Wordpress CVEs and Security Vulnerabilities

Filtered by vendor Wordpress Subscriptions

Search

Switch to Advanced Search (Beta)

Total 7232 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-62073	1 Wordpress	1 Wordpress	2025-11-13	4.3 Medium
Missing Authorization vulnerability in Sovlix MeetingHub meetinghub.This issue affects MeetingHub: from n/a through <= 1.23.9.
CVE-2025-62072	1 Wordpress	1 Wordpress	2025-11-13	4.3 Medium
Missing Authorization vulnerability in Rustaurius Front End Users front-end-only-users.This issue affects Front End Users: from n/a through <= 3.2.33.
CVE-2025-62071	2 Repuso, Wordpress	2 Repuso, Wordpress	2025-11-13	4.3 Medium
Missing Authorization vulnerability in Repuso Social proof testimonials and reviews by Repuso social-testimonials-and-reviews-widget.This issue affects Social proof testimonials and reviews by Repuso: from n/a through <= 5.29.
CVE-2025-62070	1 Wordpress	1 Wordpress	2025-11-13	4.3 Medium
Missing Authorization vulnerability in WPXPO WowRevenue revenue.This issue affects WowRevenue: from n/a through <= 1.2.13.
CVE-2025-62069	1 Wordpress	1 Wordpress	2025-11-13	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter.This issue affects MDTF: from n/a through <= 1.3.3.8.
CVE-2025-62068	2 E2pdf, Wordpress	2 E2pdf, Wordpress	2025-11-13	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in E2Pdf e2pdf e2pdf.This issue affects e2pdf: from n/a through <= 1.28.09.
CVE-2025-62067	1 Wordpress	1 Wordpress	2025-11-13	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Savory savory.This issue affects Savory: from n/a through <= 2.5.
CVE-2025-62066	1 Wordpress	1 Wordpress	2025-11-13	7.4 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in fuelthemes Revolution revolution.This issue affects Revolution: from n/a through < 2.5.8.
CVE-2025-62065	1 Wordpress	1 Wordpress	2025-11-13	9.9 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in Rometheme RTMKit rometheme-for-elementor.This issue affects RTMKit: from n/a through <= 1.6.5.
CVE-2025-62064	2 Elated-themes, Wordpress	2 Search And Go Directory, Wordpress	2025-11-13	9.8 Critical
Authentication Bypass Using an Alternate Path or Channel vulnerability in Elated-Themes Search & Go search-and-go allows Password Recovery Exploitation.This issue affects Search & Go: from n/a through <= 2.7.
CVE-2025-62063	1 Wordpress	1 Wordpress	2025-11-13	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Travel WP Travel Gutenberg Blocks wp-travel-blocks.This issue affects WP Travel Gutenberg Blocks: from n/a through <= 3.9.2.
CVE-2025-62062	1 Wordpress	1 Wordpress	2025-11-13	5.3 Medium
Insertion of Sensitive Information Into Sent Data vulnerability in ThemeRuby Easy Post Submission easy-post-submission allows Retrieve Embedded Sensitive Data.This issue affects Easy Post Submission: from n/a through <= 1.7.0.
CVE-2025-62061	2 Implecode, Wordpress	2 Product Catalog Simple, Wordpress	2025-11-13	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in impleCode Product Catalog Simple post-type-x.This issue affects Product Catalog Simple: from n/a through <= 1.8.4.
CVE-2025-62060	2 Themepoints, Wordpress	2 Tab Ultimate, Wordpress	2025-11-13	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themepoints Tab Ultimate tabs-pro.This issue affects Tab Ultimate: from n/a through <= 1.8.
CVE-2025-62059	1 Wordpress	1 Wordpress	2025-11-13	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force SureRank surerank.This issue affects SureRank: from n/a through <= 1.3.2.
CVE-2025-62058	2 Favethemes, Wordpress	2 Houzez, Wordpress	2025-11-13	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in favethemes Houzez Theme - Functionality houzez-theme-functionality.This issue affects Houzez Theme - Functionality: from n/a through < 4.2.0.
CVE-2025-62057	2 Favethemes, Wordpress	2 Houzez, Wordpress	2025-11-13	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in favethemes Houzez Theme - Functionality houzez-theme-functionality.This issue affects Houzez Theme - Functionality: from n/a through < 4.2.0.
CVE-2025-62055	2 Elated-themes, Wordpress	2 Academist, Wordpress	2025-11-13	8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Academist academist.This issue affects Academist: from n/a through < 1.3.
CVE-2025-62054	2 Favethemes, Wordpress	2 Houzez, Wordpress	2025-11-13	7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in favethemes Houzez Theme - Functionality houzez-theme-functionality.This issue affects Houzez Theme - Functionality: from n/a through <= 4.1.8.
CVE-2025-62053	2 Favethemes, Wordpress	2 Houzez, Wordpress	2025-11-13	8 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in favethemes Houzez houzez.This issue affects Houzez: from n/a through < 4.2.0.

« first previous Page 18 of 362. next last »