Wordpress CVEs and Security Vulnerabilities

Filtered by vendor Wordpress Subscriptions

Filtered by product Wordpress Subscriptions

Search

Switch to Advanced Search (Beta)

Total 11992 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-24799	2 Woocommerce, Wordpress	3 Box Office, Woocommerce Box Office, Wordpress	2026-04-28	6.5 Medium
Missing Authorization vulnerability in WooCommerce WooCommerce Box Office.This issue affects WooCommerce Box Office: from n/a through 1.2.2.
CVE-2024-24719	1 Wordpress	1 Wordpress	2026-04-28	4.3 Medium
Missing Authorization vulnerability in Uriahs Victor Location Picker at Checkout for WooCommerce.This issue affects Location Picker at Checkout for WooCommerce: from n/a through 1.8.9.
CVE-2024-1438	2 Pressforce, Wordpress	2 Rolo Slider, Wordpress	2026-04-28	7.7 High
Missing Authorization vulnerability in PressFore Rolo Slider.This issue affects Rolo Slider: from n/a through 1.0.9.
CVE-2023-52144	2 Rextheme, Wordpress	2 Product Feed Manager, Wordpress	2026-04-28	5.5 Medium
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in RexTheme Product Feed Manager.This issue affects Product Feed Manager: from n/a through 7.3.15.
CVE-2023-51531	2 Thrivethemes, Wordpress	2 Thrive Automator, Wordpress	2026-04-28	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Thrive Themes Thrive Automator.This issue affects Thrive Automator: from n/a through 1.17.
CVE-2023-51528	2 Aipower, Wordpress	2 Aipower, Wordpress	2026-04-28	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Senol Sahin AI Power: Complete AI Pack – Powered by GPT-4.This issue affects AI Power: Complete AI Pack – Powered by GPT-4: from n/a through 1.8.12.
CVE-2023-50905	2 Melapress, Wordpress	2 Wp Activity Log, Wordpress	2026-04-28	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Melapress WP Activity Log allows Stored XSS.This issue affects WP Activity Log: from n/a through 4.6.1.
CVE-2023-49818	1 Wordpress	1 Wordpress	2026-04-28	5.3 Medium
Missing Authorization vulnerability in Webflow Webflow Pages allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Webflow Pages: from n/a through 1.0.8.
CVE-2023-47847	1 Wordpress	1 Wordpress	2026-04-28	5.3 Medium
Missing Authorization vulnerability in PayTR Ödeme ve Elektronik Para Kuruluşu A.Ş. PayTR Taksit Tablosu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PayTR Taksit Tablosu: from n/a through 1.3.1.
CVE-2023-47842	2 Wordpress, Zacharysegal	2 Wordpress, Catablog	2026-04-28	9.1 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in Zachary Segal CataBlog.This issue affects CataBlog: from n/a through 1.7.0.
CVE-2023-47830	1 Wordpress	1 Wordpress	2026-04-28	5.4 Medium
Missing Authorization vulnerability in Addons for Contact Form 7 Live Preview for Contact Form 7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Live Preview for Contact Form 7: from n/a through 1.2.0.
CVE-2023-47820	2 Crudlab, Wordpress	2 Wp Like Button, Wordpress	2026-04-28	4.3 Medium
Missing Authorization vulnerability in CRUDLab WP Like Button allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Like Button: from n/a through 1.7.0.
CVE-2023-47689	1 Wordpress	1 Wordpress	2026-04-28	6.5 Medium
Missing Authorization vulnerability in Toast Plugins Animator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Animator: from n/a through 3.0.10.
CVE-2023-47523	1 Wordpress	1 Wordpress	2026-04-28	4.3 Medium
Missing Authorization vulnerability in Ecreate Infotech Auto Tag Creator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Auto Tag Creator: from n/a through 1.0.2.
CVE-2023-46637	1 Wordpress	1 Wordpress	2026-04-28	5.3 Medium
Missing Authorization vulnerability in Saurav Sharma Generate Dummy Posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Generate Dummy Posts: from n/a through 1.0.0.
CVE-2023-46633	1 Wordpress	1 Wordpress	2026-04-28	5.4 Medium
Missing Authorization vulnerability in TCBarrett Glossary allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Glossary: from n/a through 3.1.2.
CVE-2023-46632	1 Wordpress	1 Wordpress	2026-04-28	7.1 High
Missing Authorization vulnerability in David Cramer My Shortcodes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects My Shortcodes: from n/a through 2.3.
CVE-2023-46611	2 Wordpress, Yourownprogrammer	2 Wordpress, Yop Poll	2026-04-28	5.3 Medium
Authentication Bypass by Primary Weakness vulnerability in yourownprogrammer YOP Poll allows Authentication Bypass.This issue affects YOP Poll: from n/a through 6.5.28.
CVE-2023-46605	1 Wordpress	1 Wordpress	2026-04-28	5.3 Medium
Missing Authorization vulnerability in Ruslan Suhar Convertful – Your Ultimate On-Site Conversion Tool allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Convertful – Your Ultimate On-Site Conversion Tool: from n/a through 2.5.
CVE-2023-46203	1 Wordpress	1 Wordpress	2026-04-28	4.3 Medium
Missing Authorization vulnerability in JustCoded / Alex Prokopenko Just Custom Fields allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Just Custom Fields: from n/a through 3.3.2.

« first previous Page 28 of 600. next last »