Filtered by vendor Wordpress
Subscriptions
Total
8074 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-67517 | 2 Artplacer, Wordpress | 2 Artplacer Widget, Wordpress | 2025-12-11 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in artplacer ArtPlacer Widget artplacer-widget allows Blind SQL Injection.This issue affects ArtPlacer Widget: from n/a through <= 2.22.9.2. | ||||
| CVE-2025-67516 | 2 Agile Logix, Wordpress | 2 Store Locator Wordpress, Wordpress Mu | 2025-12-11 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Agile Logix Store Locator WordPress agile-store-locator allows Blind SQL Injection.This issue affects Store Locator WordPress: from n/a through <= 1.6.2. | ||||
| CVE-2025-67515 | 2 Mikado-themes, Wordpress | 2 Wilmer, Wordpress | 2025-12-11 | 9.8 Critical |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Wilmër wilmer allows PHP Local File Inclusion.This issue affects Wilmër: from n/a through < 3.5. | ||||
| CVE-2025-67473 | 2 Codeworkweb, Wordpress | 2 Cww Companion, Wordpress | 2025-12-11 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in codeworkweb CWW Companion cww-companion allows Cross Site Request Forgery.This issue affects CWW Companion: from n/a through <= 1.3.2. | ||||
| CVE-2025-67471 | 1 Wordpress | 1 Wordpress | 2025-12-11 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Saad Iqbal Quick Contact Form quick-contact-form allows Cross Site Request Forgery.This issue affects Quick Contact Form: from n/a through <= 8.2.5. | ||||
| CVE-2025-67469 | 2 Kubiq, Wordpress | 2 Pdf Thumbnail Generator, Wordpress | 2025-12-11 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in kubiq PDF Thumbnail Generator pdf-thumbnail-generator allows Cross Site Request Forgery.This issue affects PDF Thumbnail Generator: from n/a through <= 1.4. | ||||
| CVE-2025-67466 | 2 Sergiotrinity, Wordpress | 2 Trinity Audio, Wordpress | 2025-12-11 | 8.1 High |
| Missing Authorization vulnerability in sergiotrinity Trinity Audio trinity-audio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Trinity Audio: from n/a through <= 5.23.3. | ||||
| CVE-2025-67465 | 2 Quantumcloud, Wordpress | 2 Simple Link Directory, Wordpress | 2025-12-11 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in QuantumCloud Simple Link Directory simple-link-directory allows Cross Site Request Forgery.This issue affects Simple Link Directory: from n/a through <= 8.8.3. | ||||
| CVE-2025-66534 | 1 Wordpress | 1 Wordpress | 2025-12-11 | 8.8 High |
| Missing Authorization vulnerability in Elated-Themes The Aisle theaisle allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Aisle: from n/a through <= 2.9. | ||||
| CVE-2025-66532 | 2 Mikado-themes, Wordpress | 2 Powerlift, Wordpress | 2025-12-11 | 8.8 High |
| Missing Authorization vulnerability in Mikado-Themes Powerlift powerlift allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Powerlift: from n/a through < 3.2.1. | ||||
| CVE-2025-66531 | 1 Wordpress | 1 Wordpress | 2025-12-11 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Dimitri Grassi Salon booking system salon-booking-system allows Cross Site Request Forgery.This issue affects Salon booking system: from n/a through <= 10.30.3. | ||||
| CVE-2025-66530 | 2 Webba-booking, Wordpress | 2 Webba Booking, Wordpress | 2025-12-11 | 8.8 High |
| Missing Authorization vulnerability in Webba Appointment Booking Webba Booking webba-booking-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Webba Booking: from n/a through <= 6.2.1. | ||||
| CVE-2025-66529 | 2 Ays-pro, Wordpress | 2 Chartify, Wordpress | 2025-12-11 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Chartify chart-builder allows Cross Site Request Forgery.This issue affects Chartify: from n/a through <= 3.6.3. | ||||
| CVE-2025-66528 | 2 Villatheme, Wordpress | 2 Thank You Page Customizer For Woocommerce, Wordpress | 2025-12-11 | 8.1 High |
| Missing Authorization vulnerability in VillaTheme Thank You Page Customizer for WooCommerce woo-thank-you-page-customizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Thank You Page Customizer for WooCommerce: from n/a through <= 1.1.8. | ||||
| CVE-2025-64256 | 2 Presstigers, Wordpress | 2 Simple Folio, Wordpress | 2025-12-11 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in PressTigers Simple Folio simple-folio allows Cross Site Request Forgery.This issue affects Simple Folio: from n/a through <= 1.1.0. | ||||
| CVE-2025-64255 | 2 Bowo, Wordpress | 2 Admin And Site Enhancements Ase, Wordpress | 2025-12-11 | 7.2 High |
| Missing Authorization vulnerability in Bowo Admin and Site Enhancements (ASE) admin-site-enhancements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Admin and Site Enhancements (ASE): from n/a through <= 8.0.8. | ||||
| CVE-2025-64254 | 1 Wordpress | 1 Wordpress | 2025-12-11 | 8.8 High |
| Missing Authorization vulnerability in Ronald Huereca Photo Block photo-block allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Photo Block: from n/a through <= 1.5.1. | ||||
| CVE-2025-62153 | 1 Wordpress | 1 Wordpress | 2025-12-11 | 8.8 High |
| Missing Authorization vulnerability in Graham Quick Interest Slider quick-interest-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Interest Slider: from n/a through <= 3.1.5. | ||||
| CVE-2025-62152 | 2 Conveythis, Wordpress | 2 Conveythis, Wordpress | 2025-12-11 | 8.8 High |
| Missing Authorization vulnerability in ConveyThis ConveyThis conveythis-translate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ConveyThis: from n/a through <= 268.10. | ||||
| CVE-2025-62151 | 2 Woocommerce, Wordpress | 2 Woocommerce, Wordpress | 2025-12-11 | 8.8 High |
| Missing Authorization vulnerability in Virtuaria Virtuaria PagBank / PagSeguro para Woocommerce virtuaria-pagseguro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Virtuaria PagBank / PagSeguro para Woocommerce: from n/a through <= 3.6.3. | ||||