Wordpress CVEs and Security Vulnerabilities

Filtered by vendor Wordpress Subscriptions

Filtered by product Wordpress Subscriptions

Total 5144 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-38758	1 Wordpress	1 Wordpress	2024-11-21	4.9 Medium
Server-Side Request Forgery (SSRF) vulnerability in WappPress Team WappPress.This issue affects WappPress: from n/a through 6.0.4.
CVE-2024-38757	2 Typebot, Wordpress	2 Typebot, Wordpress	2024-11-21	6.5 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Typebot allows Stored XSS.This issue affects Typebot: from n/a through 3.6.0.
CVE-2024-38725	1 Wordpress	1 Wordpress	2024-11-21	5.9 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Webstix Admin Dashboard RSS Feed allows Stored XSS.This issue affects Admin Dashboard RSS Feed: from n/a through 3.1.
CVE-2024-38703	1 Wordpress	1 Wordpress	2024-11-21	6.5 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Xylus Themes WP Event Aggregator allows Stored XSS.This issue affects WP Event Aggregator: from n/a through 1.7.9.
CVE-2024-38694	1 Wordpress	1 Wordpress	2024-11-21	7.1 High
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Moloni allows Reflected XSS.This issue affects Moloni: from n/a through 4.7.4.
CVE-2024-38683	2 Ithemelandco, Wordpress	2 Woocommerce Report, Wordpress	2024-11-21	7.1 High
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in iThemelandCo WooCommerce Report allows Reflected XSS.This issue affects WooCommerce Report: from n/a through 1.4.5.
CVE-2024-38672	1 Wordpress	1 Wordpress	2024-11-21	7.1 High
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in namithjawahar AdPush allows Reflected XSS.This issue affects AdPush: from n/a through 1.50.
CVE-2024-38671	1 Wordpress	1 Wordpress	2024-11-21	6.5 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Martin Gibson WP GoToWebinar allows Stored XSS.This issue affects WP GoToWebinar: from n/a through 15.7.
CVE-2024-37961	1 Wordpress	1 Wordpress	2024-11-21	7.1 High
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in codoc.Jp allows Stored XSS.This issue affects codoc: from n/a through 0.9.51.12.
CVE-2024-37950	1 Wordpress	1 Wordpress	2024-11-21	5.9 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CodexHelp Master Popups allows Stored XSS.This issue affects Master Popups: from n/a through 1.0.3.
CVE-2024-37919	1 Wordpress	1 Wordpress	2024-11-21	5.9 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Pratik Chaskar Timeline Module for Beaver Builder allows Stored XSS.This issue affects Timeline Module for Beaver Builder: from n/a through 1.1.3.
CVE-2024-37562	2 Bracketspace, Wordpress	2 Simple Post Notes, Wordpress	2024-11-21	5.9 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in BracketSpace Simple Post Notes allows Stored XSS.This issue affects Simple Post Notes: from n/a through 1.7.7.
CVE-2024-37561	1 Wordpress	1 Wordpress	2024-11-21	5.9 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jamie Bergen Plugin Notes Plus allows Stored XSS.This issue affects Plugin Notes Plus: from n/a through 1.2.6.
CVE-2024-35683	2 Teplitsa Of Social Technologies, Wordpress	2 Leyka, Wordpress	2024-11-21	5.3 Medium
Missing Authorization vulnerability in Teplitsa of social technologies Leyka.This issue affects Leyka: from n/a through 3.31.1.
CVE-2024-35671	2 Minoji, Wordpress	2 Mj Update History, Wordpress	2024-11-21	4.3 Medium
Missing Authorization vulnerability in Minoji MJ Update History.This issue affects MJ Update History: from n/a through 1.0.4.
CVE-2024-35663	1 Wordpress	1 Wordpress	2024-11-21	5.4 Medium
Missing Authorization vulnerability in HahnCreativeGroup WP Translate.This issue affects WP Translate: from n/a through 5.3.0.
CVE-2024-34815	2 Codection, Wordpress	2 Import And Export Users And Customers, Wordpress	2024-11-21	5.4 Medium
Missing Authorization vulnerability in Codection Import and export users and customers.This issue affects Import and export users and customers: from n/a through 1.26.5.
CVE-2024-34804	1 Wordpress	1 Wordpress	2024-11-21	5.4 Medium
Missing Authorization vulnerability in Tagembed.This issue affects Tagembed: from n/a through 5.8.
CVE-2024-34768	2 Fastly, Wordpress	2 Fastly, Wordpress	2024-11-21	5.3 Medium
Missing Authorization vulnerability in Fastly.This issue affects Fastly: from n/a through 1.2.25.
CVE-2024-34758	2 Wordpress, Wpmet	2 Wordpress, Wp Fundraising Donation And Crowdfunding Platform	2024-11-21	5.3 Medium
Missing Authorization vulnerability in Wpmet WP Fundraising Donation and Crowdfunding Platform.This issue affects WP Fundraising Donation and Crowdfunding Platform: from n/a through 1.6.4.

« first previous Page 238 of 258. next last »