Wordpress CVEs and Security Vulnerabilities

Export limit exceeded: 11973 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (11973 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-27188	2 Cloudways, Wordpress	2 Breeze, Wordpress	2026-04-23	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cloudways Breeze breeze.This issue affects Breeze: from n/a through <= 2.1.3.
CVE-2024-25599	2 Castos, Wordpress	2 Seriously Simple Podcasting, Wordpress	2026-04-23	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting.This issue affects Seriously Simple Podcasting: from n/a through <= 3.0.2.
CVE-2024-11402	1 Wordpress	1 Wordpress	2026-04-23	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kubiq Block Editor Bootstrap Blocks block-editor-bootstrap-blocks allows Reflected XSS.This issue affects Block Editor Bootstrap Blocks: from n/a through <= 6.6.1.
CVE-2023-50905	2 Melapress, Wordpress	2 Wp Activity Log, Wordpress	2026-04-23	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Melapress WP Activity Log wp-security-audit-log allows DOM-Based XSS.This issue affects WP Activity Log: from n/a through <= 4.6.1.
CVE-2023-49861	1 Wordpress	1 Wordpress	2026-04-23	N/A
Missing Authorization vulnerability in socialmediafeather Social Media Feather social-media-feather allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Social Media Feather: from n/a through <= 2.1.3.
CVE-2023-49859	1 Wordpress	1 Wordpress	2026-04-23	N/A
Missing Authorization vulnerability in Marcus (aka @msykes) Login With Ajax login-with-ajax allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Login With Ajax: from n/a through <= 4.1.
CVE-2023-49858	1 Wordpress	1 Wordpress	2026-04-23	N/A
Missing Authorization vulnerability in Austin Custom Login custom-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Custom Login: from n/a through <= 4.1.0.
CVE-2023-49849	1 Wordpress	1 Wordpress	2026-04-23	N/A
Missing Authorization vulnerability in vaakash Shortcoder shortcoder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shortcoder: from n/a through <= 6.3.
CVE-2023-49832	1 Wordpress	1 Wordpress	2026-04-23	N/A
Missing Authorization vulnerability in Gemini Labs Site Reviews site-reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Site Reviews: from n/a through <= 6.10.2.
CVE-2023-49818	1 Wordpress	1 Wordpress	2026-04-23	5.3 Medium
Missing Authorization vulnerability in Webflow Webflow Pages webflow-pages allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Webflow Pages: from n/a through <= 1.0.8.
CVE-2023-49758	1 Wordpress	1 Wordpress	2026-04-23	N/A
Missing Authorization vulnerability in Roland Murg WP Booking System wp-booking-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Booking System: from n/a through <= 2.0.19.2.
CVE-2023-49756	2 Themewinter, Wordpress	2 Eventin, Wordpress	2026-04-23	8.8 High
Missing Authorization vulnerability in Arraytics Eventin wp-event-solution allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eventin: from n/a through <= 3.3.52.
CVE-2023-49754	1 Wordpress	1 Wordpress	2026-04-23	N/A
Missing Authorization vulnerability in Yogesh Pawar Bulk Edit Post Titles bulk-edit-post-titles allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bulk Edit Post Titles: from n/a through <= 5.0.0.
CVE-2023-49167	1 Wordpress	1 Wordpress	2026-04-23	N/A
Missing Authorization vulnerability in code4life Database for CF7 database-for-cf7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Database for CF7: from n/a through <= 1.2.4.
CVE-2023-49156	2 Godaddy, Wordpress	2 Godaddy Email Marketing, Wordpress	2026-04-23	N/A
Missing Authorization vulnerability in GoDaddy GoDaddy Email Marketing godaddy-email-marketing-sign-up-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GoDaddy Email Marketing: from n/a through <= 1.4.3.
CVE-2023-48758	2 Crocoblock, Wordpress	2 Jetengine, Wordpress	2026-04-23	N/A
Missing Authorization vulnerability in Crocoblock JetEngine jet-engine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetEngine: from n/a through <= 3.2.4.
CVE-2023-48277	1 Wordpress	1 Wordpress	2026-04-23	N/A
Missing Authorization vulnerability in SuperPWA Super Progressive Web Apps super-progressive-web-apps allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Progressive Web Apps: from n/a through <= 2.2.21.
CVE-2023-47847	1 Wordpress	1 Wordpress	2026-04-23	5.3 Medium
Missing Authorization vulnerability in PayTR Ödeme ve Elektronik Para Kuruluşu A.Ş. PayTR Taksit Tablosu paytr-taksit-tablosu-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PayTR Taksit Tablosu: from n/a through <= 1.3.1.
CVE-2023-47838	1 Wordpress	1 Wordpress	2026-04-23	N/A
Missing Authorization vulnerability in Jules Colle Conditional Fields for Contact Form 7 cf7-conditional-fields allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Conditional Fields for Contact Form 7: from n/a through <= 2.4.1.
CVE-2023-47830	1 Wordpress	1 Wordpress	2026-04-23	5.4 Medium
Missing Authorization vulnerability in GusRuss89 Live Preview for Contact Form 7 cf7-live-preview allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Live Preview for Contact Form 7: from n/a through <= 1.2.0.

« first previous Page 269 of 599. next last »