WordPress EPSS Rated Vulnerabilities
Wordpress vulnerabilities from the past 365 days which have an EPSS rating.
Vulnerability Published:
๐๏ธ Published
- Anytime
Sort By:
๐๏ธ Published Date
- Descending
Authentication Bypass Vulnerability in Two-Factor Authentication
CVE-2024-10924WordpressReally Simple Security...๐๐พ๐กEPSS 93%๐ฐ9.8CRITICALSQL Injection Vulnerability in Tutor LMS Plugin for WordPress Could Leak Sensitive Data
CVE-2024-10400WordpressTutor Lms โ Elearning ...๐พ๐กEPSS 92%7.5HIGHWordPress Plugin Vulnerable to Path Traversal Attacks
CVE-2024-9935WordpressPDF Generator Addon Fo...๐พ๐กEPSS 92%7.5HIGHCode Injection Vulnerability Affects WP Query Console
CVE-2024-50498WordPressWP Query Console๐พ๐กEPSS 92%9.8CRITICALUnauthenticated Arbitrary File Uploads Vulnerability in GutenKit Page Builder
CVE-2024-9234WordpressGutenkit โ Page Builde...๐พ๐กEPSS 92%9.8CRITICALArbitrary File Read Vulnerability in Error Log Viewer by WP Guru Plugin
CVE-2024-12849WordpressError Log Viewer By WP...๐พ๐กEPSS 92%7.5HIGHUnauthenticated Attackers Can Read or Delete Files via Path Traversal Flaw in WordPress File Upload Plugin
CVE-2024-9047WordpressWordPress File Upload๐พ๐กEPSS 92%9.8CRITICALUnauthenticated File Upload Vulnerability Affects WP Time Capsule Backup and Staging Plugin
CVE-2024-8856WordpressBackup And Staging By ...๐พ๐กEPSS 91%๐ฐ9.8CRITICALAuth Bypass Vulnerability in LiteSpeed Cache
CVE-2024-44000WordPressLitespeed Cache๐พ๐กEPSS 91%9.8CRITICALWordPress Integrate Google Drive plugin <= 1.1.99 - Unauthenticated Broken Access Control vulnerability
CVE-2023-32117WordPressIntegrate Google DriveEPSS 91%9.8CRITICALAuthentication Bypass Vulnerability in WordPress Crypto Plugin
CVE-2024-9989WordpressCrypto ToolEPSS 91%9.8CRITICALAuthorization Flaw in Hunk Companion Plugin for WordPress
CVE-2024-11972WordpressHunk Companion๐พ๐กEPSS 91%9.8CRITICALLocal File Inclusion Vulnerability in HUSKY Products Filter for WooCommerce by WordPress
CVE-2025-1661WordPressHusky โ Products Filte...๐๐พ๐กEPSS 90%9.8CRITICALUnauthorized Plugin Installation/Activation Vulnerability Affects Hunk Companion for WordPress
CVE-2024-9707WordpressHunk Companion๐พ๐กEPSS 87%9.8CRITICALUnauthenticated Arbitrary File Upload Vulnerability Affects Wux Blog Editor Plugin
CVE-2024-9932Wordpress๐พ๐กEPSS 86%9.8CRITICALSevere SSRF Vulnerability in SoftLab Radio Player Affects Multiple Versions
CVE-2024-54385WordPressRadio Player๐พ๐กEPSS 86%7.2HIGHLocal File Inclusion Vulnerability in WP Umbrella Plugin for WordPress
CVE-2024-12209WordpressWP Umbrella: Update Ba...๐พ๐กEPSS 85%9.8CRITICALUnauthenticated SQL Injection Vulnerability in LearnPress LMS Plugin
CVE-2024-8522WordpressLearnpress โ WordPress...๐พ๐กEPSS 83%7.5HIGHAuthentication Bypass Vulnerability in SureTriggers Automation Platform Plugin for WordPress
CVE-2025-3102WordPressOttokit: All-in-one Au...๐พEPSS 82%๐ฐ8.1HIGHUnauthorized Access to Arbitrary Shortcodes via wp_ajax_nopriv_shortcode_Api_Add AJAX Action
CVE-2024-9061WordpressWP Popup Builder๐พ๐กEPSS 81%9.8CRITICALWordPress Yet Another Related Posts Plugin (YARPP) plugin <= 5.30.10 - Broken Access Control vulnerability
CVE-2024-43919WordPressYarpp๐พ๐กEPSS 81%9.8CRITICALUnauthenticated Local File Inclusion Vulnerability in Chartify for WordPress
CVE-2024-10571WordpressChartify๐พ๐กEPSS 80%9.8CRITICALPrivilege Escalation in User Registration & Membership Plugin by WordPress
CVE-2025-2563WordPressUser Registration & Me...๐๐พ๐กEPSS 79%๐ฐ8.1HIGHSQL Injection Vulnerability in The Events Calendar Plugin for WordPress
CVE-2024-8275WordpressThe Events CalendarEPSS 78%9.8CRITICALAuthentication Bypass Through Alternate Path or Channel Vulnerability
CVE-2024-50477WordPressStacks Mobile App Builder๐พ๐กEPSS 77%9.8CRITICAL