Filtered by vendor Wordpress
Subscriptions
Filtered by product Wordpress
Subscriptions
Total
11385 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-53326 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in CodeYatri Gutenify gutenify allows PHP Local File Inclusion.This issue affects Gutenify: from n/a through <= 1.5.4. | ||||
| CVE-2025-53325 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dilip kumar Beauty Contact Popup Form beauty-contact-popup-form allows Stored XSS.This issue affects Beauty Contact Popup Form: from n/a through <= 6.0. | ||||
| CVE-2025-53321 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Raise The Money Raise The Money raise-the-money allows DOM-Based XSS.This issue affects Raise The Money: from n/a through <= 5.2. | ||||
| CVE-2025-53319 | 2 Raptive, Wordpress | 2 Raptive Ads, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Raptive Raptive Ads adthrive-ads allows Reflected XSS.This issue affects Raptive Ads: from n/a through <= 3.8.0. | ||||
| CVE-2025-53318 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in WPManiax WP DB Booster wp-db-booster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP DB Booster: from n/a through <= 1.0.1. | ||||
| CVE-2025-53317 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in AcmeeDesign WPShapere - WordPress admin theme wpshapere-lite allows Stored XSS.This issue affects WPShapere - WordPress admin theme: from n/a through <= 1.4.1. | ||||
| CVE-2025-53315 | 2 Alanft, Wordpress | 2 Relocate-upload, Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in alanft Relocate Upload relocate-upload allows Stored XSS.This issue affects Relocate Upload: from n/a through <= 0.24.1. | ||||
| CVE-2025-53314 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in sh1zen WP Optimizer wp-optimizer allows SQL Injection.This issue affects WP Optimizer: from n/a through <= 2.5.0. | ||||
| CVE-2025-53313 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in plumwd Twitch TV Embed Suite twitch-tv-embed-suite allows Stored XSS.This issue affects Twitch TV Embed Suite: from n/a through <= 2.1.0. | ||||
| CVE-2025-53311 | 2 Amol Nirmala Waman, Wordpress | 2 Navayan Subscribe Plugin, Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Amol Nirmala Waman Navayan Subscribe navayan-subscribe allows Stored XSS.This issue affects Navayan Subscribe: from n/a through <= 1.13. | ||||
| CVE-2025-53310 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Funnnny HidePost hidepost allows Reflected XSS.This issue affects HidePost: from n/a through <= 2.3.8. | ||||
| CVE-2025-53308 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in gopi_plus Image Slider With Description image-slider-with-description allows Stored XSS.This issue affects Image Slider With Description: from n/a through <= 9.2. | ||||
| CVE-2025-53307 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Beaver Builder WordPress Assistant assistant allows Reflected XSS.This issue affects WordPress Assistant: from n/a through <= 1.5.2. | ||||
| CVE-2025-53304 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Rohil Contact Form – 7 : Hide Success Message contact-form-7-hide-success-message allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Contact Form – 7 : Hide Success Message: from n/a through <= 1.1.4. | ||||
| CVE-2025-53303 | 2 Thememove, Wordpress | 2 Core, Wordpress | 2026-04-01 | N/A |
| Deserialization of Untrusted Data vulnerability in ThemeMove ThemeMove Core thememove-core allows Object Injection.This issue affects ThemeMove Core: from n/a through <= 1.4.2. | ||||
| CVE-2025-53301 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Theme Junkie Theme Junkie Team Content theme-junkie-team-content allows DOM-Based XSS.This issue affects Theme Junkie Team Content: from n/a through <= 0.1.1. | ||||
| CVE-2025-53300 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in douglaskarr Podcast Feed Player Widget and Shortcode podcast-feed-player-widget allows Stored XSS.This issue affects Podcast Feed Player Widget and Shortcode: from n/a through <= 2.2.0. | ||||
| CVE-2025-53299 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Deserialization of Untrusted Data vulnerability in ThemeMakers ThemeMakers Visual Content Composer tmm_content_composer allows Object Injection.This issue affects ThemeMakers Visual Content Composer: from n/a through <= 1.5.8. | ||||
| CVE-2025-53298 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in gioni Plugin Inspector plugin-inspector allows Path Traversal.This issue affects Plugin Inspector: from n/a through <= 1.5. | ||||
| CVE-2025-53296 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ecoal95 EC Stars Rating ec-stars-rating allows Stored XSS.This issue affects EC Stars Rating: from n/a through <= 1.0.11. | ||||