Filtered by vendor Wordpress
Subscriptions
Filtered by product Wordpress
Subscriptions
Total
11812 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-1797 | 2 Themetechmount, Wordpress | 2 Truebooker-appointment-booking, Wordpress | 2026-04-08 | 5.3 Medium |
| The Appointment Booking and Scheduler Plugin – Truebooker plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1.4 through views php files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed views php files via direct access. | ||||
| CVE-2024-11350 | 2 Scriptsbundle, Wordpress | 2 Adforest, Wordpress | 2026-04-08 | 9.8 Critical |
| The AdForest theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.1.6. This is due to the plugin not properly validating a user's identity prior to updating their password through the adforest_reset_password() function. This makes it possible for unauthenticated attackers to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account. | ||||
| CVE-2026-1806 | 2 Tourcms, Wordpress | 2 Tour & Activity Operator Plugin For Tourcms, Wordpress | 2026-04-08 | 6.4 Medium |
| The Tour & Activity Operator Plugin for TourCMS plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'target' parameter of the tourcms_doc_link shortcode in all versions up to, and including, 1.7.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2025-14938 | 2 Purethemes, Wordpress | 2 Listeo-core - Directory Plugin By Purethemes, Wordpress | 2026-04-08 | 5.3 Medium |
| The Listeo Core plugin for WordPress is vulnerable to unauthenticated arbitrary media upload in all versions up to, and including, 2.0.27 via the "listeo_core_handle_dropped_media" function. This is due to missing authorization and capability checks on the AJAX endpoint handling file uploads. This makes it possible for unauthenticated attackers to upload arbitrary media to the site's media library, without achieving direct code execution. | ||||
| CVE-2026-1247 | 2 Seosbg, Wordpress | 2 Survey, Wordpress | 2026-04-08 | 4.4 Medium |
| The Survey plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. | ||||
| CVE-2026-2569 | 2 Dearhive, Wordpress | 2 Dear Flipbook – Pdf Flipbook, 3d Flipbook, Pdf Embed, Pdf Viewer, Wordpress | 2026-04-08 | 6.4 Medium |
| The Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via PDF page labels in all versions up to, and including, 2.4.20 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2025-10006 | 2 Wordpress, Wpbakery | 2 Wordpress, Page Builder | 2026-04-08 | 6.4 Medium |
| The WPBakery Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'rev_slider_vc' shortcode in all versions up to, and including, 8.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This is only exploitable when RevSlider is also installed. | ||||
| CVE-2026-1935 | 2 Brainstation23, Wordpress | 2 Company Posts For Linkedin, Wordpress | 2026-04-08 | 4.3 Medium |
| The Company Posts for LinkedIn plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0.0. This is due to a missing capability check on the `linkedin_company_post_reset_handler()` function hooked to `admin_post_reset_linkedin_company_post`. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete LinkedIn post data stored in the site's options table. | ||||
| CVE-2025-11160 | 2 Wordpress, Wpbakery | 2 Wordpress, Page Builder | 2026-04-08 | 6.4 Medium |
| The WPBakery Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Custom JS module in all versions up to, and including, 8.6.1. This is due to insufficient input sanitization and output escaping of user-supplied JavaScript code in the Custom JS module. This makes it possible for authenticated attackers with contributor-level access or higher to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page via the WPBakery Page Builder Custom JS module granted they have access to the WPBakery editor for post types. | ||||
| CVE-2026-2600 | 2 Roxnor, Wordpress | 2 Elementskit Elementor Addons – Advanced Widgets & Templates Addons For Elementor, Wordpress | 2026-04-08 | 6.4 Medium |
| The ElementsKit Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ekit_tab_title' parameter in the Simple Tab widget in all versions up to, and including, 3.7.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2024-13711 | 1 Wordpress | 1 Wordpress | 2026-04-08 | 6.1 Medium |
| The Pollin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'question' parameter in all versions up to, and including, 1.01.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. | ||||
| CVE-2025-6743 | 2 Wordpress, Xtemos | 2 Wordpress, Woodmart | 2026-04-08 | 6.4 Medium |
| The Woodmart theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'multiple_markers' attribute in all versions up to, and including, 8.2.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2024-10798 | 2 Wordpress, Wproyal | 2 Wordpress, Royal Elementor Addons And Templates | 2026-04-08 | 4.3 Medium |
| The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.7.1003 via the 'wpr-template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts created via Elementor that they should not have access to. | ||||
| CVE-2026-1886 | 2 Hrs2015, Wordpress | 2 Go Night Pro | Wordpress Dark Mode Plugin, Wordpress | 2026-04-08 | 6.4 Medium |
| The Go Night Pro | WordPress Dark Mode Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'go-night-pro-shortcode' shortcode in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping on the user-supplied 'margin' attribute. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2026-3629 | 2 Carazo, Wordpress | 2 Import And Export Users And Customers, Wordpress | 2026-04-08 | 8.1 High |
| The Import and export users and customers plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.29.7. This is due to the 'save_extra_user_profile_fields' function not properly restricting which user meta keys can be updated via profile fields. The 'get_restricted_fields' method does not include sensitive meta keys such as 'wp_capabilities'. This makes it possible for unauthenticated attackers to escalate their privileges to Administrator by submitting a crafted registration request that sets the 'wp_capabilities' meta key. The vulnerability can only be exploited if the "Show fields in profile" setting is enabled and a CSV with a wp_capabilities column header has been previously imported. | ||||
| CVE-2026-1891 | 2 Dogrow, Wordpress | 2 Simple Football Scoreboard, Wordpress | 2026-04-08 | 6.4 Medium |
| The Simple Football Scoreboard plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ytmr_fb_scoreboard' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2024-11134 | 2 Imithemes, Wordpress | 2 Eventer, Wordpress | 2026-04-08 | 4.3 Medium |
| The Eventer plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'eventer_export_bookings_csv' function in all versions up to, and including, 3.9.9. This makes it possible for authenticated attackers with subscriber-level permissions or above, to download bookings, which contains customers' personal data. | ||||
| CVE-2025-7327 | 2 Radiustheme, Wordpress | 2 Widget For Google Reviews, Wordpress | 2026-04-08 | 8.8 High |
| The Widget for Google Reviews plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.0.15 via the layout parameter. This makes it possible for authenticated attackers, with Subscriber-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. This is limited to just PHP files. | ||||
| CVE-2026-2437 | 2 Wordpress, Wptravelengine | 2 Wordpress, Wp Travel Engine – Tour Booking Plugin – Tour Operator Software | 2026-04-08 | 6.4 Medium |
| The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wte_trip_tax' shortcode in all versions up to, and including, 6.7.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2024-10584 | 2 Designinvento, Wordpress | 2 Directorypress, Wordpress | 2026-04-08 | 5.4 Medium |
| The DirectoryPress – Business Directory And Classified Ad Listing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 3.6.16 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file. When DirectoryPress Frontend is installed, this can be exploited by unauthenticated users. | ||||