Filtered by vendor Wordpress
Subscriptions
Total
7792 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-64257 | 1 Wordpress | 1 Wordpress | 2025-12-10 | 4.3 Medium |
| Missing Authorization vulnerability in Joe Dolson My Tickets my-tickets allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects My Tickets: from n/a through <= 2.1.0. | ||||
| CVE-2025-63006 | 2 Metagauss, Wordpress | 2 Eventprime, Wordpress | 2025-12-10 | 4.3 Medium |
| Missing Authorization vulnerability in Metagauss EventPrime eventprime-event-calendar-management allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EventPrime: from n/a through <= 4.2.4.1. | ||||
| CVE-2025-63003 | 1 Wordpress | 1 Wordpress | 2025-12-10 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in fuelthemes North - Required Plugin north-plugin allows PHP Local File Inclusion.This issue affects North - Required Plugin: from n/a through <= 1.4.2. | ||||
| CVE-2025-62999 | 1 Wordpress | 1 Wordpress | 2025-12-10 | 5.4 Medium |
| Missing Authorization vulnerability in themezaa Litho Addons litho-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Litho Addons: from n/a through <= 3.4. | ||||
| CVE-2025-62997 | 2 Levelfourdevelopment, Wordpress | 2 Wp-easycart, Wordpress | 2025-12-10 | 5.3 Medium |
| Insertion of Sensitive Information Into Sent Data vulnerability in levelfourdevelopment WP EasyCart wp-easycart allows Retrieve Embedded Sensitive Data.This issue affects WP EasyCart: from n/a through <= 5.8.11. | ||||
| CVE-2025-62996 | 1 Wordpress | 1 Wordpress | 2025-12-10 | 4.3 Medium |
| Missing Authorization vulnerability in Code Amp Custom Layouts – Post + Product grids made easy custom-layouts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Custom Layouts – Post + Product grids made easy: from n/a through <= 1.4.12. | ||||
| CVE-2025-62995 | 2 Multiparcels, Wordpress | 2 Multiparcels Shipping For Woocommerce, Wordpress | 2025-12-10 | 4.3 Medium |
| Missing Authorization vulnerability in multiparcels MultiParcels Shipping For WooCommerce multiparcels-shipping-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MultiParcels Shipping For WooCommerce: from n/a through <= 1.30.12. | ||||
| CVE-2025-62994 | 1 Wordpress | 1 Wordpress | 2025-12-10 | 4.3 Medium |
| Insertion of Sensitive Information Into Sent Data vulnerability in WP Messiah WP AI CoPilot ai-co-pilot-for-wp allows Retrieve Embedded Sensitive Data.This issue affects WP AI CoPilot: from n/a through <= 1.2.7. | ||||
| CVE-2025-62993 | 2 Rainafarai, Wordpress | 2 Notification For Telegram, Wordpress | 2025-12-10 | 4.3 Medium |
| Missing Authorization vulnerability in rainafarai Notification for Telegram notification-for-telegram allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Notification for Telegram: from n/a through <= 3.4.7. | ||||
| CVE-2025-62873 | 2 Flashyapp, Wordpress | 2 Wp Flashy Marketing Automation, Wordpress | 2025-12-10 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Flashyapp WP Flashy Marketing Automation wp-flashy-marketing-automation allows Cross Site Request Forgery.This issue affects WP Flashy Marketing Automation: from n/a through <= 2.0.8. | ||||
| CVE-2025-62872 | 1 Wordpress | 1 Wordpress | 2025-12-10 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in JK Social Photo Fetcher facebook-photo-fetcher allows Cross Site Request Forgery.This issue affects Social Photo Fetcher: from n/a through <= 3.0.4. | ||||
| CVE-2025-62871 | 1 Wordpress | 1 Wordpress | 2025-12-10 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Alex Prokopenko / JustCoded Just TinyMCE Custom Styles just-tinymce-styles allows Cross Site Request Forgery.This issue affects Just TinyMCE Custom Styles: from n/a through <= 1.2.1. | ||||
| CVE-2025-62870 | 3 Eupago, Woocommerce, Wordpress | 3 Eupago Gateway Woocommerce, Woocommerce, Wordpress | 2025-12-10 | 5.3 Medium |
| Missing Authorization vulnerability in Eupago Eupago Gateway For Woocommerce eupago-gateway-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eupago Gateway For Woocommerce: from n/a through <= 4.6.3. | ||||
| CVE-2025-62869 | 2 Gravitec.net, Wordpress | 2 Web Push Notifications, Wordpress | 2025-12-10 | 4.3 Medium |
| Missing Authorization vulnerability in Gravitec.net - Web Push Notifications Gravitec.net – Web Push Notifications gravitec-net-web-push-notifications allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gravitec.net – Web Push Notifications: from n/a through <= 2.9.17. | ||||
| CVE-2025-62867 | 1 Wordpress | 1 Wordpress | 2025-12-10 | 4.3 Medium |
| Missing Authorization vulnerability in ergonet Ergonet Cache ergonet-varnish-cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ergonet Cache: from n/a through <= 1.0.11. | ||||
| CVE-2025-62866 | 1 Wordpress | 1 Wordpress | 2025-12-10 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Valerio Monti Auto Alt Text auto-alt-text allows Cross Site Request Forgery.This issue affects Auto Alt Text: from n/a through <= 2.5.2. | ||||
| CVE-2025-62865 | 1 Wordpress | 1 Wordpress | 2025-12-10 | 5.3 Medium |
| Missing Authorization vulnerability in Evan Herman Post Cloner post-cloner allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Cloner: from n/a through <= 1.0.0. | ||||
| CVE-2025-62762 | 2 Photoboxone, Wordpress | 2 Smtp Mail, Wordpress | 2025-12-10 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in photoboxone SMTP Mail smtp-mail allows Cross Site Request Forgery.This issue affects SMTP Mail: from n/a through <= 1.3.47. | ||||
| CVE-2025-62740 | 2 Mario Peshev, Wordpress | 2 Wp-crm-system, Wordpress | 2025-12-10 | 5.3 Medium |
| Missing Authorization vulnerability in Mario Peshev WP-CRM System wp-crm-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-CRM System: from n/a through <= 3.4.5. | ||||
| CVE-2025-62738 | 1 Wordpress | 1 Wordpress | 2025-12-10 | 5.3 Medium |
| Missing Authorization vulnerability in mmattax Formstack Online Forms formstack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Formstack Online Forms: from n/a through <= 2.0.2. | ||||