Filtered by vendor Wordpress
Subscriptions
Total
11789 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-49295 | 2 Presstigers, Wordpress | 2 Simple Testimonials Showcase, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PressTigers Simple Testimonials Showcase simple-testimonials-showcase allows Stored XSS.This issue affects Simple Testimonials Showcase: from n/a through <= 1.1.6. | ||||
| CVE-2024-49282 | 2 Dfactory, Wordpress | 2 Responsive Lightbox, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dFactory Responsive Lightbox responsive-lightbox allows Stored XSS.This issue affects Responsive Lightbox: from n/a through <= 2.4.8. | ||||
| CVE-2024-49279 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Daniel Floeter Hyperlink Group Block hyperlink-group-block allows Stored XSS.This issue affects Hyperlink Group Block: from n/a through <= 1.17.5. | ||||
| CVE-2024-49278 | 2 Omnipressteam, Wordpress | 2 Omnipress, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in omnipressteam Omnipress omnipress allows Stored XSS.This issue affects Omnipress: from n/a through <= 1.4.3. | ||||
| CVE-2024-49270 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hashthemes Smart Blocks smart-blocks allows Stored XSS.This issue affects Smart Blocks: from n/a through <= 2.0. | ||||
| CVE-2024-49266 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Thimo Grauerholz WP-Spreadplugin wp-spreadplugin allows Cross-Site Scripting (XSS).This issue affects WP-Spreadplugin: from n/a through <= 4.8.9. | ||||
| CVE-2024-49261 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ryo Arkhe Blocks arkhe-blocks.This issue affects Arkhe Blocks: from n/a through <= 2.23.0. | ||||
| CVE-2024-49255 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Daniele Alessandra Da Reactions da-reactions allows Stored XSS.This issue affects Da Reactions: from n/a through <= 5.1.5. | ||||
| CVE-2024-49246 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in anand23 Ajax Rating with Custom Login ajax-rating-with-custom-login allows SQL Injection.This issue affects Ajax Rating with Custom Login: from n/a through <= 1.1. | ||||
| CVE-2024-49222 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Deserialization of Untrusted Data vulnerability in AmentoTech Private Limited WPGuppy wpguppy-lite allows Object Injection.This issue affects WPGuppy: from n/a through <= 1.1.0. | ||||
| CVE-2024-48048 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in GabbyKhrmon Wsify Widget wsify-widget allows Stored XSS.This issue affects Wsify Widget: from n/a through <= 1.0. | ||||
| CVE-2024-48041 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CreativeMindsSolutions CM Tooltip Glossary enhanced-tooltipglossary allows Stored XSS.This issue affects CM Tooltip Glossary: from n/a through <= 4.3.9. | ||||
| CVE-2024-48038 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in tuxlog wp-Monalisa wp-monalisa.This issue affects wp-Monalisa: from n/a through <= 6.4. | ||||
| CVE-2024-48032 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sumitsurai Featured Posts with Multiple Custom Groups (FPMCG) featured-posts-with-multiple-custom-groups-fpmcg allows Reflected XSS.This issue affects Featured Posts with Multiple Custom Groups (FPMCG): from n/a through <= 4.0. | ||||
| CVE-2024-48031 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in sumitsurai Featured Posts with Multiple Custom Groups (FPMCG) featured-posts-with-multiple-custom-groups-fpmcg allows Cross Site Request Forgery.This issue affects Featured Posts with Multiple Custom Groups (FPMCG): from n/a through <= 4.0. | ||||
| CVE-2024-48024 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Fahad Mahmood Keep Backup Daily keep-backup-daily allows Retrieve Embedded Sensitive Data.This issue affects Keep Backup Daily: from n/a through <= 2.1.3. | ||||
| CVE-2024-47650 | 2 Axton, Wordpress | 2 Wp-webauthn, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Axton WP-WebAuthn wp-webauthn allows Stored XSS.This issue affects WP-WebAuthn: from n/a through <= 1.3.1. | ||||
| CVE-2024-47643 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alex Include Fussball.de Widgets include-fussball-de-widgets allows Stored XSS.This issue affects Include Fussball.de Widgets: from n/a through <= 4.0.0. | ||||
| CVE-2024-47642 | 2 Keap, Wordpress | 2 Keap Official Opt In Forms, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Keap Keap Official Opt-in Forms infusionsoft-official-opt-in-forms allows Stored XSS.This issue affects Keap Official Opt-in Forms: from n/a through <= 2.0.3. | ||||
| CVE-2024-47641 | 2 Wordpress, Wpdeveloperr | 2 Wordpress, Confetti Fall Animation | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Muhammad Shakeel Confetti Fall Animation confetti-fall-animation allows Stored XSS.This issue affects Confetti Fall Animation: from n/a through <= 1.3.0. | ||||