Wordpress CVEs and Security Vulnerabilities

Filtered by vendor Wordpress Subscriptions

Total 5198 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-32532	2 Siteground, Wordpress	2 Speed Optimizer, Wordpress	2024-11-21	5.3 Medium
Missing Authorization vulnerability in SiteGround Speed Optimizer.This issue affects Speed Optimizer: from n/a through 7.4.6.
CVE-2024-32531	1 Wordpress	1 Wordpress	2024-11-21	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Everest themes GuCherry Blog allows Reflected XSS.This issue affects GuCherry Blog: from n/a through 1.1.8.
CVE-2024-32530	2 Presstigers, Wordpress	2 Simple Testimonials Showcase, Wordpress	2024-11-21	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PressTigers Simple Testimonials Showcase allows Stored XSS.This issue affects Simple Testimonials Showcase: from n/a through 1.1.5.
CVE-2024-32529	1 Wordpress	1 Wordpress	2024-11-21	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Momoyoga Yoga Schedule Momoyoga allows Stored XSS.This issue affects Yoga Schedule Momoyoga: from n/a through 2.7.0.
CVE-2024-32528	2 Seerox, Wordpress	2 Wp Dynamic Keywords Injector, Wordpress	2024-11-21	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Seerox WP Dynamic Keywords Injector allows Reflected XSS.This issue affects WP Dynamic Keywords Injector: from n/a through 2.3.18.
CVE-2024-32527	1 Wordpress	1 Wordpress	2024-11-21	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jotform Jotform Online Forms allows Stored XSS.This issue affects Jotform Online Forms: from n/a through 1.3.1.
CVE-2024-32526	1 Wordpress	1 Wordpress	2024-11-21	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Flector Easy Textillate allows Stored XSS.This issue affects Easy Textillate: from n/a through 2.02.
CVE-2024-32525	1 Wordpress	1 Wordpress	2024-11-21	4.3 Medium
Missing Authorization vulnerability in Theme My Login.This issue affects Theme My Login: from n/a through 7.1.6.
CVE-2024-32518	1 Wordpress	1 Wordpress	2024-11-21	5.3 Medium
Missing Authorization vulnerability in Pepro Dev. Group PeproDev Ultimate Invoice.This issue affects PeproDev Ultimate Invoice: from n/a through 2.0.0.
CVE-2024-32516	2 Palscode, Wordpress	2 Multi Currency For Woocommerce, Wordpress	2024-11-21	4.3 Medium
Missing Authorization vulnerability in Palscode Multi Currency For WooCommerce.This issue affects Multi Currency For WooCommerce: from n/a through 1.5.5.
CVE-2024-32510	1 Wordpress	1 Wordpress	2024-11-21	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Loopus WP Cost Estimation & Payment Forms Builder allows Reflected XSS.This issue affects WP Cost Estimation & Payment Forms Builder: from n/a through 10.1.75.
CVE-2024-32509	1 Wordpress	1 Wordpress	2024-11-21	6.5 Medium
Missing Authorization vulnerability in Loopus WP Cost Estimation & Payment Forms Builder.This issue affects WP Cost Estimation & Payment Forms Builder: from n/a through 10.1.76.
CVE-2024-32506	2 Softlab, Wordpress	2 Radio Player, Wordpress	2024-11-21	5.4 Medium
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SoftLab Radio Player.This issue affects Radio Player: from n/a through 2.0.73.
CVE-2024-32451	2 Wordpress, Wpwax	2 Wordpress, Legal Pages	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in wpWax Legal Pages.This issue affects Legal Pages: from n/a through 1.4.2.
CVE-2024-32437	2 Implecode, Wordpress	2 Ecommerce Product Catalog, Wordpress	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in impleCode eCommerce Product Catalog.This issue affects eCommerce Product Catalog: from n/a through 3.3.28.
CVE-2024-32436	2 Codemenschen, Wordpress	2 Gift Vouchers, Wordpress	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Codemenschen Gift Vouchers.This issue affects Gift Vouchers: from n/a through 4.4.0.
CVE-2024-32435	1 Wordpress	1 Wordpress	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Affieasy Team AffiEasy.This issue affects AffiEasy: from n/a through 1.1.4.
CVE-2024-32433	1 Wordpress	1 Wordpress	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Themefic BEAF.This issue affects BEAF: from n/a through 4.5.4.
CVE-2024-32432	1 Wordpress	1 Wordpress	2024-11-21	4.3 Medium
Missing Authorization vulnerability in Ovic Team Ovic Addon Toolkit.This issue affects Ovic Addon Toolkit: from n/a through 2.6.1.
CVE-2024-32149	2 Blueglass, Wordpress	2 Jobs For Wordpress, Wordpress	2024-11-21	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BlueGlass Jobs for WordPress allows Reflected XSS.This issue affects Jobs for WordPress: from n/a through 2.7.5.

« first previous Page 245 of 260. next last »