Wordpress CVEs and Security Vulnerabilities

Filtered by vendor Wordpress Subscriptions

Filtered by product Wordpress Subscriptions

Search

Switch to Advanced Search (Beta)

Total 11955 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-47692	2 Flothemes, Wordpress	2 Flo Forms, Wordpress	2026-04-29	4.3 Medium
Missing Authorization vulnerability in flothemesplugins Flo Forms flo-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flo Forms: from n/a through <= 1.0.41.
CVE-2023-47693	2 Themefic, Wordpress	2 Ultimate Addons For Contact Form 7, Wordpress	2026-04-29	7.5 High
Missing Authorization vulnerability in Themefic Ultimate Addons for Contact Form 7 ultimate-addons-for-contact-form-7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Addons for Contact Form 7: from n/a through <= 3.2.6.
CVE-2023-47187	1 Wordpress	1 Wordpress	2026-04-29	5.4 Medium
Missing Authorization vulnerability in Labib Ahmed Animated Rotating Words css3-rotating-words allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Animated Rotating Words: from n/a through <= 5.4.
CVE-2023-47179	2 Byconsole, Wordpress	2 Wooodt Lite, Wordpress	2026-04-29	8.8 High
Missing Authorization vulnerability in mdalabar WooODT Lite byconsole-woo-order-delivery-time allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooODT Lite: from n/a through <= 2.4.6.
CVE-2023-46610	1 Wordpress	1 Wordpress	2026-04-29	6.5 Medium
Missing Authorization vulnerability in Mohamed Magdy Quill Forms quillforms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quill Forms: from n/a through <= 3.3.0.
CVE-2023-46612	1 Wordpress	1 Wordpress	2026-04-29	4.3 Medium
Missing Authorization vulnerability in codedraft Mediabay mediabay-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mediabay: from n/a through <= 1.6.
CVE-2023-46606	1 Wordpress	1 Wordpress	2026-04-29	5.3 Medium
Missing Authorization vulnerability in Team AtomChat AtomChat atomchat allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AtomChat: from n/a through <= 1.1.4.
CVE-2023-46608	2 Wordpress, Wpdo	2 Wordpress, Dologin Security	2026-04-29	5.3 Medium
Missing Authorization vulnerability in WPDO DoLogin Security dologin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DoLogin Security: from n/a through <= 3.7.1.
CVE-2023-46609	1 Wordpress	1 Wordpress	2026-04-29	6.5 Medium
Missing Authorization vulnerability in FeedFocal FeedFocal feedfocal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FeedFocal: from n/a through <= 1.2.2.
CVE-2023-44147	1 Wordpress	1 Wordpress	2026-04-29	5.3 Medium
Missing Authorization vulnerability in apasionados Comment Blacklist Updater comment-blacklist-updater allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Comment Blacklist Updater: from n/a through <= 1.1.0.
CVE-2023-46082	1 Wordpress	1 Wordpress	2026-04-29	5.3 Medium
Missing Authorization vulnerability in Cyberlord92 Broken Link Checker \| Finder broken-link-finder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Broken Link Checker \| Finder: from n/a through <= 2.4.2.
CVE-2023-44142	1 Wordpress	1 Wordpress	2026-04-29	5.4 Medium
Missing Authorization vulnerability in Deepen Bajracharya Inactive Logout inactive-logout allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Inactive Logout: from n/a through <= 3.2.2.
CVE-2023-45104	2 Wordpress, Wpdeveloper	2 Wordpress, Betterlinks	2026-04-29	7.3 High
Missing Authorization vulnerability in WPDeveloper BetterLinks betterlinks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BetterLinks: from n/a through <= 1.6.0.
CVE-2023-33215	2 Taggbox, Wordpress	2 Taggbox, Wordpress	2026-04-29	5.4 Medium
Missing Authorization vulnerability in Taggbox Taggbox taggbox-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Taggbox: from n/a through <= 3.3.
CVE-2026-5306	2 Checkmail, Wordpress	2 Check And Log Email, Wordpress	2026-04-29	5.4 Medium
The Check & Log Email WordPress plugin before 2.0.13 does not properly handle email replacement, which could allow unauthenticated users to perform Stored XSS attacks when the email encoder setting is enabled
CVE-2025-12820	1 Wordpress	1 Wordpress	2026-04-28	5.3 Medium
The Pure WC Variation Swatches WordPress plugin through 1.1.7 does not have an authorization check when updating its settings, which could allow any authenticated users to update them.
CVE-2025-62958	1 Wordpress	1 Wordpress	2026-04-28	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Clifton Griffin Simple Content Templates for Blog Posts & Pages simple-post-template allows Cross Site Request Forgery.This issue affects Simple Content Templates for Blog Posts & Pages: from n/a through <= 2.2.61.
CVE-2026-28080	2 Rank Math Seo, Wordpress	2 Rank Math Seo, Wordpress	2026-04-28	4.3 Medium
Missing Authorization vulnerability in Rank Math Rank Math SEO PRO allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rank Math SEO PRO: from n/a through 3.0.95.
CVE-2026-28073	2 Tipsandtricks-hq, Wordpress	2 Wp Emember, Wordpress	2026-04-28	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tips and Tricks HQ WP eMember allows Reflected XSS.This issue affects WP eMember: from n/a through v10.2.2.
CVE-2026-28070	2 Tipsandtricks-hq, Wordpress	2 Wp Emember, Wordpress	2026-04-28	5.3 Medium
Missing Authorization vulnerability in Tips and Tricks HQ WP eMember allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP eMember: from n/a through v10.2.2.

« first previous Page 15 of 598. next last »