Wordpress CVEs and Security Vulnerabilities

Filtered by vendor Automattic Subscriptions

Filtered by product Wordpress Subscriptions

Switch to Advanced Search (Beta)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-58674	2 Automattic, Wordpress	2 Wordpress, Wordpress	2026-04-23	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WordPress WordPress wordpress allows Stored XSS.This issue affects WordPress: from n/a through <= 6.8.2.
CVE-2025-58246	2 Automattic, Wordpress	2 Wordpress, Wordpress	2026-04-23	4.3 Medium
Insertion of Sensitive Information Into Sent Data vulnerability in WordPress WordPress wordpress allows Retrieve Embedded Sensitive Data.This issue affects WordPress: from n/a through <= 6.8.2.

Page 1 of 1.