Wordpress CVEs and Security Vulnerabilities

Filtered by vendor Wordpress Subscriptions

Filtered by product Wordpress Subscriptions

Search

Switch to Advanced Search (Beta)

Total 13590 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-24709	2 Shareaholic, Wordpress	2 Shareaholic, Wordpress	2026-06-17	4.3 Medium
Missing Authorization vulnerability in Shareaholic allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Shareaholic: from n/a through 9.7.11.
CVE-2024-32729	2 Quantumcloud, Wordpress	2 Conversational Forms For Chatbot, Wordpress	2026-06-17	7.5 High
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in QuantumCloud Conversational Forms for ChatBot allows Path Traversal. This issue affects Conversational Forms for ChatBot: from n/a through 1.1.8.
CVE-2026-49071	2 Opmc, Wordpress	2 Woocommerce Dropshipping, Wordpress	2026-06-17	6.5 Medium
Unauthenticated Broken Authentication in WooCommerce Dropshipping <= 5.2.4 versions.
CVE-2025-49403	2 Aa-team, Wordpress	2 Premium Age Verification Restriction For Wordpress, Wordpress	2026-06-17	7.5 High
Unauthenticated Arbitrary File Download in Premium Age Verification / Restriction for WordPress <= 3.0.2 versions.
CVE-2026-39546	2 Techspawn, Wordpress	2 Multiloca, Wordpress	2026-06-17	7.6 High
Subscriber Privilege Escalation in MultiLoca <= 4.2.15 versions.
CVE-2026-54806	2 Melapress, Wordpress	2 Wp Activity Log, Wordpress	2026-06-17	9.8 Critical
Unauthenticated PHP Object Injection in WP Activity Log <= 5.6.3.1 versions.
CVE-2024-32949	2 Prince, Wordpress	2 Integrate Google Drive, Wordpress	2026-06-17	8.3 High
Missing Authorization vulnerability in Prince Integrate Google Drive allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Integrate Google Drive: from n/a through 1.3.8.
CVE-2024-33909	2 Avirtum, Wordpress	2 Ipages Flipbook, Wordpress	2026-06-17	5.3 Medium
Missing Authorization vulnerability in Avirtum iPages Flipbook allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects iPages Flipbook: from n/a through 1.5.1.
CVE-2024-35690	2 Marketingfire, Wordpress	2 Widget-options, Wordpress	2026-06-17	6.5 Medium
Insertion of sensitive information into sent data vulnerability in MarketingFire Widget Options allows Retrieve Embedded Sensitive Data. This issue affects Widget Options: from n/a through 4.0.1.
CVE-2026-40723	2 Bricks, Wordpress	2 Bricks Builder, Wordpress	2026-06-17	4.3 Medium
Subscriber Broken Access Control in Bricks Builder <= 2.1.4 versions.
CVE-2026-48967	2 Dylan Kuhn, Wordpress	2 Geo Mashup, Wordpress	2026-06-17	8.5 High
Subscriber SQL Injection in Geo Mashup <= 1.13.19 versions.
CVE-2026-24575	2 Wishlist Member, Wordpress	2 Wishlist Member X, Wordpress	2026-06-17	4.3 Medium
Subscriber Broken Access Control in WishList Member X <= 3.29.0 versions.
CVE-2026-24611	2 Wordpress, Wpmet	2 Wordpress, Metform Pro	2026-06-17	9.1 Critical
Unauthenticated Broken Access Control in MetForm Pro <= 3.9.1 versions.
CVE-2026-25439	2 Fs-code, Wordpress	2 Booknetic, Wordpress	2026-06-17	8.1 High
Unauthenticated Broken Authentication in Booknetic <= 4.8.5 versions.
CVE-2026-49107	2 Thrivethemes, Wordpress	2 Thrive Apprentice, Wordpress	2026-06-17	9.8 Critical
Unauthenticated PHP Object Injection in Thrive Apprentice < 10.8.10.2 versions.
CVE-2026-49767	2 Tomdever, Wordpress	2 Wpforo Forum, Wordpress	2026-06-17	9.8 Critical
Unauthenticated Broken Authentication in wpForo Forum <= 3.1.0 versions.
CVE-2026-27410	2 Veronalabs, Wordpress	2 Slimstat Analytics, Wordpress	2026-06-17	6.5 Medium
Unauthenticated Deserialization of untrusted data in Slimstat Analytics < 5.4.0 versions.
CVE-2026-39537	2 Mikado-themes, Wordpress	2 Mikado Core, Wordpress	2026-06-17	8.1 High
Unauthenticated Local File Inclusion in Mikado Core <= 1.6 versions.
CVE-2026-39595	2 Boldgrid, Wordpress	2 W3 Total Cache, Wordpress	2026-06-17	4.7 Medium
Author Broken Access Control in W3 Total Cache <= 2.9.1 versions.
CVE-2026-39597	2 Wordpress, Wpzoom	2 Wordpress, Wpzoom Addons For Elementor	2026-06-17	7.1 High
Unauthenticated Cross Site Scripting (XSS) in WPZOOM Addons for Elementor <= 1.3.4 versions.

« first previous Page 36 of 680. next last »