Filtered by vendor Wordpress
Subscriptions
Filtered by product Wordpress
Subscriptions
Total
5396 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-22315 | 2 Wordpress, Wpdeveloper | 2 Wordpress, Typing Text | 2025-07-12 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper Typing Text allows Stored XSS.This issue affects Typing Text: from n/a through 1.2.7. | ||||
| CVE-2025-22316 | 2 Wordpress, Wpbits | 2 Wordpress, Wpbits Addons For Elementor Page Builder | 2025-07-12 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPBits WPBITS Addons For Elementor Page Builder allows Stored XSS.This issue affects WPBITS Addons For Elementor Page Builder: from n/a through 1.5.1. | ||||
| CVE-2025-22333 | 2 Piotnet, Wordpress | 2 Piotnet Addons For Elementor, Wordpress | 2025-07-12 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Piotnet Piotnet Addons For Elementor allows Stored XSS.This issue affects Piotnet Addons For Elementor: from n/a through 2.4.31. | ||||
| CVE-2025-22350 | 2 Wordpress, Wpindeed | 2 Wordpress, Ultimate Learning Pro | 2025-07-12 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WpIndeed Ultimate Learning Pro allows SQL Injection.This issue affects Ultimate Learning Pro: from n/a through 3.9. | ||||
| CVE-2025-22591 | 2 Lenderd, Wordpress | 2 1003 Mortgage Application, Wordpress | 2025-07-12 | 4.3 Medium |
| Missing Authorization vulnerability in Lenderd 1003 Mortgage Application allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 1003 Mortgage Application: from n/a through 1.87. | ||||
| CVE-2025-22687 | 2 Asmedia, Wordpress | 2 Tuaug4, Wordpress | 2025-07-12 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Asmedia Tuaug4 allows Reflected XSS.This issue affects Tuaug4: from n/a through 1.4. | ||||
| CVE-2025-22739 | 2 Thimpress, Wordpress | 2 Learnpress, Wordpress | 2025-07-12 | 5.3 Medium |
| Missing Authorization vulnerability in ThimPress LearnPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LearnPress: from n/a through 4.2.7.5. | ||||
| CVE-2025-22773 | 2 Wordpress, Wpchill | 2 Wordpress, Htaccess File Editor | 2025-07-12 | 5.3 Medium |
| Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in WPChill Htaccess File Editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Htaccess File Editor: from n/a through 1.0.19. | ||||
| CVE-2025-22786 | 2 Elementinvader, Wordpress | 2 Elementinvader Addons For Elementor, Wordpress | 2025-07-12 | 7.5 High |
| Path Traversal vulnerability in ElementInvader ElementInvader Addons for Elementor allows PHP Local File Inclusion.This issue affects ElementInvader Addons for Elementor: from n/a through 1.2.6. | ||||
| CVE-2025-22796 | 2 Platcom, Wordpress | 2 Wp-asambleas, Wordpress | 2025-07-12 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in platcom WP-Asambleas allows Reflected XSS. This issue affects WP-Asambleas: from n/a through 2.85.0. | ||||
| CVE-2025-22801 | 2 Hasthemes, Wordpress | 2 Free Woocommerce Theme 99fy Extension, Wordpress | 2025-07-12 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes Free WooCommerce Theme 99fy Extension allows Stored XSS.This issue affects Free WooCommerce Theme 99fy Extension: from n/a through 1.2.8. | ||||
| CVE-2025-23453 | 2 Myriad Solutionz, Wordpress | 2 Stars Smtp Mailer, Wordpress | 2025-07-12 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Myriad Solutionz Stars SMTP Mailer allows Reflected XSS.This issue affects Stars SMTP Mailer: from n/a through 1.7. | ||||
| CVE-2025-23477 | 2 Realty Workstation, Wordpress | 2 Realty Workstation, Wordpress | 2025-07-12 | 8.2 High |
| Missing Authorization vulnerability in Realty Workstation Realty Workstation allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Realty Workstation: from n/a through 1.0.45. | ||||
| CVE-2025-23507 | 2 Blrt, Wordpress | 2 Blrt Wp Embed, Wordpress | 2025-07-12 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Blrt Blrt WP Embed allows Reflected XSS. This issue affects Blrt WP Embed: from n/a through 1.6.9. | ||||
| CVE-2025-23629 | 2 Subhasis Laha, Wordpress | 2 Gallerio, Wordpress | 2025-07-12 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Subhasis Laha Gallerio allows Reflected XSS. This issue affects Gallerio: from n/a through 1.0.1. | ||||
| CVE-2025-23765 | 2 W3speedster, Wordpress | 2 W3speedster, Wordpress | 2025-07-12 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in W3speedster W3SPEEDSTER allows Cross Site Request Forgery.This issue affects W3SPEEDSTER: from n/a through 7.33. | ||||
| CVE-2025-23987 | 2 Codegearthemes, Wordpress | 2 Designer, Wordpress | 2025-07-12 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodegearThemes Designer allows DOM-Based XSS. This issue affects Designer: from n/a through 1.6.0. | ||||
| CVE-2025-24588 | 2 Patreon, Wordpress | 2 Patreon Wordpress, Wordpress | 2025-07-12 | 6.5 Medium |
| Missing Authorization vulnerability in Patreon Patreon WordPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Patreon WordPress: from n/a through 1.9.1. | ||||
| CVE-2025-24599 | 2 Tribulant, Wordpress | 2 Newsletters, Wordpress | 2025-07-12 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tribulant Newsletters allows Reflected XSS. This issue affects Newsletters: from n/a through 4.9.9.6. | ||||
| CVE-2025-24615 | 2 Fatcatapps, Wordpress | 2 Analytics Cat, Wordpress | 2025-07-12 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fatcatapps Analytics Cat allows Reflected XSS. This issue affects Analytics Cat: from n/a through 1.1.2. | ||||