Filtered by vendor Wordpress
Subscriptions
Filtered by product Wordpress
Subscriptions
Total
9090 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-62115 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 4.3 Medium |
| Missing Authorization vulnerability in ThemeBoy Hide Plugins allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hide Plugins: from n/a through 1.0.4. | ||||
| CVE-2025-62114 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 5.3 Medium |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Marcelo Torres Download Media Library allows Retrieve Embedded Sensitive Data.This issue affects Download Media Library: from n/a through 0.2.1. | ||||
| CVE-2025-62113 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in emendo_seb Co-marquage service-public.Fr allows Cross Site Request Forgery.This issue affects Co-marquage service-public.Fr: from n/a through 0.5.77. | ||||
| CVE-2025-62112 | 2 Merv Barrett, Wordpress | 2 Import Into Easy Property Listings, Wordpress | 2026-01-20 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Merv Barrett Import into Easy Property Listings allows Cross Site Request Forgery.This issue affects Import into Easy Property Listings: from n/a through 2.2.1. | ||||
| CVE-2025-62111 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webvitaly Extra Shortcodes allows Stored XSS.This issue affects Extra Shortcodes: from n/a through 2.2. | ||||
| CVE-2025-62109 | 2 Infinitumform, Wordpress | 2 Geo Controller, Wordpress | 2026-01-20 | 7.5 High |
| Insertion of Sensitive Information Into Sent Data vulnerability in INFINITUM FORM Geo Controller cf-geoplugin allows Retrieve Embedded Sensitive Data.This issue affects Geo Controller: from n/a through <= 8.9.4. | ||||
| CVE-2025-62108 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 5.4 Medium |
| Missing Authorization vulnerability in SaifuMak Add Custom Codes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Add Custom Codes: from n/a through 4.80. | ||||
| CVE-2025-62107 | 2 Pluginops, Wordpress | 2 Feather Login Page, Wordpress | 2026-01-20 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in PluginOps Feather Login Page allows Cross Site Request Forgery.This issue affects Feather Login Page: from n/a through 1.1.7. | ||||
| CVE-2025-62103 | 2 Wordpress, Wpmediadownload | 2 Wordpress, Media Library File Download | 2026-01-20 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in wpmediadownload Media Library File Download media-download allows Cross Site Request Forgery.This issue affects Media Library File Download: from n/a through <= 1.4. | ||||
| CVE-2025-62102 | 2 Apasionados, Wordpress | 2 Dofollow Case By Case, Wordpress | 2026-01-20 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in apasionados DoFollow Case by Case dofollow-case-by-case allows Cross Site Request Forgery.This issue affects DoFollow Case by Case: from n/a through <= 3.5.1. | ||||
| CVE-2025-62101 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Omid Shamloo Pardakht Delkhah allows Cross Site Request Forgery.This issue affects Pardakht Delkhah: from n/a through 3.0.0. | ||||
| CVE-2025-62100 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 5.3 Medium |
| Missing Authorization vulnerability in themerain ThemeRain Core themerain-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ThemeRain Core: from n/a through <= 1.1.9. | ||||
| CVE-2025-62099 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 4.3 Medium |
| Missing Authorization vulnerability in Approveme Signature Add-On for Gravity Forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Signature Add-On for Gravity Forms: from n/a through 1.8.6. | ||||
| CVE-2025-62098 | 2 Totalsoft, Wordpress | 2 Portfolio Gallery, Wordpress | 2026-01-20 | 5.4 Medium |
| Missing Authorization vulnerability in Totalsoft Portfolio Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Portfolio Gallery: from n/a through 1.4.8. | ||||
| CVE-2025-62097 | 2 Seothemes, Wordpress | 2 Seo Slider, Wordpress | 2026-01-20 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SEOthemes SEO Slider allows DOM-Based XSS.This issue affects SEO Slider: from n/a through 1.1.1. | ||||
| CVE-2025-62096 | 2 Wordpress, Wpfactory | 2 Wordpress, Maximum Products Per User For Woocommerce | 2026-01-20 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Maximum Products per User for WooCommerce allows Stored XSS.This issue affects Maximum Products per User for WooCommerce: from n/a through 4.4.2. | ||||
| CVE-2025-62095 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Neilgee Bootstrap Modals allows Stored XSS.This issue affects Bootstrap Modals: from n/a through 1.3.2. | ||||
| CVE-2025-62094 | 3 Elementor, Voidthemes, Wordpress | 3 Elementor, Void Elementor Whmcs Elements For Elementor Page Builder, Wordpress | 2026-01-20 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Voidthemes Void Elementor WHMCS Elements For Elementor Page Builder.This issue affects Void Elementor WHMCS Elements For Elementor Page Builder: from n/a through 2.0.1.2. | ||||
| CVE-2025-62093 | 1 Wordpress | 1 Wordpress | 2026-01-20 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup Image&Video FullScreen Background lbg_fullscreen_fullwidth_slider allows SQL Injection.This issue affects Image&Video FullScreen Background: from n/a through <= 1.6.7. | ||||
| CVE-2025-62092 | 2 Wiremo, Wordpress | 2 Wiremo, Wordpress | 2026-01-20 | 5.3 Medium |
| Missing Authorization vulnerability in Wiremo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wiremo: from n/a through 1.4.99. | ||||