Wordpress CVEs and Security Vulnerabilities

Filtered by vendor Wordpress Subscriptions

Search

Switch to Advanced Search (Beta)

Total 11789 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-47631	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins Logo Carousel – Clients logo carousel for WP responsive-client-logo-carousel-slider allows Stored XSS.This issue affects Logo Carousel – Clients logo carousel for WP: from n/a through <= 1.2.
CVE-2024-47630	2 Elementinvader, Wordpress	2 Elementinvader Addons For Elementor, Wordpress	2026-04-01	5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Element Invader ElementInvader Addons for Elementor elementinvader-addons-for-elementor allows Stored XSS.This issue affects ElementInvader Addons for Elementor: from n/a through <= 1.2.7.
CVE-2024-47627	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Travel WP Travel Gutenberg Blocks wp-travel-blocks allows Stored XSS.This issue affects WP Travel Gutenberg Blocks: from n/a through <= 3.6.0.
CVE-2024-47394	2 Eyecix, Wordpress	2 Jobsearch, Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eyecix JobSearch wp-jobsearch allows Reflected XSS.This issue affects JobSearch: from n/a through <= 2.5.9.
CVE-2024-47393	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mohamed Magdy Quill Forms quillforms allows Stored XSS.This issue affects Quill Forms: from n/a through <= 3.7.0.
CVE-2024-47387	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Search Atlas Group Search Atlas SEO metasync allows Stored XSS.This issue affects Search Atlas SEO: from n/a through <= 1.8.2.
CVE-2024-47382	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webvitaly Page-list page-list allows Stored XSS.This issue affects Page-list: from n/a through <= 5.6.
CVE-2024-47381	2 Averta, Wordpress	2 Depicter Slider, Wordpress	2026-04-01	4.8 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in averta Depicter Slider depicter allows Stored XSS.This issue affects Depicter Slider: from n/a through <= 3.2.2.
CVE-2024-47376	2 Tribulant, Wordpress	2 Slideshow Gallery, Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tribulant Software Slideshow Gallery slideshow-gallery allows Cross-Site Scripting (XSS).This issue affects Slideshow Gallery: from n/a through <= 1.8.3.
CVE-2024-47373	3 Litespeed Technologies, Litespeedtech, Wordpress	3 Litespeed Cache, Litespeed Cache, Wordpress	2026-04-01	5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Stored XSS.This issue affects LiteSpeed Cache: from n/a through <= 6.5.0.2.
CVE-2024-47371	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Walter Pinem WP MyLinks wp-mylinks allows Stored XSS.This issue affects WP MyLinks: from n/a through <= 1.0.6.
CVE-2024-47365	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Atakan Au Automatically Hierarchic Categories in Menu automatically-hierarchic-categories-in-menu allows Stored XSS.This issue affects Automatically Hierarchic Categories in Menu: from n/a through <= 2.0.5.
CVE-2024-47363	2 Blockspare, Wordpress	2 Blockspare, Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Blockspare Blockspare blockspare allows Stored XSS.This issue affects Blockspare: from n/a through <= 3.2.4.
CVE-2024-47356	2 Catchthemes, Wordpress	2 Create, Wordpress	2026-04-01	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in catchthemes Create create allows Stored XSS.This issue affects Create: from n/a through <= 2.9.1.
CVE-2024-47355	2 Cozythemes, Wordpress	2 Cozy Blocks, Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CozyThemes Cozy Blocks cozy-addons allows Stored XSS.This issue affects Cozy Blocks: from n/a through <= 2.0.11.
CVE-2024-47348	2 Waspthemes, Wordpress	2 Yellowpencil Visual Css Style Editor, Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in YellowPencil YellowPencil Visual CSS Style Editor yellow-pencil-visual-theme-customizer allows Reflected XSS.This issue affects YellowPencil Visual CSS Style Editor: from n/a through <= 7.6.4.
CVE-2024-47347	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Chartify chart-builder allows Reflected XSS.This issue affects Chartify: from n/a through <= 2.7.6.
CVE-2024-47346	2 Tribulant, Wordpress	2 Newsletters, Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tribulant Software Newsletters newsletters-lite allows Reflected XSS.This issue affects Newsletters: from n/a through <= 4.9.9.1.
CVE-2024-47343	2 Kraftplugins, Wordpress	2 Mega Elements, Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kraft Plugins Mega Elements mega-elements-addons-for-elementor allows Stored XSS.This issue affects Mega Elements: from n/a through <= 1.2.4.
CVE-2024-47342	2 Pickplugins, Wordpress	2 Accordion, Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Accordion accordions allows Stored XSS.This issue affects Accordion: from n/a through <= 2.2.99.

« first previous Page 316 of 590. next last »