Wordpress CVEs and Security Vulnerabilities

Filtered by vendor Wordpress Subscriptions

Search

Switch to Advanced Search (Beta)

Total 7258 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-54740	2 Michael Nelson, Wordpress	2 Print My Blog, Wordpress	2025-08-15	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michael Nelson Print My Blog allows Stored XSS. This issue affects Print My Blog: from n/a through 3.27.9.
CVE-2025-54747	2 Wordpress, Wpbakery	2 Wordpress, Templatera	2025-08-15	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpbakery Templatera allows DOM-Based XSS. This issue affects Templatera: from n/a through 2.3.0.
CVE-2025-54717	2 E-plugins, Wordpress	2 Wp Membership, Wordpress	2025-08-15	5.4 Medium
Missing Authorization vulnerability in e-plugins WP Membership allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Membership: from n/a through 1.6.3.
CVE-2025-53342	2 Goodlayers, Wordpress	2 Modernize, Wordpress	2025-08-15	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GoodLayers Modernize allows Stored XSS. This issue affects Modernize: from n/a through 3.4.0.
CVE-2025-53581	2 Artiosmedia, Wordpress	2 Rss Feed Pro, Wordpress	2025-08-15	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in artiosmedia RSS Feed Pro allows Stored XSS. This issue affects RSS Feed Pro: from n/a through 1.1.8.
CVE-2025-54746	2 Cartpauj, Wordpress	2 Shortcode-redirect, Wordpress	2025-08-15	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cartpauj Shortcode Redirect allows Stored XSS. This issue affects Shortcode Redirect: from n/a through 1.0.02.
CVE-2025-55712	2 Posimyth, Wordpress	2 The Plus Addons For Elementor Page Builder Lite, Wordpress	2025-08-15	6.5 Medium
Missing Authorization vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through 6.3.13.
CVE-2025-53343	2 Goodlayers, Wordpress	2 Modernize, Wordpress	2025-08-15	4.3 Medium
Missing Authorization vulnerability in GoodLayers Modernize allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Modernize: from n/a through 3.4.0.
CVE-2025-53582	2 Wordlift, Wordpress	2 Wordlift, Wordpress	2025-08-15	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WordLift WordLift allows Stored XSS. This issue affects WordLift: from n/a through 3.54.5.
CVE-2025-54749	2 Crocoblock, Wordpress	2 Jetproductgallery, Wordpress	2025-08-15	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetProductGallery allows Stored XSS. This issue affects JetProductGallery: from n/a through 2.2.0.2.
CVE-2025-52765	2 Lisensee, Wordpress	2 Netinsight Analytics Implementation Plugin, Wordpress	2025-08-15	7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in lisensee NetInsight Analytics Implementation Plugin allows Stored XSS. This issue affects NetInsight Analytics Implementation Plugin: from n/a through 1.0.3.
CVE-2025-52771	2 Bcupham, Wordpress	2 Video Expander, Wordpress	2025-08-15	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bcupham Video Expander allows Stored XSS. This issue affects Video Expander: from n/a through 1.0.
CVE-2025-53330	2 Wordpress, Wpestate	2 Wordpress, Wp Rentals	2025-08-15	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WpEstate WP Rentals allows Stored XSS. This issue affects WP Rentals: from n/a through 3.13.1.
CVE-2025-54736	2 Nordicmade, Wordpress	2 Savoy, Wordpress	2025-08-15	5.3 Medium
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in NordicMade Savoy allows Retrieve Embedded Sensitive Data. This issue affects Savoy: from n/a through 3.0.8.
CVE-2025-53221	2 Codeablepress, Wordpress	2 Codeablepress, Wordpress	2025-08-15	4.3 Medium
Missing Authorization vulnerability in codeablepress CodeablePress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CodeablePress: from n/a through 1.0.0.
CVE-2025-54732	2 Shahjada, Wordpress	2 Wpdm Premium Packages, Wordpress	2025-08-15	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Shahjada WPDM – Premium Packages allows Cross Site Request Forgery. This issue affects WPDM – Premium Packages: from n/a through 6.0.2.
CVE-2025-53219	2 Pl4g4, Wordpress	2 Wp-database-optimizer-tools, Wordpress	2025-08-15	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in pl4g4 WP-Database-Optimizer-Tools allows Cross Site Request Forgery. This issue affects WP-Database-Optimizer-Tools: from n/a through 0.2.
CVE-2025-55716	2 Veronalabs, Wordpress	2 Wp Statistics, Wordpress	2025-08-15	4.3 Medium
Missing Authorization vulnerability in VeronaLabs WP Statistics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Statistics: from n/a through 14.15.
CVE-2025-55713	2 Creativethemes, Wordpress	2 Blocksy, Wordpress	2025-08-15	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CreativeThemes Blocksy allows Stored XSS. This issue affects Blocksy: from n/a through 2.1.6.
CVE-2025-49321	2 Themewinter, Wordpress	2 Eventin, Wordpress	2025-08-14	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arraytics Eventin allows Reflected XSS. This issue affects Eventin: from n/a through 4.0.28.

« first previous Page 117 of 363. next last »