Filtered by vendor Wordpress
Subscriptions
Total
9452 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-69187 | 2 E-plugins, Wordpress | 2 Final User, Wordpress | 2026-01-23 | N/A |
| Missing Authorization vulnerability in e-plugins Final User final-user allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Final User: from n/a through <= 1.2.5. | ||||
| CVE-2026-22396 | 2 Mikado-themes, Wordpress | 2 Fiorello, Wordpress | 2026-01-23 | N/A |
| Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Fiorello fiorello allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fiorello: from n/a through <= 1.0. | ||||
| CVE-2026-22461 | 2 Webappick, Wordpress | 2 Ctx Feed, Wordpress | 2026-01-23 | N/A |
| Missing Authorization vulnerability in WebAppick CTX Feed webappick-product-feed-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CTX Feed: from n/a through <= 6.6.18. | ||||
| CVE-2026-22347 | 1 Wordpress | 1 Wordpress | 2026-01-23 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in subhansanjaya Carousel Horizontal Posts Content Slider carousel-horizontal-posts-content-slider allows DOM-Based XSS.This issue affects Carousel Horizontal Posts Content Slider: from n/a through <= 3.3.2. | ||||
| CVE-2026-22348 | 1 Wordpress | 1 Wordpress | 2026-01-23 | N/A |
| Missing Authorization vulnerability in Tasos Fel Civic Cookie Control civic-cookie-control-8 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Civic Cookie Control: from n/a through <= 1.53. | ||||
| CVE-2025-69313 | 2 Wordpress, Wpxpo | 2 Wordpress, Postx | 2026-01-23 | N/A |
| Missing Authorization vulnerability in WPXPO PostX ultimate-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PostX: from n/a through <= 5.0.3. | ||||
| CVE-2026-22382 | 2 Mikado-themes, Wordpress | 2 Pawfriends - Pet Shop And Veterinary Wordpress Theme, Wordpress | 2026-01-23 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Mikado-Themes PawFriends - Pet Shop and Veterinary WordPress Theme pawfriends allows Cross Site Request Forgery.This issue affects PawFriends - Pet Shop and Veterinary WordPress Theme: from n/a through <= 1.3. | ||||
| CVE-2025-69312 | 2 Wordpress, Xpro | 2 Wordpress, Xpro Elementor Addons | 2026-01-23 | N/A |
| Unrestricted Upload of File with Dangerous Type vulnerability in Xpro Xpro Elementor Addons xpro-elementor-addons allows Upload a Web Shell to a Web Server.This issue affects Xpro Elementor Addons: from n/a through <= 1.4.19.1. | ||||
| CVE-2026-22404 | 2 Mikado-themes, Wordpress | 2 Innovio, Wordpress | 2026-01-23 | N/A |
| Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Innovio innovio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Innovio: from n/a through <= 1.7. | ||||
| CVE-2026-22458 | 2 Mikado-themes, Wordpress | 2 Wanderland, Wordpress | 2026-01-23 | N/A |
| Missing Authorization vulnerability in Mikado-Themes Wanderland wanderland allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wanderland: from n/a through <= 1.5. | ||||
| CVE-2025-69293 | 2 E-plugins, Wordpress | 2 Final User, Wordpress | 2026-01-23 | N/A |
| Incorrect Privilege Assignment vulnerability in e-plugins Final User final-user allows Privilege Escalation.This issue affects Final User: from n/a through <= 1.2.5. | ||||
| CVE-2025-69192 | 2 E-plugins, Wordpress | 2 Real Estate Pro, Wordpress | 2026-01-23 | N/A |
| Missing Authorization vulnerability in e-plugins Real Estate Pro real-estate-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Real Estate Pro: from n/a through <= 2.1.5. | ||||
| CVE-2026-22450 | 1 Wordpress | 1 Wordpress | 2026-01-23 | N/A |
| Missing Authorization vulnerability in Select-Themes Don Peppe donpeppe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Don Peppe: from n/a through <= 1.3. | ||||
| CVE-2025-69311 | 1 Wordpress | 1 Wordpress | 2026-01-23 | N/A |
| Missing Authorization vulnerability in Broadstreet Broadstreet Ads broadstreet allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Broadstreet Ads: from n/a through <= 1.52.1. | ||||
| CVE-2026-22472 | 1 Wordpress | 1 Wordpress | 2026-01-23 | N/A |
| Missing Authorization vulnerability in hassantafreshi Easy Form Builder easy-form-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Form Builder: from n/a through <= 3.9.6. | ||||
| CVE-2026-22483 | 1 Wordpress | 1 Wordpress | 2026-01-23 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in winkm89 teachPress teachpress allows Cross Site Request Forgery.This issue affects teachPress: from n/a through <= 9.0.12. | ||||
| CVE-2026-22360 | 1 Wordpress | 1 Wordpress | 2026-01-23 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in AA-Team SearchAzon searchazon allows Cross Site Request Forgery.This issue affects SearchAzon: from n/a through <= 1.4. | ||||
| CVE-2025-69300 | 2 Leap13, Wordpress | 2 Premium Addons For Elementor, Wordpress | 2026-01-23 | N/A |
| Missing Authorization vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Premium Addons for Elementor: from n/a through <= 4.11.63. | ||||
| CVE-2026-22430 | 2 Mikado-themes, Wordpress | 2 Verdure, Wordpress | 2026-01-23 | N/A |
| Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Verdure verdure allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Verdure: from n/a through <= 1.6. | ||||
| CVE-2025-69190 | 1 Wordpress | 1 Wordpress | 2026-01-23 | N/A |
| Missing Authorization vulnerability in e-plugins Listihub listihub allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Listihub: from n/a through <= 1.0.6. | ||||