Filtered by vendor Wordpress
Subscriptions
Total
9452 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-68072 | 2 Merv Barrett, Wordpress | 2 Easy Property Listings, Wordpress | 2026-01-23 | N/A |
| Missing Authorization vulnerability in Merv Barrett Easy Property Listings easy-property-listings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Property Listings: from n/a through <= 3.5.17. | ||||
| CVE-2025-69049 | 1 Wordpress | 1 Wordpress | 2026-01-23 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Töbel tobel allows PHP Local File Inclusion.This issue affects Töbel: from n/a through <= 1.6. | ||||
| CVE-2025-68986 | 1 Wordpress | 1 Wordpress | 2026-01-23 | N/A |
| Unrestricted Upload of File with Dangerous Type vulnerability in zozothemes Miion miion allows Upload a Web Shell to a Web Server.This issue affects Miion: from n/a through <= 1.2.7. | ||||
| CVE-2025-68881 | 1 Wordpress | 1 Wordpress | 2026-01-23 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saad Iqbal AppExperts appexperts allows SQL Injection.This issue affects AppExperts: from n/a through <= 1.4.5. | ||||
| CVE-2025-69075 | 1 Wordpress | 1 Wordpress | 2026-01-23 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Yolox yolox allows PHP Local File Inclusion.This issue affects Yolox: from n/a through <= 1.0.15. | ||||
| CVE-2025-68908 | 1 Wordpress | 1 Wordpress | 2026-01-23 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in temash Barberry barberry allows PHP Local File Inclusion.This issue affects Barberry: from n/a through <= 2.9.9.87. | ||||
| CVE-2025-69041 | 1 Wordpress | 1 Wordpress | 2026-01-23 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in goalthemes Dekoro dekoro allows PHP Local File Inclusion.This issue affects Dekoro: from n/a through <= 1.0.7. | ||||
| CVE-2025-69073 | 1 Wordpress | 1 Wordpress | 2026-01-23 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Piqes piqes allows PHP Local File Inclusion.This issue affects Piqes: from n/a through <= 1.0.11. | ||||
| CVE-2025-69052 | 2 Fmeaddons, Wordpress | 2 Registration And Login With Mobile Phone Number For Woocommerce, Wordpress | 2026-01-23 | N/A |
| Missing Authorization vulnerability in FmeAddons Registration & Login with Mobile Phone Number for WooCommerce registration-login-with-mobile-phone-number allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Registration & Login with Mobile Phone Number for WooCommerce: from n/a through <= 1.3.1. | ||||
| CVE-2025-68911 | 2 Solacewp, Wordpress | 2 Solace, Wordpress | 2026-01-23 | N/A |
| Missing Authorization vulnerability in solacewp Solace solace allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Solace: from n/a through <= 2.1.16. | ||||
| CVE-2025-69037 | 2 Goalthemes, Wordpress | 2 Pippo, Wordpress | 2026-01-23 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in goalthemes Pippo pippo allows PHP Local File Inclusion.This issue affects Pippo: from n/a through <= 1.2.3. | ||||
| CVE-2025-68871 | 1 Wordpress | 1 Wordpress | 2026-01-23 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in noCreativity Dooodl dooodl allows Reflected XSS.This issue affects Dooodl: from n/a through <= 2.3.0. | ||||
| CVE-2025-68849 | 1 Wordpress | 1 Wordpress | 2026-01-23 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Frank Corso Quote Master quote-master allows Reflected XSS.This issue affects Quote Master: from n/a through <= 7.1.1. | ||||
| CVE-2025-69099 | 1 Wordpress | 1 Wordpress | 2026-01-23 | N/A |
| Deserialization of Untrusted Data vulnerability in fuelthemes North north-wp allows Object Injection.This issue affects North: from n/a through <= 5.7.5. | ||||
| CVE-2025-69076 | 2 Ancorathemes, Wordpress | 2 Modern Housewife, Wordpress | 2026-01-23 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Modern Housewife modernhousewife allows PHP Local File Inclusion.This issue affects Modern Housewife: from n/a through <= 1.0.12. | ||||
| CVE-2025-69095 | 2 Designthemes, Wordpress | 2 Reservation Plugin, Wordpress | 2026-01-23 | N/A |
| Missing Authorization vulnerability in designthemes Reservation Plugin dt-reservation-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Reservation Plugin: from n/a through <= 1.7. | ||||
| CVE-2025-69059 | 1 Wordpress | 1 Wordpress | 2026-01-23 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes DiveIt diveit allows PHP Local File Inclusion.This issue affects DiveIt: from n/a through <= 1.4.3. | ||||
| CVE-2025-68884 | 1 Wordpress | 1 Wordpress | 2026-01-23 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arevico WP Simple Redirect wp-simple-redirect allows Reflected XSS.This issue affects WP Simple Redirect: from n/a through <= 1.1. | ||||
| CVE-2025-69051 | 1 Wordpress | 1 Wordpress | 2026-01-23 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CridioStudio ListingPro Reviews listingpro-reviews allows Reflected XSS.This issue affects ListingPro Reviews: from n/a through <= 1.7. | ||||
| CVE-2025-69071 | 2 Ancorathemes, Wordpress | 2 Tantum, Wordpress | 2026-01-23 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes TanTum tantum allows PHP Local File Inclusion.This issue affects TanTum: from n/a through <= 1.1.13. | ||||