Filtered by vendor Wordpress
Subscriptions
Filtered by product Wordpress
Subscriptions
Total
10915 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-32397 | 2 Wordpress, Ymc-22 | 2 Wordpress, Filter & Grids | 2026-03-16 | 5.3 Medium |
| Missing Authorization vulnerability in YMC Filter & Grids ymc-smart-filter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filter & Grids: from n/a through <= 3.5.1. | ||||
| CVE-2026-32406 | 2 Wordpress, Wpclever | 2 Wordpress, Wpc Product Bundles For Woocommerce | 2026-03-16 | 4.3 Medium |
| Missing Authorization vulnerability in WPClever WPC Product Bundles for WooCommerce woo-product-bundle allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPC Product Bundles for WooCommerce: from n/a through <= 8.4.5. | ||||
| CVE-2026-32368 | 2 Delphiknight, Wordpress | 2 Geo To Lat, Wordpress | 2026-03-16 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in delphiknight Geo to Lat geo-to-lat allows Blind SQL Injection.This issue affects Geo to Lat: from n/a through <= 1.0.19. | ||||
| CVE-2026-32341 | 2 Rarathemes, Wordpress | 2 Benevolent, Wordpress | 2026-03-16 | 5.3 Medium |
| Missing Authorization vulnerability in raratheme Benevolent benevolent allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Benevolent: from n/a through <= 1.3.9. | ||||
| CVE-2026-32349 | 2 Andy Fragen, Wordpress | 2 Embed Pdf Viewer, Wordpress | 2026-03-16 | 4.9 Medium |
| Server-Side Request Forgery (SSRF) vulnerability in Andy Fragen Embed PDF Viewer embed-pdf-viewer allows Server Side Request Forgery.This issue affects Embed PDF Viewer: from n/a through <= 2.4.7. | ||||
| CVE-2026-32412 | 2 Giftup, Wordpress | 2 Gift Up Gift Cards For Wordpress And Woocommerce, Wordpress | 2026-03-16 | 5.4 Medium |
| Server-Side Request Forgery (SSRF) vulnerability in Gift Up! Gift Up Gift Cards for WordPress and WooCommerce gift-up allows Server Side Request Forgery.This issue affects Gift Up Gift Cards for WordPress and WooCommerce: from n/a through <= 3.1.7. | ||||
| CVE-2026-32353 | 2 Mailerpress Team, Wordpress | 2 Mailerpress, Wordpress | 2026-03-16 | 6.4 Medium |
| Server-Side Request Forgery (SSRF) vulnerability in MailerPress Team MailerPress mailerpress allows Server Side Request Forgery.This issue affects MailerPress: from n/a through <= 1.4.2. | ||||
| CVE-2026-32486 | 2 Wordpress, Wptravelengine | 2 Wordpress, Travel Booking | 2026-03-16 | 5.3 Medium |
| Missing Authorization vulnerability in wptravelengine Travel Booking travel-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travel Booking: from n/a through <= 1.3.9. | ||||
| CVE-2026-32370 | 2 Raratheme, Wordpress | 2 Influencer, Wordpress | 2026-03-16 | 5.3 Medium |
| Missing Authorization vulnerability in raratheme Influencer influencer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Influencer: from n/a through <= 1.1.7. | ||||
| CVE-2026-32416 | 2 Bplugins, Wordpress | 2 Pdf Poster, Wordpress | 2026-03-16 | 5.4 Medium |
| Missing Authorization vulnerability in bPlugins PDF Poster pdf-poster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PDF Poster: from n/a through <= 2.4.0. | ||||
| CVE-2026-32396 | 2 Radiustheme, Wordpress | 2 Team, Wordpress | 2026-03-16 | 5.3 Medium |
| Missing Authorization vulnerability in RadiusTheme Team tlp-team allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Team: from n/a through <= 5.0.13. | ||||
| CVE-2026-32381 | 2 Raratheme, Wordpress | 2 App Landing Page, Wordpress | 2026-03-16 | 5.3 Medium |
| Missing Authorization vulnerability in raratheme App Landing Page app-landing-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects App Landing Page: from n/a through <= 1.2.2. | ||||
| CVE-2026-32352 | 2 Elementor, Wordpress | 2 Elementor Website Builder, Wordpress | 2026-03-16 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Elementor Elementor Website Builder elementor allows DOM-Based XSS.This issue affects Elementor Website Builder: from n/a through <= 3.35.5. | ||||
| CVE-2026-32420 | 2 Ruben Garcia, Wordpress | 2 Gamipress, Wordpress | 2026-03-16 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Ruben Garcia GamiPress gamipress allows Cross Site Request Forgery.This issue affects GamiPress: from n/a through <= 7.6.6. | ||||
| CVE-2026-32357 | 2 Katsushi Kawamori, Wordpress | 2 Simple Blog Card, Wordpress | 2026-03-16 | 6.4 Medium |
| Server-Side Request Forgery (SSRF) vulnerability in Katsushi Kawamori Simple Blog Card simple-blog-card allows Server Side Request Forgery.This issue affects Simple Blog Card: from n/a through <= 2.37. | ||||
| CVE-2026-32434 | 2 Vowelweb, Wordpress | 2 Vw Fitness, Wordpress | 2026-03-16 | 5.3 Medium |
| Missing Authorization vulnerability in vowelweb VW Fitness vw-fitness allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VW Fitness: from n/a through <= 4.3.4. | ||||
| CVE-2026-32442 | 2 E2pdf, Wordpress | 2 E2pdf, Wordpress | 2026-03-16 | 4.3 Medium |
| Missing Authorization vulnerability in E2Pdf e2pdf e2pdf allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects e2pdf: from n/a through <= 1.28.15. | ||||
| CVE-2026-32355 | 2 Crocoblock, Wordpress | 2 Jetengine, Wordpress | 2026-03-16 | 8.8 High |
| Deserialization of Untrusted Data vulnerability in Crocoblock JetEngine jet-engine allows Object Injection.This issue affects JetEngine: from n/a through < 3.8.4.1. | ||||
| CVE-2026-32435 | 2 Vowelweb, Wordpress | 2 Vw Pet Shop, Wordpress | 2026-03-16 | 5.3 Medium |
| Missing Authorization vulnerability in vowelweb VW Pet Shop vw-pet-shop allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VW Pet Shop: from n/a through <= 1.4.7. | ||||
| CVE-2026-32330 | 2 10web, Wordpress | 2 Photo Gallery, Wordpress | 2026-03-16 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in 10Web Photo Gallery by 10Web photo-gallery allows Cross Site Request Forgery.This issue affects Photo Gallery by 10Web: from n/a through <= 1.8.37. | ||||