Wordpress CVEs and Security Vulnerabilities

Filtered by vendor Wordpress Subscriptions

Filtered by product Wordpress Subscriptions

Search

Switch to Advanced Search (Beta)

Total 7117 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-54054	2 Aa Web Servant, Wordpress	2 12 Step Meeting List, Wordpress	2025-08-15	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AA Web Servant 12 Step Meeting List allows Stored XSS. This issue affects 12 Step Meeting List: from n/a through 3.18.3.
CVE-2025-53341	2 Themovation, Wordpress	2 Stratus, Wordpress	2025-08-15	4.3 Medium
Missing Authorization vulnerability in Themovation Stratus allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Stratus: from n/a through 4.2.5.
CVE-2025-53342	2 Goodlayers, Wordpress	2 Modernize, Wordpress	2025-08-15	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GoodLayers Modernize allows Stored XSS. This issue affects Modernize: from n/a through 3.4.0.
CVE-2025-53581	2 Artiosmedia, Wordpress	2 Rss Feed Pro, Wordpress	2025-08-15	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in artiosmedia RSS Feed Pro allows Stored XSS. This issue affects RSS Feed Pro: from n/a through 1.1.8.
CVE-2025-53582	2 Wordlift, Wordpress	2 Wordlift, Wordpress	2025-08-15	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WordLift WordLift allows Stored XSS. This issue affects WordLift: from n/a through 3.54.5.
CVE-2025-53221	2 Codeablepress, Wordpress	2 Codeablepress, Wordpress	2025-08-15	4.3 Medium
Missing Authorization vulnerability in codeablepress CodeablePress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CodeablePress: from n/a through 1.0.0.
CVE-2025-53330	2 Wordpress, Wpestate	2 Wordpress, Wp Rentals	2025-08-15	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WpEstate WP Rentals allows Stored XSS. This issue affects WP Rentals: from n/a through 3.13.1.
CVE-2025-53249	2 Hakeemnala, Wordpress	2 Build App Online, Wordpress	2025-08-15	6.5 Medium
Cross-Site Request Forgery (CSRF) vulnerability in hakeemnala Build App Online allows Cross Site Request Forgery. This issue affects Build App Online: from n/a through 1.0.23.
CVE-2025-54708	2 Bplugins, Wordpress	2 B Blocks, Wordpress	2025-08-15	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins B Blocks allows DOM-Based XSS. This issue affects B Blocks: from n/a through 2.0.5.
CVE-2025-54732	2 Shahjada, Wordpress	2 Wpdm Premium Packages, Wordpress	2025-08-15	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Shahjada WPDM – Premium Packages allows Cross Site Request Forgery. This issue affects WPDM – Premium Packages: from n/a through 6.0.2.
CVE-2025-54717	2 E-plugins, Wordpress	2 Wp Membership, Wordpress	2025-08-15	5.4 Medium
Missing Authorization vulnerability in e-plugins WP Membership allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Membership: from n/a through 1.6.3.
CVE-2025-55714	2 Crocoblock, Wordpress	2 Jetelements For Elementor, Wordpress	2025-08-15	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetElements For Elementor allows Stored XSS. This issue affects JetElements For Elementor: from n/a through 2.7.9.
CVE-2025-52765	2 Lisensee, Wordpress	2 Netinsight Analytics Implementation Plugin, Wordpress	2025-08-15	7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in lisensee NetInsight Analytics Implementation Plugin allows Stored XSS. This issue affects NetInsight Analytics Implementation Plugin: from n/a through 1.0.3.
CVE-2025-54740	2 Michael Nelson, Wordpress	2 Print My Blog, Wordpress	2025-08-15	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michael Nelson Print My Blog allows Stored XSS. This issue affects Print My Blog: from n/a through 3.27.9.
CVE-2025-52771	2 Bcupham, Wordpress	2 Video Expander, Wordpress	2025-08-15	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bcupham Video Expander allows Stored XSS. This issue affects Video Expander: from n/a through 1.0.
CVE-2025-55716	2 Veronalabs, Wordpress	2 Wp Statistics, Wordpress	2025-08-15	4.3 Medium
Missing Authorization vulnerability in VeronaLabs WP Statistics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Statistics: from n/a through 14.15.
CVE-2025-54746	2 Cartpauj, Wordpress	2 Shortcode-redirect, Wordpress	2025-08-15	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cartpauj Shortcode Redirect allows Stored XSS. This issue affects Shortcode Redirect: from n/a through 1.0.02.
CVE-2025-54747	2 Wordpress, Wpbakery	2 Wordpress, Templatera	2025-08-15	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpbakery Templatera allows DOM-Based XSS. This issue affects Templatera: from n/a through 2.3.0.
CVE-2025-54749	2 Crocoblock, Wordpress	2 Jetproductgallery, Wordpress	2025-08-15	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetProductGallery allows Stored XSS. This issue affects JetProductGallery: from n/a through 2.2.0.2.
CVE-2025-52797	2 Josepsitjar, Wordpress	2 Storymap, Wordpress	2025-08-15	8.2 High
Cross-Site Request Forgery (CSRF) vulnerability in josepsitjar StoryMap allows SQL Injection. This issue affects StoryMap: from n/a through 2.1.

« first previous Page 113 of 356. next last »