Wordpress CVEs and Security Vulnerabilities

Filtered by vendor Wordpress Subscriptions

Search

Switch to Advanced Search (Beta)

Total 9828 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-66153	2 Merkulove, Wordpress	2 Headinger For Elementor, Wordpress	2026-01-20	5.4 Medium
Missing Authorization vulnerability in merkulove Headinger for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Headinger for Elementor: from n/a through 1.1.4.
CVE-2025-66152	2 Merkulove, Wordpress	2 Criptopayer For Elementor, Wordpress	2026-01-20	5.4 Medium
Missing Authorization vulnerability in merkulove Criptopayer for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Criptopayer for Elementor: from n/a through 1.0.1.
CVE-2025-66151	2 Merkulove, Wordpress	2 Countdowner For Elementor, Wordpress	2026-01-20	5.4 Medium
Missing Authorization vulnerability in merkulove Countdowner for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Countdowner for Elementor: from n/a through 1.0.4.
CVE-2025-66150	1 Wordpress	1 Wordpress	2026-01-20	5.4 Medium
Missing Authorization vulnerability in merkulove Appender allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Appender: from n/a through 1.1.1.
CVE-2025-66149	1 Wordpress	1 Wordpress	2026-01-20	5.4 Medium
Missing Authorization vulnerability in merkulove UnGrabber allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UnGrabber: from n/a through 3.1.3.
CVE-2025-66148	2 Merkulove, Wordpress	2 Conformer For Elementor, Wordpress	2026-01-20	5.4 Medium
Missing Authorization vulnerability in merkulove Conformer for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Conformer for Elementor: from n/a through 1.0.7.
CVE-2025-66147	2 Merkulove, Wordpress	2 Coder For Elementor, Wordpress	2026-01-20	5.4 Medium
Missing Authorization vulnerability in merkulove Coder for Elementor coder-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Coder for Elementor: from n/a through <= 1.0.13.
CVE-2025-66146	2 Merkulove, Wordpress	2 Logger For Elementor, Wordpress	2026-01-20	5.4 Medium
Missing Authorization vulnerability in merkulove Logger for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Logger for Elementor: from n/a through 1.0.9.
CVE-2025-66145	1 Wordpress	1 Wordpress	2026-01-20	5.4 Medium
Missing Authorization vulnerability in merkulove Worker for WPBakery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Worker for WPBakery: from n/a through 1.1.1.
CVE-2025-66144	2 Merkulove, Wordpress	2 Worker For Elementor, Wordpress	2026-01-20	5.4 Medium
Missing Authorization vulnerability in merkulove Worker for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Worker for Elementor: from n/a through 1.0.10.
CVE-2025-66134	2 Ninjateam, Wordpress	2 Filebird, Wordpress	2026-01-20	5.4 Medium
Missing Authorization vulnerability in NinjaTeam FileBird Pro filebird-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FileBird Pro: from n/a through <= 6.4.9.
CVE-2025-66133	2 Wordpress, Wp Legal Pages	2 Wordpress, Wp Cookie Notice	2026-01-20	5.3 Medium
Missing Authorization vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent gdpr-cookie-consent allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cookie Notice for GDPR, CCPA & ePrivacy Consent: from n/a through <= 4.0.7.
CVE-2025-66132	1 Wordpress	1 Wordpress	2026-01-20	6.5 Medium
Authorization Bypass Through User-Controlled Key vulnerability in FAPI Business s.r.o. FAPI Member fapi-member allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FAPI Member: from n/a through <= 2.2.26.
CVE-2025-66130	1 Wordpress	1 Wordpress	2026-01-20	5.3 Medium
Missing Authorization vulnerability in etruel WP Views Counter wpecounter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Views Counter: from n/a through <= 2.1.2.
CVE-2025-66129	1 Wordpress	1 Wordpress	2026-01-20	5.3 Medium
Missing Authorization vulnerability in wppochipp Pochipp pochipp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pochipp: from n/a through <= 1.18.0.
CVE-2025-66128	3 Brevo, Woocommerce, Wordpress	3 Sendinblue For Woocommerce, Woocommerce, Wordpress	2026-01-20	5.3 Medium
Missing Authorization vulnerability in Brevo Sendinblue for WooCommerce woocommerce-sendinblue-newsletter-subscription allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sendinblue for WooCommerce: from n/a through <= 4.0.49.
CVE-2025-66126	1 Wordpress	1 Wordpress	2026-01-20	5.3 Medium
Insertion of Sensitive Information Into Sent Data vulnerability in wowpress.host Fix Media Library wow-media-library-fix allows Retrieve Embedded Sensitive Data.This issue affects Fix Media Library: from n/a through <= 2.0.
CVE-2025-66125	2 Nitesh Singh, Wordpress	2 Ultimate Wordpress Auction Plugin, Wordpress	2026-01-20	5.3 Medium
Insertion of Sensitive Information Into Sent Data vulnerability in Nitesh Ultimate Auction ultimate-auction allows Retrieve Embedded Sensitive Data.This issue affects Ultimate Auction : from n/a through <= 4.3.2.
CVE-2025-66124	2 Wordpress, Zeen101	2 Wordpress, Leaky Paywall	2026-01-20	5.3 Medium
Missing Authorization vulnerability in ZEEN101 Leaky Paywall leaky-paywall allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Leaky Paywall: from n/a through <= 4.22.5.
CVE-2025-66121	2 Siteground, Wordpress	2 Siteground Security, Wordpress	2026-01-20	5.3 Medium
Missing Authorization vulnerability in SiteGround SiteGround Security sg-security allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SiteGround Security: from n/a through <= 1.5.8.

« first previous Page 67 of 492. next last »