Wordpress CVEs and Security Vulnerabilities

Export limit exceeded: 11973 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (11973 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-40001	1 Wordpress	1 Wordpress	2026-04-23	4.3 Medium
Missing Authorization vulnerability in StellarWP iThemes Sync ithemes-sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iThemes Sync: from n/a through <= 2.1.13.
CVE-2023-39996	1 Wordpress	1 Wordpress	2026-04-23	5.3 Medium
Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Accordion and Accordion Slider accordion-and-accordion-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accordion and Accordion Slider: from n/a through <= 1.2.4.
CVE-2023-39995	1 Wordpress	1 Wordpress	2026-04-23	4.3 Medium
Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Portfolio and Projects portfolio-and-projects allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Portfolio and Projects: from n/a through <= 1.3.7.
CVE-2023-38479	1 Wordpress	1 Wordpress	2026-04-23	5.3 Medium
Missing Authorization vulnerability in codents Simple Googlebot Visit simple-googlebot-visit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Googlebot Visit: from n/a through <= 1.2.4.
CVE-2023-38477	1 Wordpress	1 Wordpress	2026-04-23	4.3 Medium
Missing Authorization vulnerability in stasionok QR code MeCard/vCard generator wp-qrcode-me-v-card allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects QR code MeCard/vCard generator: from n/a through <= 1.6.0.
CVE-2023-38383	1 Wordpress	1 Wordpress	2026-04-23	5.4 Medium
Missing Authorization vulnerability in Amir Helzer Language wordpress-language allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Language: from n/a through <= 1.2.1.
CVE-2023-37984	2 Expresstech, Wordpress	2 Quiz And Survey Master, Wordpress	2026-04-23	4.3 Medium
Missing Authorization vulnerability in ExpressTech Systems Quiz And Survey Master quiz-master-next allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quiz And Survey Master: from n/a through <= 8.1.10.
CVE-2023-37887	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Missing Authorization vulnerability in Ronik@UnlimitedWP WPSchoolPress wpschoolpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPSchoolPress: from n/a through <= 2.2.7.
CVE-2023-37886	2 Inspirythemes, Wordpress	2 Realhomes, Wordpress	2026-04-23	5.4 Medium
Missing Authorization vulnerability in InspiryThemes RealHomes realhomes.This issue affects RealHomes: from n/a through < 4.3.8.
CVE-2023-37885	2 Inspirythemes, Wordpress	2 Realhomes, Wordpress	2026-04-23	4.3 Medium
Missing Authorization vulnerability in InspiryThemes RealHomes realhomes.This issue affects RealHomes: from n/a through < 4.3.8.
CVE-2023-36528	1 Wordpress	1 Wordpress	2026-04-23	5.3 Medium
Missing Authorization vulnerability in properfraction kk Star Ratings kk-star-ratings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects kk Star Ratings: from n/a through <= 5.4.3.
CVE-2023-36519	1 Wordpress	1 Wordpress	2026-04-23	5.4 Medium
Missing Authorization vulnerability in WPThemeGo SW Product Bundles sw-product-bundles allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SW Product Bundles: from n/a through <= 2.0.15.
CVE-2023-36518	1 Wordpress	1 Wordpress	2026-04-23	4.3 Medium
Missing Authorization vulnerability in Hugh Lashbrooke Post Hit Counter post-hit-counter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Hit Counter: from n/a through <= 1.3.2.
CVE-2023-35875	2 Jegstudio, Wordpress	2 Gutenverse, Wordpress	2026-04-23	5.3 Medium
Missing Authorization vulnerability in Jegstudio Gutenverse gutenverse allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gutenverse: from n/a through <= 1.8.5.
CVE-2023-34014	2 G5theme, Wordpress	2 Grid-plus, Wordpress	2026-04-23	5.4 Medium
Missing Authorization vulnerability in g5theme Grid Plus grid-plus allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Grid Plus: from n/a through <= 1.3.2.
CVE-2023-33998	2 Cybernetikz, Wordpress	2 Easy Social Icons, Wordpress	2026-04-23	4.3 Medium
Missing Authorization vulnerability in CyberNetikz Easy Social Icons easy-social-icons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Social Icons: from n/a through <= 3.2.5.
CVE-2023-33215	2 Taggbox, Wordpress	2 Taggbox, Wordpress	2026-04-23	N/A
Missing Authorization vulnerability in Taggbox Taggbox taggbox-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Taggbox: from n/a through <= 3.3.
CVE-2023-32798	1 Wordpress	1 Wordpress	2026-04-23	5.3 Medium
Missing Authorization vulnerability in 10up Simple Page Ordering simple-page-ordering allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Page Ordering: from n/a through <= 2.5.0.
CVE-2023-32599	1 Wordpress	1 Wordpress	2026-04-23	4.3 Medium
Missing Authorization vulnerability in sminozzi reCAPTCHA for all recaptcha-for-all allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects reCAPTCHA for all: from n/a through <= 1.22.
CVE-2023-32593	1 Wordpress	1 Wordpress	2026-04-23	5.4 Medium
Missing Authorization vulnerability in GS Plugins GS Pins for Pinterest gs-pinterest-portfolio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GS Pins for Pinterest: from n/a through <= 1.6.7.

« first previous Page 272 of 599. next last »