Wordpress CVEs and Security Vulnerabilities

Filtered by vendor Wordpress Subscriptions

Filtered by product Wordpress Subscriptions

Search

Switch to Advanced Search (Beta)

Total 13590 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-49065	2 Hippooo, Wordpress	2 Hippoo Mobile App For Woocommerce, Wordpress	2026-06-16	8.2 High
Unauthenticated Broken Access Control in Hippoo Mobile App for WooCommerce <= 1.9.5 versions.
CVE-2026-49763	2 Crm Perks, Wordpress	2 Integration For Contact Form 7 Hubspot, Wordpress	2026-06-16	9.8 Critical
Unauthenticated PHP Object Injection in Integration for Contact Form 7 HubSpot <= 1.3.7 versions.
CVE-2026-52697	2 Taskbuilder, Wordpress	2 Taskbuilder, Wordpress	2026-06-16	8.5 High
Subscriber SQL Injection in Taskbuilder <= 5.0.7 versions.
CVE-2026-34886	2 Wordpress, Wp.insider	2 Wordpress, Simple Membership	2026-06-16	7.5 High
Unauthenticated Broken Access Control in Simple Membership <= 4.7.1 versions.
CVE-2026-40781	2 Reviewx, Wordpress	2 Reviewx, Wordpress	2026-06-16	7.5 High
Unauthenticated Broken Authentication in ReviewX <= 2.3.6 versions.
CVE-2026-40782	2 Greg Winiarski, Wordpress	2 Wpadverts, Wordpress	2026-06-16	6.5 Medium
Unauthenticated Broken Access Control in WPAdverts <= 2.3.0 versions.
CVE-2026-40787	2 Expresstech, Wordpress	2 Quiz And Survey Master, Wordpress	2026-06-16	7.1 High
Unauthenticated Cross Site Scripting (XSS) in Quiz And Survey Master <= 11.0.0 versions.
CVE-2026-40788	2 Quantumcloud, Wordpress	2 Chatbot, Wordpress	2026-06-16	7.1 High
Subscriber Broken Access Control in ChatBot <= 7.9.7 versions.
CVE-2026-40791	2 Codepeople, Wordpress	2 Wp Time Slots Booking Form, Wordpress	2026-06-16	7.1 High
Unauthenticated Cross Site Scripting (XSS) in WP Time Slots Booking Form <= 1.2.46 versions.
CVE-2026-40794	2 Mycred, Wordpress	2 Mycred, Wordpress	2026-06-16	6.5 Medium
Subscriber Broken Access Control in myCred <= 3.0.3 versions.
CVE-2026-42386	2 Tychesoftwares, Wordpress	2 Order Delivery Date For Woocommerce, Wordpress	2026-06-16	9.3 Critical
Unauthenticated SQL Injection in Order Delivery Date for WooCommerce <= 4.5.1 versions.
CVE-2026-42639	2 Dev4press, Wordpress	2 Gd Rating System, Wordpress	2026-06-16	9.3 Critical
Unauthenticated SQL Injection in GD Rating System <= 3.6.2 versions.
CVE-2026-42658	2 Mamunur Rashid, Wordpress	2 Classified Listing, Wordpress	2026-06-16	7.1 High
Unauthenticated Cross Site Scripting (XSS) in Classified Listing <= 5.3.8 versions.
CVE-2026-42667	2 Bookly, Wordpress	2 Bookly, Wordpress	2026-06-16	7.5 High
Unauthenticated Sensitive Data Exposure in Bookly <= 27.4 versions.
CVE-2026-42688	2 Wordpress, Wpchill	2 Wordpress, Modula Image Gallery	2026-06-16	6.5 Medium
Subscriber Cross Site Scripting (XSS) in Modula Image Gallery <= 2.14.23 versions.
CVE-2026-42775	2 Automatorwp, Wordpress	2 Automatorwp, Wordpress	2026-06-16	7.1 High
Unauthenticated Cross Site Scripting (XSS) in AutomatorWP <= 5.7.2 versions.
CVE-2026-34892	2 Rank Math Seo, Wordpress	2 Rank Math Seo, Wordpress	2026-06-16	6.5 Medium
Subscriber Broken Access Control in Rank Math SEO <= 1.0.271 versions.
CVE-2026-39463	2 Managewp, Wordpress	2 Managewp Worker, Wordpress	2026-06-16	7.1 High
Unauthenticated Cross Site Scripting (XSS) in ManageWP Worker <= 4.9.31 versions.
CVE-2026-39474	2 Metaphorcreations, Wordpress	2 Post Duplicator, Wordpress	2026-06-16	8.8 High
Contributor PHP Object Injection in Post Duplicator <= 3.0.10 versions.
CVE-2026-39512	2 Paolo, Wordpress	2 Geodirectory, Wordpress	2026-06-16	9.3 Critical
Unauthenticated SQL Injection in GeoDirectory <= 2.8.152 versions.

« first previous Page 41 of 680. next last »