Wordpress CVEs and Security Vulnerabilities

Filtered by vendor Wordpress Subscriptions

Filtered by product Wordpress Subscriptions

Search

Switch to Advanced Search (Beta)

Total 13486 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-39546	2 Techspawn, Wordpress	2 Multiloca, Wordpress	2026-06-17	7.6 High
Subscriber Privilege Escalation in MultiLoca <= 4.2.15 versions.
CVE-2026-54806	2 Melapress, Wordpress	2 Wp Activity Log, Wordpress	2026-06-17	9.8 Critical
Unauthenticated PHP Object Injection in WP Activity Log <= 5.6.3.1 versions.
CVE-2024-32949	2 Prince, Wordpress	2 Integrate Google Drive, Wordpress	2026-06-17	8.3 High
Missing Authorization vulnerability in Prince Integrate Google Drive allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Integrate Google Drive: from n/a through 1.3.8.
CVE-2024-33909	2 Avirtum, Wordpress	2 Ipages Flipbook, Wordpress	2026-06-17	5.3 Medium
Missing Authorization vulnerability in Avirtum iPages Flipbook allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects iPages Flipbook: from n/a through 1.5.1.
CVE-2024-35690	2 Marketingfire, Wordpress	2 Widget-options, Wordpress	2026-06-17	6.5 Medium
Insertion of sensitive information into sent data vulnerability in MarketingFire Widget Options allows Retrieve Embedded Sensitive Data. This issue affects Widget Options: from n/a through 4.0.1.
CVE-2026-40723	2 Bricks, Wordpress	2 Bricks Builder, Wordpress	2026-06-17	4.3 Medium
Subscriber Broken Access Control in Bricks Builder <= 2.1.4 versions.
CVE-2026-48967	2 Dylan Kuhn, Wordpress	2 Geo Mashup, Wordpress	2026-06-17	8.5 High
Subscriber SQL Injection in Geo Mashup <= 1.13.19 versions.
CVE-2026-24575	2 Wishlist Member, Wordpress	2 Wishlist Member X, Wordpress	2026-06-17	4.3 Medium
Subscriber Broken Access Control in WishList Member X <= 3.29.0 versions.
CVE-2026-24611	2 Wordpress, Wpmet	2 Wordpress, Metform Pro	2026-06-17	9.1 Critical
Unauthenticated Broken Access Control in MetForm Pro <= 3.9.1 versions.
CVE-2026-25439	2 Fs-code, Wordpress	2 Booknetic, Wordpress	2026-06-17	8.1 High
Unauthenticated Broken Authentication in Booknetic <= 4.8.5 versions.
CVE-2026-49107	2 Thrivethemes, Wordpress	2 Thrive Apprentice, Wordpress	2026-06-17	9.8 Critical
Unauthenticated PHP Object Injection in Thrive Apprentice < 10.8.10.2 versions.
CVE-2026-49767	2 Tomdever, Wordpress	2 Wpforo Forum, Wordpress	2026-06-17	9.8 Critical
Unauthenticated Broken Authentication in wpForo Forum <= 3.1.0 versions.
CVE-2026-27410	2 Veronalabs, Wordpress	2 Slimstat Analytics, Wordpress	2026-06-17	6.5 Medium
Unauthenticated Deserialization of untrusted data in Slimstat Analytics < 5.4.0 versions.
CVE-2026-39537	2 Mikado-themes, Wordpress	2 Mikado Core, Wordpress	2026-06-17	8.1 High
Unauthenticated Local File Inclusion in Mikado Core <= 1.6 versions.
CVE-2026-39595	2 Boldgrid, Wordpress	2 W3 Total Cache, Wordpress	2026-06-17	4.7 Medium
Author Broken Access Control in W3 Total Cache <= 2.9.1 versions.
CVE-2026-39597	2 Wordpress, Wpzoom	2 Wordpress, Wpzoom Addons For Elementor	2026-06-17	7.1 High
Unauthenticated Cross Site Scripting (XSS) in WPZOOM Addons for Elementor <= 1.3.4 versions.
CVE-2026-54194	2 Themefusion, Wordpress	2 Fusion Builder, Wordpress	2026-06-17	9.8 Critical
Contributor PHP Object Injection in Fusion Builder <= 3.15.4 versions.
CVE-2025-69139	2 Aivahthemes, Wordpress	2 Car Zone, Wordpress	2026-06-17	8.6 High
Unauthenticated Arbitrary File Deletion in Car Zone <= 3.7 versions.
CVE-2025-69151	2 Themegoods, Wordpress	2 Grand Car Rental, Wordpress	2026-06-17	7.1 High
Unauthenticated Cross Site Scripting (XSS) in Grand Car Rental <= 3.7 versions.
CVE-2026-9570	2 Taskbuilder, Wordpress	2 Taskbuilder, Wordpress	2026-06-17	7.1 High
The Taskbuilder WordPress plugin before 5.0.8 does not properly sanitise a URL parameter before echoing it into inline JavaScript on a frontend page containing one of its shortcodes, leading to a Reflected Cross-Site Scripting vulnerability that can be triggered against any logged-in user.

« first previous Page 31 of 675. next last »