Filtered by vendor Wordpress
Subscriptions
Total
9450 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-67617 | 1 Wordpress | 1 Wordpress | 2026-01-23 | N/A |
| Deserialization of Untrusted Data vulnerability in themeton Consult Aid consultaid allows Object Injection.This issue affects Consult Aid: from n/a through <= 1.4.3. | ||||
| CVE-2025-67964 | 2 Favethemes, Wordpress | 2 Homey, Wordpress | 2026-01-23 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in favethemes Homey Core homey-core allows Reflected XSS.This issue affects Homey Core: from n/a through <= 2.4.3. | ||||
| CVE-2025-53240 | 2 Adamlabs, Wordpress | 2 Wordpress Photo Gallery, Wordpress | 2026-01-23 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in adamlabs WordPress Photo Gallery photo-gallery-portfolio allows Reflected XSS.This issue affects WordPress Photo Gallery: from n/a through <= 1.1.0. | ||||
| CVE-2025-62050 | 1 Wordpress | 1 Wordpress | 2026-01-23 | N/A |
| Unrestricted Upload of File with Dangerous Type vulnerability in blazethemes Blogmatic blogmatic.This issue affects Blogmatic: from n/a through <= 1.0.3. | ||||
| CVE-2025-67968 | 2 Inspirythemes, Wordpress | 2 Realhomes, Wordpress | 2026-01-23 | N/A |
| Unrestricted Upload of File with Dangerous Type vulnerability in InspiryThemes Real Homes CRM realhomes-crm allows Using Malicious Files.This issue affects Real Homes CRM: from n/a through <= 1.0.0. | ||||
| CVE-2025-68001 | 1 Wordpress | 1 Wordpress | 2026-01-23 | N/A |
| Unrestricted Upload of File with Dangerous Type vulnerability in garidium g-FFL Checkout g-ffl-checkout allows Upload a Web Shell to a Web Server.This issue affects g-FFL Checkout: from n/a through <= 2.1.0. | ||||
| CVE-2025-68013 | 3 Cardpaysolutions, Woocommerce, Wordpress | 3 Payment Gateway Authorize.net Cim For Woocommerce, Woocommerce, Wordpress | 2026-01-23 | N/A |
| Missing Authorization vulnerability in cardpaysolutions Payment Gateway Authorize.Net CIM for WooCommerce authnet-cim-for-woo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Payment Gateway Authorize.Net CIM for WooCommerce: from n/a through <= 2.1.2. | ||||
| CVE-2025-67940 | 2 Mikado-themes, Wordpress | 2 Powerlift, Wordpress | 2026-01-23 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Powerlift powerlift allows PHP Local File Inclusion.This issue affects Powerlift: from n/a through < 3.2.1. | ||||
| CVE-2025-67626 | 1 Wordpress | 1 Wordpress | 2026-01-23 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in Angel Costa WP SEO Search wp-seo-search allows Cross Site Request Forgery.This issue affects WP SEO Search: from n/a through <= 1.1. | ||||
| CVE-2025-67947 | 3 Elementor, Scriptsbundle, Wordpress | 3 Elementor, Adforest, Wordpress | 2026-01-23 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in scriptsbundle AdForest Elementor adforest-elementor allows Reflected XSS.This issue affects AdForest Elementor: from n/a through <= 3.0.11. | ||||
| CVE-2025-63051 | 1 Wordpress | 1 Wordpress | 2026-01-23 | N/A |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in sizam REHub Framework rehub-framework allows Retrieve Embedded Sensitive Data.This issue affects REHub Framework: from n/a through < 19.9.9.4. | ||||
| CVE-2025-67955 | 1 Wordpress | 1 Wordpress | 2026-01-23 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in TangibleWP MyHome Core myhome-core allows PHP Local File Inclusion.This issue affects MyHome Core: from n/a through <= 4.1.0. | ||||
| CVE-2025-67959 | 2 Purethemes, Wordpress | 2 Workscout, Wordpress | 2026-01-23 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in purethemes WorkScout workscout allows Reflected XSS.This issue affects WorkScout: from n/a through <= 4.1.07. | ||||
| CVE-2025-67949 | 1 Wordpress | 1 Wordpress | 2026-01-23 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in designingmedia Hostiko hostiko allows Reflected XSS.This issue affects Hostiko: from n/a through < 94.3.6. | ||||
| CVE-2025-69039 | 1 Wordpress | 1 Wordpress | 2026-01-23 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in goalthemes Bailly bailly allows PHP Local File Inclusion.This issue affects Bailly: from n/a through <= 1.3.4. | ||||
| CVE-2025-68910 | 1 Wordpress | 1 Wordpress | 2026-01-23 | N/A |
| Unrestricted Upload of File with Dangerous Type vulnerability in blazethemes Blogzee blogzee allows Using Malicious Files.This issue affects Blogzee: from n/a through <= 1.0.5. | ||||
| CVE-2025-69045 | 3 Fooevents, Woocommerce, Wordpress | 3 Fooevents For Woocommerce, Woocommerce, Wordpress | 2026-01-23 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in FooEvents FooEvents for WooCommerce fooevents allows SQL Injection.This issue affects FooEvents for WooCommerce: from n/a through <= 1.20.4. | ||||
| CVE-2025-69057 | 1 Wordpress | 1 Wordpress | 2026-01-23 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Edge-Themes Eldon eldon allows PHP Local File Inclusion.This issue affects Eldon: from n/a through <= 1.0. | ||||
| CVE-2025-69044 | 1 Wordpress | 1 Wordpress | 2026-01-23 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in goalthemes Vango vango allows PHP Local File Inclusion.This issue affects Vango: from n/a through <= 1.3.3. | ||||
| CVE-2025-68902 | 1 Wordpress | 1 Wordpress | 2026-01-23 | N/A |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in AivahThemes Anona anona allows Path Traversal.This issue affects Anona: from n/a through <= 8.0. | ||||