Filtered by vendor Wordpress Subscriptions

Search

Switch to Advanced Search (Beta)
Total 8371 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-57950 1 Wordpress 1 Wordpress 2025-09-24 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Glen Scott Plugin Security Scanner allows Stored XSS. This issue affects Plugin Security Scanner: from n/a through 2.0.2.
CVE-2025-57944 2 Skimlinks, Wordpress 2 Affiliate Marketing Tool, Wordpress 2025-09-24 5.3 Medium
Missing Authorization vulnerability in Skimlinks Skimlinks Affiliate Marketing Tool allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Skimlinks Affiliate Marketing Tool: from n/a through 1.3.
CVE-2025-57943 2 Skimlinks, Wordpress 2 Affiliate Marketing Tool, Wordpress 2025-09-24 4.4 Medium
Server-Side Request Forgery (SSRF) vulnerability in Skimlinks Skimlinks Affiliate Marketing Tool allows Server Side Request Forgery. This issue affects Skimlinks Affiliate Marketing Tool: from n/a through 1.3.
CVE-2025-57941 1 Wordpress 1 Wordpress 2025-09-24 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JonathanMH Append Link on Copy allows Stored XSS. This issue affects Append Link on Copy: from n/a through 0.2.
CVE-2025-57940 1 Wordpress 1 Wordpress 2025-09-24 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Suresh Kumar Mukhiya Append extensions on Pages allows Stored XSS. This issue affects Append extensions on Pages: from n/a through 1.1.2.
CVE-2025-57929 1 Wordpress 1 Wordpress 2025-09-24 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kanwei_doublethedonation Double the Donation allows Stored XSS. This issue affects Double the Donation: from n/a through 2.0.0.
CVE-2025-57928 2 Strategy11, Wordpress 2 Awp Classifieds, Wordpress 2025-09-24 5.3 Medium
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Strategy11 Team AWP Classifieds allows Code Injection. This issue affects AWP Classifieds: from n/a through 4.3.5.
CVE-2025-57927 2 Stephanie Leary, Wordpress 2 Dashboard Notepad, Wordpress 2025-09-24 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Stephanie Leary Dashboard Notepad allows Cross Site Request Forgery. This issue affects Dashboard Notepad: from n/a through 1.42.
CVE-2025-57926 2 Wordpress, Wpchill 2 Wordpress, Passster 2025-09-24 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Chill Passster allows Stored XSS. This issue affects Passster: from n/a through 4.2.18.
CVE-2025-57925 1 Wordpress 1 Wordpress 2025-09-24 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in immonex immonex Kickstart Team allows PHP Local File Inclusion. This issue affects immonex Kickstart Team: from n/a through 1.6.9.
CVE-2025-57924 1 Wordpress 1 Wordpress 2025-09-24 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Automattic Developer allows Cross Site Request Forgery. This issue affects Developer: from n/a through 1.2.6.
CVE-2025-59583 1 Wordpress 1 Wordpress 2025-09-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PenciDesign Penci Filter Everything allows DOM-Based XSS. This issue affects Penci Filter Everything: from n/a through n/a.
CVE-2025-59582 1 Wordpress 1 Wordpress 2025-09-23 5.3 Medium
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Darren Cooney Ajax Load More allows Retrieve Embedded Sensitive Data. This issue affects Ajax Load More: from n/a through 7.6.0.2.
CVE-2025-58956 1 Wordpress 1 Wordpress 2025-09-23 7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in loopus WP Attractive Donations System allows Stored XSS. This issue affects WP Attractive Donations System: from n/a through n/a.
CVE-2025-57902 1 Wordpress 1 Wordpress 2025-09-23 6.5 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Md Taufiqur Rahman RIS Version Switcher – Downgrade or Upgrade WP Versions Easily allows Cross Site Request Forgery. This issue affects RIS Version Switcher – Downgrade or Upgrade WP Versions Easily: from n/a through 1.0.
CVE-2025-53463 3 Ht Plugins, Wordpress, Wpbakery 4 Absolute Addons For Wpbakery Page Builder, Wordpress, Page Builder and 1 more 2025-09-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HT Plugins HT Mega – Absolute Addons for WPBakery Page Builder allows DOM-Based XSS. This issue affects HT Mega – Absolute Addons for WPBakery Page Builder: from n/a through 1.0.9.
CVE-2025-53462 1 Wordpress 1 Wordpress 2025-09-23 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SAPO SAPO Feed allows Stored XSS. This issue affects SAPO Feed: from n/a through 2.4.2.
CVE-2025-53461 1 Wordpress 1 Wordpress 2025-09-23 4.4 Medium
Server-Side Request Forgery (SSRF) vulnerability in Binsaifullah Beaf allows Server Side Request Forgery. This issue affects Beaf: from n/a through 1.6.2.
CVE-2025-57917 3 Printcart, Woocommerce, Wordpress 3 Web To Print Product Designer, Woocommerce, Wordpress 2025-09-23 4.3 Medium
Missing Authorization vulnerability in printcart Printcart Web to Print Product Designer for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Printcart Web to Print Product Designer for WooCommerce: from n/a through 2.4.3.
CVE-2025-57916 1 Wordpress 1 Wordpress 2025-09-23 4.3 Medium
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Nurul Amin WP System Information allows Retrieve Embedded Sensitive Data. This issue affects WP System Information: from n/a through 1.5.