Filtered by vendor Wordpress
Subscriptions
Total
11523 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-43218 | 2 Mediavine, Wordpress | 2 Mediavine Control Panel, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mediavine Mediavine Control Panel mediavine-control-panel.This issue affects Mediavine Control Panel: from n/a through <= 2.10.4. | ||||
| CVE-2024-43216 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Chill Filr filr-protection.This issue affects Filr: from n/a through <= 1.2.4. | ||||
| CVE-2024-43208 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Matt Miller Send Emails with Mandrill send-emails-with-mandrill allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Send Emails with Mandrill: from n/a through <= 1.4.1. | ||||
| CVE-2024-39663 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Epsiloncool WP Fast Total Search fulltext-search.This issue affects WP Fast Total Search: from n/a through <= 1.68.232. | ||||
| CVE-2024-39637 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Server-Side Request Forgery (SSRF) vulnerability in pixelcurve Edubin edubin.This issue affects Edubin: from n/a through <= 9.2.0. | ||||
| CVE-2024-38790 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Smartsupp Smartsupp – live chat, chatbots, AI and lead generation smartsupp-live-chat allows Cross Site Request Forgery.This issue affects Smartsupp – live chat, chatbots, AI and lead generation: from n/a through <= 3.6. | ||||
| CVE-2024-38778 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Epsiloncool WP Fast Total Search fulltext-search.This issue affects WP Fast Total Search: from n/a through <= 1.69.234. | ||||
| CVE-2024-38765 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in outtheboxthemes Oceanic oceanic allows Cross Site Request Forgery.This issue affects Oceanic: from n/a through <= 1.0.48. | ||||
| CVE-2024-38753 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Labib Ahmed Animated Rotating Words css3-rotating-words allows Cross Site Request Forgery.This issue affects Animated Rotating Words: from n/a through <= 5.6. | ||||
| CVE-2024-38735 | 2 Nousopenusefulandsimple, Wordpress | 2 Event Post, Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Bastien Ho Event post event-post.This issue affects Event post: from n/a through <= 5.9.5. | ||||
| CVE-2024-38714 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Epsiloncool WP Fast Total Search fulltext-search.This issue affects WP Fast Total Search: from n/a through <= 1.68.232. | ||||
| CVE-2024-37962 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Agency Dominion Inc. Fusion fusion.This issue affects Fusion: from n/a through <= 1.6.1. | ||||
| CVE-2024-37945 | 2 Wordpress, Wpbits | 2 Wordpress, Wpbits Addons For Elementor Page Builder | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpbits WPBITS Addons For Elementor Page Builder wpbits-addons-for-elementor allows Stored XSS.This issue affects WPBITS Addons For Elementor Page Builder: from n/a through <= 1.5. | ||||
| CVE-2024-37937 | 2 Rarathemes, Wordpress | 2 Rara Business, Wordpress | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in raratheme Rara Business rara-business allows Cross Site Request Forgery.This issue affects Rara Business: from n/a through <= 1.2.5. | ||||
| CVE-2024-37927 | 2 Nootheme, Wordpress | 2 Jobmonster, Wordpress | 2026-04-01 | N/A |
| Incorrect Privilege Assignment vulnerability in NooTheme Jobmonster noo-jobmonster allows Privilege Escalation.This issue affects Jobmonster: from n/a through <= 4.7.5. | ||||
| CVE-2024-37923 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in cliengo Cliengo – Chatbot cliengo allows Cross Site Request Forgery.This issue affects Cliengo – Chatbot: from n/a through <= 3.0.4. | ||||
| CVE-2024-37540 | 2 Leaky Paywall, Wordpress | 2 Leaky Paywall, Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in ZEEN101 Leaky Paywall leaky-paywall allows Cross Site Request Forgery.This issue affects Leaky Paywall: from n/a through <= 4.21.2. | ||||
| CVE-2024-37511 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in swte Swift Performance Lite swift-performance-lite allows Cross Site Request Forgery.This issue affects Swift Performance Lite: from n/a through <= 2.3.6.20. | ||||
| CVE-2024-37503 | 2 Rarathemes, Wordpress | 2 Lawyer Landing Page, Wordpress | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in raratheme Lawyer Landing Page lawyer-landing-page allows Cross Site Request Forgery.This issue affects Lawyer Landing Page: from n/a through <= 1.2.4. | ||||
| CVE-2024-37502 | 3 Wordpress, Wpweb, Wpwebelite | 3 Wordpress, Woocommerce Social Login, Woocommerce Social Login | 2026-04-01 | 7.5 High |
| Deserialization of Untrusted Data vulnerability in wpweb WooCommerce Social Login woo-social-login.This issue affects WooCommerce Social Login: from n/a through <= 2.6.3. | ||||