Wordpress - Wordpress CVE

Filtered by vendor Wordpress Subscriptions

Filtered by product Wordpress Subscriptions

Total 6956 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-53349	2 Laborator, Wordpress	2 Kalium, Wordpress	2025-11-07	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Laborator Kalium kalium allows Reflected XSS.This issue affects Kalium: from n/a through <= 3.18.3.
CVE-2025-48078	1 Wordpress	1 Wordpress	2025-11-07	N/A
Cross-Site Request Forgery (CSRF) vulnerability in Norbert Slick Google Map slick-google-map allows Stored XSS.This issue affects Slick Google Map: from n/a through <= 0.3.
CVE-2025-53246	1 Wordpress	1 Wordpress	2025-11-07	N/A
Missing Authorization vulnerability in Gaurav Aggarwal Backup and Move backup-and-move allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Backup and Move: from n/a through <= 0.1.
CVE-2025-62064	2 Elated-themes, Wordpress	2 Search And Go Directory, Wordpress	2025-11-07	9.8 Critical
Authentication Bypass Using an Alternate Path or Channel vulnerability in Elated-Themes Search & Go search-and-go allows Password Recovery Exploitation.This issue affects Search & Go: from n/a through <= 2.7.
CVE-2025-60243	3 Holest Engineering, Woocommerce, Wordpress	3 Selling Commander For Woocommerce, Woocommerce, Wordpress	2025-11-07	N/A
Incorrect Privilege Assignment vulnerability in Holest Engineering Selling Commander for WooCommerce selling-commander-connector allows Privilege Escalation.This issue affects Selling Commander for WooCommerce: from n/a through <= 1.2.46.
CVE-2025-60189	3 Polopag, Woocommerce, Wordpress	3 Polopag, Woocommerce, Wordpress	2025-11-07	N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in PoloPag PoloPag – Pix Automático para Woocommerce wc-polo-payments allows PHP Local File Inclusion.This issue affects PoloPag – Pix Automático para Woocommerce: from n/a through <= 2.0.9.
CVE-2025-60244	1 Wordpress	1 Wordpress	2025-11-07	N/A
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in RealMag777 TableOn posts-table-filterable allows Code Injection.This issue affects TableOn: from n/a through <= 1.0.4.2.
CVE-2025-60195	2 Atarim, Wordpress	2 Atarim, Wordpress	2025-11-07	9.8 Critical
Incorrect Privilege Assignment vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Privilege Escalation.This issue affects Atarim: from n/a through <= 4.2.
CVE-2025-62044	2 Codexthemes, Wordpress	2 Thegem, Wordpress	2025-11-07	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodexThemes TheGem Theme Elements (for WPBakery) thegem-elements.This issue affects TheGem Theme Elements (for WPBakery): from n/a through <= 5.10.5.1.
CVE-2025-62036	1 Wordpress	1 Wordpress	2025-11-07	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4.
CVE-2025-58998	2 S2member, Wordpress	2 S2member, Wordpress	2025-11-07	N/A
Deserialization of Untrusted Data vulnerability in Cristián Lávaque s2Member s2member allows Object Injection.This issue affects s2Member: from n/a through <= 250701.
CVE-2025-60194	2 Premmerce, Wordpress	2 Product Search For Woocommerce, Wordpress	2025-11-07	7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Premmerce Premmerce Product Search for WooCommerce premmerce-search allows PHP Local File Inclusion.This issue affects Premmerce Product Search for WooCommerce: from n/a through <= 2.2.4.
CVE-2025-62046	2 Codexthemes, Wordpress	2 Thegem, Wordpress	2025-11-07	6.5 Medium
Missing Authorization vulnerability in CodexThemes TheGem Demo Import (for WPBakery) thegem-importer.This issue affects TheGem Demo Import (for WPBakery): from n/a through <= 5.10.5.
CVE-2025-62035	1 Wordpress	1 Wordpress	2025-11-07	8.8 High
Deserialization of Untrusted Data vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4.
CVE-2025-62057	2 Favethemes, Wordpress	2 Houzez, Wordpress	2025-11-07	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in favethemes Houzez Theme - Functionality houzez-theme-functionality.This issue affects Houzez Theme - Functionality: from n/a through < 4.2.0.
CVE-2025-60073	1 Wordpress	1 Wordpress	2025-11-07	N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Processby Responsive Sidebar responsive-sidebar allows PHP Local File Inclusion.This issue affects Responsive Sidebar: from n/a through <= 1.2.2.
CVE-2025-60204	3 Josh Kohlbach, Woocommerce, Wordpress	3 Woocommerce Store Toolkit, Woocommerce, Wordpress	2025-11-07	7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Josh Kohlbach WooCommerce Store Toolkit woocommerce-store-toolkit allows PHP Local File Inclusion.This issue affects WooCommerce Store Toolkit: from n/a through <= 2.4.3.
CVE-2025-60242	1 Wordpress	1 Wordpress	2025-11-07	N/A
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Anatoly Download Counter download-counter allows Path Traversal.This issue affects Download Counter: from n/a through <= 1.4.
CVE-2025-62039	2 Ays-pro, Wordpress	2 Ai Chatbot With Chatgpt, Wordpress	2025-11-07	7.5 High
Insertion of Sensitive Information Into Sent Data vulnerability in Ays Pro AI ChatBot with ChatGPT and Content Generator by AYS ays-chatgpt-assistant allows Retrieve Embedded Sensitive Data.This issue affects AI ChatBot with ChatGPT and Content Generator by AYS: from n/a through <= 2.6.6.
CVE-2025-62033	1 Wordpress	1 Wordpress	2025-11-07	6.5 Medium
Missing Authorization vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4.

« first previous Page 3 of 348. next last »