Embedded Sensitive Data.This issue affects StaffList: from n/a through <= 3.2.7. | ||||
| CVE-2025-32249 | 2 Designinvento, Wordpress | 2 Directorypress, Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Designinvento DirectoryPress directorypress allows Cross Site Request Forgery.This issue affects DirectoryPress: from n/a through <= 3.6.22. | ||||
| CVE-2025-32248 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in SwiftXR SwiftXR (3D/AR/VR) Viewer swiftxr-3darvr-viewer allows Cross Site Request Forgery.This issue affects SwiftXR (3D/AR/VR) Viewer: from n/a through <= 1.0.7. | ||||
| CVE-2025-32247 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in ABCdatos AI Content Creator ai-content-creator allows Cross Site Request Forgery.This issue affects AI Content Creator: from n/a through <= 1.2.6. | ||||
| CVE-2025-32246 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Tim Nguyen 1-Click Backup & Restore Database 1-click-backup-restore-database-by-sunbytes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 1-Click Backup & Restore Database: from n/a through <= 1.0.3. | ||||
| CVE-2025-32240 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in wpvsingh Site Notify site-notify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Site Notify: from n/a through <= 1.0. | ||||
| CVE-2025-32232 | 2 Era404, Wordpress | 2 Stafflist, Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in ERA404 StaffList stafflist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects StaffList: from n/a through <= 3.2.7. | ||||
| CVE-2025-32230 | 2 Themeum, Wordpress | 2 Tutor Lms, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Themeum Tutor LMS tutor.This issue affects Tutor LMS: from n/a through <= 3.4.0. | ||||
| CVE-2025-32227 | 2 Asgaros, Wordpress | 2 Asgaros Forum, Wordpress | 2026-04-01 | N/A |
| Authentication Bypass by Spoofing vulnerability in Asgaros Asgaros Forum asgaros-forum allows Identity Spoofing.This issue affects Asgaros Forum: from n/a through <= 3.0.0. | ||||
| CVE-2025-32226 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Anzar Ahmed Display product variations dropdown on shop page display-product-variations-dropdown-on-shop-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Display product variations dropdown on shop page: from n/a through <= 1.1.3. | ||||
| CVE-2025-32224 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Shivam Mani Tripathi Privyr CRM Integration privy-crm-integration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Privyr CRM Integration: from n/a through <= 1.0.2. | ||||
| CVE-2025-32221 | 2 Spider-themes, Wordpress | 2 Eazydocs, Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Spider Themes EazyDocs eazydocs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EazyDocs: from n/a through <= 2.7.1. | ||||
| CVE-2025-32213 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in flothemesplugins Flo Forms flo-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flo Forms: from n/a through <= 1.0.43. | ||||
| CVE-2025-32212 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Specia Theme Specia Companion specia-companion allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Specia Companion: from n/a through <= 6.3. | ||||
| CVE-2025-32204 | 2 Rocketelements, Wordpress | 2 Split Test For Elementor, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in rocketelements Split Test For Elementor split-test-for-elementor allows SQL Injection.This issue affects Split Test For Elementor: from n/a through <= 1.8.3. | ||||