Wordpress CVEs and Security Vulnerabilities

Filtered by vendor Wordpress Subscriptions

Total 5213 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-35746	2 Buddypress Cover Project, Wordpress	2 Buddypress Cover, Buddypress Cover	2024-11-21	10 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in Asghar Hatampoor BuddyPress Cover allows Code Injection.This issue affects BuddyPress Cover: from n/a through 2.1.4.2.
CVE-2024-35683	2 Teplitsa Of Social Technologies, Wordpress	2 Leyka, Wordpress	2024-11-21	5.3 Medium
Missing Authorization vulnerability in Teplitsa of social technologies Leyka.This issue affects Leyka: from n/a through 3.31.1.
CVE-2024-35671	2 Minoji, Wordpress	2 Mj Update History, Wordpress	2024-11-21	4.3 Medium
Missing Authorization vulnerability in Minoji MJ Update History.This issue affects MJ Update History: from n/a through 1.0.4.
CVE-2024-35663	1 Wordpress	1 Wordpress	2024-11-21	5.4 Medium
Missing Authorization vulnerability in HahnCreativeGroup WP Translate.This issue affects WP Translate: from n/a through 5.3.0.
CVE-2024-34815	2 Codection, Wordpress	2 Import And Export Users And Customers, Wordpress	2024-11-21	5.4 Medium
Missing Authorization vulnerability in Codection Import and export users and customers.This issue affects Import and export users and customers: from n/a through 1.26.5.
CVE-2024-34804	1 Wordpress	1 Wordpress	2024-11-21	5.4 Medium
Missing Authorization vulnerability in Tagembed.This issue affects Tagembed: from n/a through 5.8.
CVE-2024-34768	2 Fastly, Wordpress	2 Fastly, Wordpress	2024-11-21	5.3 Medium
Missing Authorization vulnerability in Fastly.This issue affects Fastly: from n/a through 1.2.25.
CVE-2024-34758	2 Wordpress, Wpmet	2 Wordpress, Wp Fundraising Donation And Crowdfunding Platform	2024-11-21	5.3 Medium
Missing Authorization vulnerability in Wpmet WP Fundraising Donation and Crowdfunding Platform.This issue affects WP Fundraising Donation and Crowdfunding Platform: from n/a through 1.6.4.
CVE-2024-34568	2 Themeqx, Wordpress	2 Letterpress, Wordpress	2024-11-21	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeqx LetterPress allows Stored XSS.This issue affects LetterPress: from n/a through 1.2.1.
CVE-2024-34442	1 Wordpress	1 Wordpress	2024-11-21	5.3 Medium
Missing Authorization vulnerability in weDevs weDocs.This issue affects weDocs: from n/a through 2.1.4.
CVE-2024-34416	1 Wordpress	1 Wordpress	2024-11-21	9.1 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in Pk Favicon Manager.This issue affects Pk Favicon Manager: from n/a through 2.1.
CVE-2024-34388	1 Wordpress	1 Wordpress	2024-11-21	7.5 High
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Scribit GDPR Compliance.This issue affects GDPR Compliance: from n/a through 1.2.5.
CVE-2024-34378	1 Wordpress	1 Wordpress	2024-11-21	8.6 High
Missing Authorization vulnerability in LeadConnector.This issue affects LeadConnector: from n/a through 1.7.
CVE-2024-33956	2 Themelocation, Wordpress	2 Custom Woocommerce Checkout Fields Editor, Wordpress	2024-11-21	4.3 Medium
Missing Authorization vulnerability in ThemeLocation Custom WooCommerce Checkout Fields Editor.This issue affects Custom WooCommerce Checkout Fields Editor: from n/a through 1.3.0.
CVE-2024-33955	1 Wordpress	1 Wordpress	2024-11-21	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Theme Freesia Freesia Empire allows Stored XSS.This issue affects Freesia Empire: from n/a through 1.4.1.
CVE-2024-33953	1 Wordpress	1 Wordpress	2024-11-21	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matt van Andel Adventure Journal allows Stored XSS.This issue affects Adventure Journal: from n/a through 1.7.2.
CVE-2024-33952	1 Wordpress	1 Wordpress	2024-11-21	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Justin Tadlock Unique allows Stored XSS.This issue affects Unique: from n/a through 0.3.0.
CVE-2024-33951	1 Wordpress	1 Wordpress	2024-11-21	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Adam DeHaven Perfect Pullquotes allows Stored XSS.This issue affects Perfect Pullquotes: from n/a through 1.7.5.
CVE-2024-33950	1 Wordpress	1 Wordpress	2024-11-21	5.9 Medium
Administrator Cross Site Scripting (XSS) in Archives Calendar Widget <= 1.0.15 versions.
CVE-2024-33948	1 Wordpress	1 Wordpress	2024-11-21	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pixel Industry TweetScroll Widget allows Stored XSS.This issue affects TweetScroll Widget: from n/a through 1.3.7.

« first previous Page 241 of 261. next last »