Wordpress CVEs and Security Vulnerabilities

Filtered by vendor Wordpress Subscriptions

Search

Switch to Advanced Search (Beta)

Total 11973 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-51703	1 Wordpress	1 Wordpress	2026-04-23	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in laura20 WP-Basics wp-basics allows Reflected XSS.This issue affects WP-Basics: from n/a through <= 2.0.
CVE-2024-51701	1 Wordpress	1 Wordpress	2026-04-23	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mahesh Waghmare MG Post Contributors mg-post-contributors allows Reflected XSS.This issue affects MG Post Contributors: from n/a through <= 1.3..
CVE-2024-51700	1 Wordpress	1 Wordpress	2026-04-23	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eutrue NAVER Analytics naver-analytics allows Stored XSS.This issue affects NAVER Analytics: from n/a through <= 0.9.
CVE-2024-51699	1 Wordpress	1 Wordpress	2026-04-23	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Buooy Buooy Sticky Header buooy-sticky-header allows Reflected XSS.This issue affects Buooy Sticky Header: from n/a through <= 0.5.2.
CVE-2024-51698	1 Wordpress	1 Wordpress	2026-04-23	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Luis Rock Master Bar master-bar allows Reflected XSS.This issue affects Master Bar: from n/a through <= 1.0.
CVE-2024-51696	1 Wordpress	1 Wordpress	2026-04-23	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ben.moody Content Syndication Toolkit Reader content-syndication-toolkit-reader allows Reflected XSS.This issue affects Content Syndication Toolkit Reader: from n/a through <= 1.5.
CVE-2024-51695	1 Wordpress	1 Wordpress	2026-04-23	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Yes We Work Fabrica Synced Pattern Instances fabrica-reusable-block-instances allows Reflected XSS.This issue affects Fabrica Synced Pattern Instances: from n/a through <= 1.0.8.
CVE-2024-51694	1 Wordpress	1 Wordpress	2026-04-23	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in digitalfisherman Geotagged Media geotagged-media allows Reflected XSS.This issue affects Geotagged Media: from n/a through <= 0.3.0.
CVE-2024-51692	1 Wordpress	1 Wordpress	2026-04-23	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in askewbrook Bing Search API Integration abbs-bing-search allows Reflected XSS.This issue affects Bing Search API Integration: from n/a through <= 0.3.3.
CVE-2024-51691	1 Wordpress	1 Wordpress	2026-04-23	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in aryanduntley Admin Amplify wpr-admin-amplify allows Reflected XSS.This issue affects Admin Amplify: from n/a through <= 1.3.0.
CVE-2024-51690	1 Wordpress	1 Wordpress	2026-04-23	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in neelam.samariya Wp Slide Categorywise wp-slide-categorywise allows Reflected XSS.This issue affects Wp Slide Categorywise: from n/a through <= 1.1.
CVE-2024-51689	1 Wordpress	1 Wordpress	2026-04-23	7.1 High
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Saleswonder Team: Tobias CF7 WOW Styler cf7-styler allows Reflected XSS.This issue affects CF7 WOW Styler: from n/a through <= 1.6.8.
CVE-2024-51684	1 Wordpress	1 Wordpress	2026-04-23	7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in Ciprian Popescu W3P SEO wp-perfect-plugin allows Stored XSS.This issue affects W3P SEO: from n/a through < 1.8.6.
CVE-2024-51676	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Delicious Delisho dr-widgets-blocks allows DOM-Based XSS.This issue affects Delisho: from n/a through <= 1.0.6.
CVE-2024-51673	2 Hasthemes, Wordpress	2 Ht Politic, Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DevItems HT Politic wp-politic allows DOM-Based XSS.This issue affects HT Politic: from n/a through <= 2.4.4.
CVE-2024-51670	2 Joomsky, Wordpress	2 Js Help Desk, Wordpress	2026-04-23	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JoomSky JS Help Desk js-support-ticket allows Stored XSS.This issue affects JS Help Desk: from n/a through <= 2.8.7.
CVE-2024-51666	1 Wordpress	1 Wordpress	2026-04-23	4.3 Medium
Missing Authorization vulnerability in Tosin Oguntuyi Tours tours.This issue affects Tours: from n/a through <= 1.0.0.
CVE-2024-51660	1 Wordpress	1 Wordpress	2026-04-23	4.3 Medium
Missing Authorization vulnerability in Binsaifullah Easy Accordion Gutenberg Block easy-accordion-block allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Accordion Gutenberg Block: from n/a through <= 1.2.3.
CVE-2024-51658	1 Wordpress	1 Wordpress	2026-04-23	7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in Henrik Hoff WP Course Manager wp-course-manager allows Stored XSS.This issue affects WP Course Manager: from n/a through <= 1.3.
CVE-2024-51657	1 Wordpress	1 Wordpress	2026-04-23	7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in Woopy Plugins SmartLink Dynamic URLs smartlink-dinamic-urls allows Stored XSS.This issue affects SmartLink Dynamic URLs: from n/a through <= 1.1.0.

« first previous Page 252 of 599. next last »