Wordpress CVEs and Security Vulnerabilities

Filtered by vendor Wordpress Subscriptions

Filtered by product Wordpress Subscriptions

Search

Switch to Advanced Search (Beta)

Total 13445 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-22326	2 Axiomthemes, Wordpress	2 Reprizo, Wordpress	2026-06-26	8.1 High
Unauthenticated Local File Inclusion in Reprizo <= 1.0.8 versions.
CVE-2026-22330	2 Themeum, Wordpress	2 Right Way, Wordpress	2026-06-26	8.1 High
Unauthenticated Local File Inclusion in Right Way <= 4.0 versions.
CVE-2026-22331	2 Themerex, Wordpress	2 Autoparts, Wordpress	2026-06-26	8.1 High
Unauthenticated Local File Inclusion in AutoParts <= 1.5.8 versions.
CVE-2026-22338	2 Themerex, Wordpress	2 Ecoblue, Wordpress	2026-06-26	8.1 High
Unauthenticated Local File Inclusion in EcoBlue <= 1.15 versions.
CVE-2026-25446	2 Wishlist Products, Wordpress	2 Wishlist Member X, Wordpress	2026-06-26	9.9 Critical
Subscriber Arbitrary File Upload in WishList Member X <= 3.29.0 versions.
CVE-2026-39558	2 Elated-themes, Wordpress	2 Malmö, Wordpress	2026-06-26	8.1 High
Unauthenticated Local File Inclusion in Malmö <= 2.2 versions.
CVE-2026-40735	2 Edge-themes, Wordpress	2 Reina, Wordpress	2026-06-26	8.1 High
Unauthenticated PHP Object Injection in Reina <= 2.1 versions.
CVE-2026-45436	2 Rain-task, Wordpress	2 Wpbakery Page Builder, Wordpress	2026-06-26	6.5 Medium
Subscriber Broken Access Control in WPBakery Page Builder <= 8.7.2 versions.
CVE-2025-31013	2 Themify, Wordpress	2 Themify Folo, Wordpress	2026-06-26	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themify Folo allows Reflected XSS. This issue affects Themify Folo: from n/a through 1.9.6.
CVE-2025-69106	2 Themerex, Wordpress	2 Imba, Wordpress	2026-06-26	8.1 High
Unauthenticated Local File Inclusion in Imba <= 1.5.0 versions.
CVE-2025-69111	2 Themerex, Wordpress	2 Reisen, Wordpress	2026-06-26	9.8 Critical
Unauthenticated PHP Object Injection in Reisen <= 1.4.1 versions.
CVE-2025-69120	2 Themerex, Wordpress	2 Dazzle, Wordpress	2026-06-26	8.1 High
Unauthenticated Local File Inclusion in Dazzle <= 1.0.0 versions.
CVE-2025-69123	2 Themerex, Wordpress	2 Snow Club, Wordpress	2026-06-26	8.1 High
Unauthenticated Local File Inclusion in Snow Club <= 1.1 versions.
CVE-2025-69126	2 Themerex, Wordpress	2 Fortius, Wordpress	2026-06-26	8.1 High
Unauthenticated Local File Inclusion in Fortius <= 2.3.0 versions.
CVE-2025-69127	2 Themerex, Wordpress	2 Plumbing, Wordpress	2026-06-26	9.8 Critical
Unauthenticated PHP Object Injection in Plumbing <= 1.6 versions.
CVE-2025-69157	2 Themerex, Wordpress	2 Gamic, Wordpress	2026-06-26	8.1 High
Unauthenticated Local File Inclusion in Gamic <= 1.15 versions.
CVE-2025-69158	2 Themerex, Wordpress	2 Granola, Wordpress	2026-06-26	8.1 High
Unauthenticated Local File Inclusion in Granola <= 1.13 versions.
CVE-2025-69166	2 Themerex, Wordpress	2 Gunslinger, Wordpress	2026-06-26	8.1 High
Unauthenticated Local File Inclusion in Gunslinger <= 1.7 versions.
CVE-2025-69174	2 Themerex, Wordpress	2 Etude, Wordpress	2026-06-26	8.1 High
Unauthenticated Local File Inclusion in Etude <= 1.6 versions.
CVE-2026-39523	2 Elated-themes, Wordpress	2 Solene Core, Wordpress	2026-06-26	8.1 High
Unauthenticated Local File Inclusion in Solene Core <= 2.3.2 versions.

« first previous Page 5 of 673. next last »