Wordpress CVEs and Security Vulnerabilities

Filtered by vendor Wordpress Subscriptions

Filtered by product Wordpress Subscriptions

Search

Switch to Advanced Search (Beta)

Total 9718 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-25021	2 Mizan Themes, Wordpress	2 Mizan Demo Importer, Wordpress	2026-02-04	5.4 Medium
Missing Authorization vulnerability in Mizan Themes Mizan Demo Importer mizan-demo-importer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mizan Demo Importer: from n/a through <= 0.1.3.
CVE-2026-24965	3 Contest-gallery, Contest Gallery, Wordpress	3 Contest Gallery, Contest Gallery, Wordpress	2026-02-04	4.3 Medium
Missing Authorization vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contest Gallery: from n/a through <= 28.1.1.
CVE-2026-25023	1 Wordpress	1 Wordpress	2026-02-04	5.3 Medium
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in mdedev Run Contests, Raffles, and Giveaways with ContestsWP contest-code-checker allows Retrieve Embedded Sensitive Data.This issue affects Run Contests, Raffles, and Giveaways with ContestsWP: from n/a through <= 2.0.7.
CVE-2026-25012	1 Wordpress	1 Wordpress	2026-02-04	5.3 Medium
Missing Authorization vulnerability in gfazioli WP Bannerize Pro wp-bannerize-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Bannerize Pro: from n/a through <= 1.11.0.
CVE-2026-25014	2 Themelooks, Wordpress	2 Enter Addons, Wordpress	2026-02-04	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in themelooks Enter Addons enteraddons allows Cross Site Request Forgery.This issue affects Enter Addons: from n/a through <= 2.3.2.
CVE-2026-24984	1 Wordpress	1 Wordpress	2026-02-04	N/A
Missing Authorization vulnerability in Brecht Visual Link Preview visual-link-preview allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Visual Link Preview: from n/a through <= 2.2.9.
CVE-2026-24986	2 Wordpress, Wp.insider	2 Wordpress, Simple Membership Wp User Import	2026-02-04	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in wp.insider Simple Membership WP user Import simple-membership-wp-user-import allows Cross Site Request Forgery.This issue affects Simple Membership WP user Import: from n/a through <= 1.9.1.
CVE-2026-24985	1 Wordpress	1 Wordpress	2026-02-04	4.3 Medium
Missing Authorization vulnerability in approveme WP Forms Signature Contract Add-On wp-forms-signature-contract-add-on allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Forms Signature Contract Add-On: from n/a through <= 1.8.2.
CVE-2026-24995	1 Wordpress	1 Wordpress	2026-02-04	4.3 Medium
Missing Authorization vulnerability in Iulia Cazan Latest Post Shortcode latest-post-shortcode allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Latest Post Shortcode: from n/a through <= 14.2.0.
CVE-2026-24996	1 Wordpress	1 Wordpress	2026-02-04	4.3 Medium
Missing Authorization vulnerability in wpelemento WPElemento Importer wpelemento-importer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPElemento Importer: from n/a through <= 0.6.4.
CVE-2026-24967	1 Wordpress	1 Wordpress	2026-02-04	5.3 Medium
Missing Authorization vulnerability in ameliabooking Amelia ameliabooking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Amelia: from n/a through <= 1.2.38.
CVE-2026-25024	1 Wordpress	1 Wordpress	2026-02-04	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Blair Williams ThirstyAffiliates thirstyaffiliates allows Cross Site Request Forgery.This issue affects ThirstyAffiliates: from n/a through <= 3.11.9.
CVE-2026-24994	2 Sunshinephotocart, Wordpress	2 Sunshine Photo Cart, Wordpress	2026-02-04	5.3 Medium
Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sunshine Photo Cart: from n/a through <= 3.5.7.2.
CVE-2026-25020	2 Wordpress, Wp Connect	2 Wordpress, Wp Sync For Notion	2026-02-04	4.3 Medium
Missing Authorization vulnerability in WP connect WP Sync for Notion wp-sync-for-notion allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Sync for Notion: from n/a through <= 1.7.0.
CVE-2026-25016	1 Wordpress	1 Wordpress	2026-02-04	4.3 Medium
Missing Authorization vulnerability in Nelio Software Nelio Popups nelio-popups allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Nelio Popups: from n/a through <= 1.3.5.
CVE-2026-24966	1 Wordpress	1 Wordpress	2026-02-04	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Copyscape Copyscape Premium copyscape-premium allows Cross Site Request Forgery.This issue affects Copyscape Premium: from n/a through <= 1.4.1.
CVE-2026-24991	1 Wordpress	1 Wordpress	2026-02-04	5.3 Medium
Authorization Bypass Through User-Controlled Key vulnerability in HT Plugins Extensions For CF7 extensions-for-cf7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Extensions For CF7: from n/a through <= 3.4.0.
CVE-2026-25036	2 Wordpress, Wpchill	2 Wordpress, Passster	2026-02-04	N/A
Missing Authorization vulnerability in WP Chill Passster content-protector allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Passster: from n/a through <= 4.2.25.
CVE-2026-25019	2 Vito Peleg, Wordpress	2 Atarim, Wordpress	2026-02-04	5.3 Medium
Missing Authorization vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Atarim: from n/a through <= 4.3.1.
CVE-2026-24982	2 Brainstormforce, Wordpress	2 Spectra, Wordpress	2026-02-04	5.3 Medium
Missing Authorization vulnerability in Brainstorm Force Spectra ultimate-addons-for-gutenberg allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through <= 2.19.17.

« first previous Page 7 of 486. next last »