Filtered by vendor Wordpress
Subscriptions
Filtered by product Wordpress
Subscriptions
Total
11793 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-56063 | 2 Wordpress, Wpdeveloper | 2 Wordpress, Essential Addons For Elementor | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Stored XSS.This issue affects Essential Addons for Elementor: from n/a through <= 6.0.7. | ||||
| CVE-2024-56057 | 2 Vibethemes, Wordpress | 2 Wordpress Learning Management System, Wordpress | 2026-04-01 | 8.8 High |
| Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS wplms_plugin allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a through < 1.9.9.5.2. | ||||
| CVE-2024-56055 | 2 Vibethemes, Wordpress | 2 Wordpress Learning Management System, Wordpress | 2026-04-01 | 8.8 High |
| Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS wplms_plugin allows Path Traversal.This issue affects WPLMS: from n/a through < 1.9.9.5.2. | ||||
| CVE-2024-56054 | 2 Vibethemes, Wordpress | 2 Wordpress Learning Management System, Wordpress | 2026-04-01 | 8.8 High |
| Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS wplms_plugin allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a through < 1.9.9.5.2. | ||||
| CVE-2024-56053 | 2 Vibethemes, Wordpress | 2 Wordpress Learning Management System, Wordpress | 2026-04-01 | 8.8 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VibeThemes WPLMS wplms_plugin allows SQL Injection.This issue affects WPLMS: from n/a through < 1.9.9.5.3. | ||||
| CVE-2024-56052 | 2 Vibethemes, Wordpress | 2 Wordpress Learning Management System, Wordpress | 2026-04-01 | 8.8 High |
| Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS wplms_plugin allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a through < 1.9.9.5.2. | ||||
| CVE-2024-56051 | 2 Vibethemes, Wordpress | 2 Wordpress Learning Management System, Wordpress | 2026-04-01 | 8.8 High |
| Improper Control of Generation of Code ('Code Injection') vulnerability in VibeThemes WPLMS wplms_plugin allows Code Injection.This issue affects WPLMS: from n/a through < 1.9.9.5. | ||||
| CVE-2024-56050 | 2 Vibethemes, Wordpress | 2 Wordpress Learning Management System, Wordpress | 2026-04-01 | 8.8 High |
| Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS wplms_plugin allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a through < 1.9.9.5.3. | ||||
| CVE-2024-56049 | 2 Vibethemes, Wordpress | 2 Wordpress Learning Management System, Wordpress | 2026-04-01 | N/A |
| Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS wplms_plugin allows Path Traversal.This issue affects WPLMS: from n/a through < 1.9.9.5.2. | ||||
| CVE-2024-56048 | 2 Vibethemes, Wordpress | 2 Wordpress Learning Management System, Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in VibeThemes WPLMS wplms_plugin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPLMS: from n/a through <= 1.9.9. | ||||
| CVE-2024-56047 | 2 Vibethemes, Wordpress | 2 Wordpress Learning Management System, Wordpress | 2026-04-01 | 8.8 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VibeThemes WPLMS wplms_plugin allows SQL Injection.This issue affects WPLMS: from n/a through < 1.9.9.5.3. | ||||
| CVE-2024-56046 | 2 Vibethemes, Wordpress | 2 Wordpress Learning Management System, Wordpress | 2026-04-01 | 9.8 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS wplms_plugin allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a through <= 1.9.9. | ||||
| CVE-2024-56045 | 2 Vibethemes, Wordpress | 2 Wordpress Learning Management System, Wordpress | 2026-04-01 | N/A |
| Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS wplms_plugin allows Path Traversal.This issue affects WPLMS: from n/a through < 1.9.9.5. | ||||
| CVE-2024-56043 | 2 Vibethemes, Wordpress | 2 Wordpress Learning Management System, Wordpress | 2026-04-01 | N/A |
| Incorrect Privilege Assignment vulnerability in VibeThemes WPLMS wplms_plugin allows Privilege Escalation.This issue affects WPLMS: from n/a through <= 1.9.9. | ||||
| CVE-2024-56042 | 2 Vibethemes, Wordpress | 2 Wordpress Learning Management System, Wordpress | 2026-04-01 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VibeThemes WPLMS wplms_plugin allows SQL Injection.This issue affects WPLMS: from n/a through < 1.9.9.5.3. | ||||
| CVE-2024-54383 | 3 Wordpress, Wpweb, Wpwebelite | 3 Wordpress, Woocommerce Pdf Vouchers, Woocommerce Pdf Vouchers | 2026-04-01 | N/A |
| Incorrect Privilege Assignment vulnerability in wpweb WooCommerce PDF Vouchers woocommerce-pdf-vouchers allows Privilege Escalation.This issue affects WooCommerce PDF Vouchers: from n/a through < 4.9.9. | ||||
| CVE-2024-51875 | 2 Mdc Youtube Downloader Project, Wordpress | 2 Mdc Youtube Downloader, Wordpress | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nazmul Ahsan MDC YouTube Downloader mdc-youtube-downloader allows DOM-Based XSS.This issue affects MDC YouTube Downloader: from n/a through <= 3.0.0. | ||||
| CVE-2024-51673 | 2 Hasthemes, Wordpress | 2 Ht Politic, Wordpress | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DevItems HT Politic wp-politic allows DOM-Based XSS.This issue affects HT Politic: from n/a through <= 2.4.4. | ||||
| CVE-2024-51670 | 2 Joomsky, Wordpress | 2 Js Help Desk, Wordpress | 2026-04-01 | 4.8 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JoomSky JS Help Desk js-support-ticket allows Stored XSS.This issue affects JS Help Desk: from n/a through <= 2.8.7. | ||||
| CVE-2024-49310 | 2 Themesflat, Wordpress | 2 Themesflat Addons For Elementor, Wordpress | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themesflat themesflat-addons-for-elementor themesflat-addons-for-elementor allows Stored XSS.This issue affects themesflat-addons-for-elementor: from n/a through <= 2.2.0. | ||||