WordPress EPSS Rated Vulnerabilities
Wordpress vulnerabilities from the past 365 days which have an EPSS rating.
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Unauthenticated PHP Object Injection Vulnerability in GiveWP Donation Plugin
CVE-2024-5932WordpressGiveWP β Donation Plug...ππΎπ‘EPSS 94%π°9.8CRITICALAuthentication Bypass Vulnerability in Two-Factor Authentication
CVE-2024-10924WordpressReally Simple Security...ππΎπ‘EPSS 93%π°9.8CRITICALWordPress Plugin Vulnerable to Path Traversal Attacks
CVE-2024-9935WordpressPDF Generator Addon Fo...πΎπ‘EPSS 92%7.5HIGHSQL Injection Vulnerability in Tutor LMS Plugin for WordPress Could Leak Sensitive Data
CVE-2024-10400WordpressTutor Lms β Elearning ...πΎπ‘EPSS 92%7.5HIGHCode Injection Vulnerability Affects WP Query Console
CVE-2024-50498WordPressWP Query ConsoleπΎπ‘EPSS 92%9.8CRITICALUnauthenticated Arbitrary File Uploads Vulnerability in GutenKit Page Builder
CVE-2024-9234WordpressGutenkit β Page Builde...πΎπ‘EPSS 92%9.8CRITICALArbitrary File Read Vulnerability in Error Log Viewer by WP Guru Plugin
CVE-2024-12849WordpressError Log Viewer By WP...πΎπ‘EPSS 92%7.5HIGHAuth Bypass Vulnerability in LiteSpeed Cache
CVE-2024-44000WordPressLitespeed CacheπΎπ‘EPSS 92%9.8CRITICALUnauthenticated File Upload Vulnerability Affects WP Time Capsule Backup and Staging Plugin
CVE-2024-8856WordpressBackup And Staging By ...πΎπ‘EPSS 91%π°9.8CRITICALWordPress Integrate Google Drive plugin <= 1.1.99 - Unauthenticated Broken Access Control vulnerability
CVE-2023-32117WordPressIntegrate Google DriveEPSS 91%9.8CRITICALAuthentication Bypass Vulnerability in WordPress Crypto Plugin
CVE-2024-9989WordpressCrypto ToolEPSS 91%9.8CRITICALUnauthenticated Attackers Can Read or Delete Files via Path Traversal Flaw in WordPress File Upload Plugin
CVE-2024-9047WordpressWordPress File UploadπΎπ‘EPSS 90%9.8CRITICALLocal File Inclusion Vulnerability in HUSKY Products Filter for WooCommerce by WordPress
CVE-2025-1661WordPressHusky β Products Filte...ππΎπ‘EPSS 90%9.8CRITICALUnauthorized Plugin Installation/Activation Vulnerability Affects Hunk Companion for WordPress
CVE-2024-9707WordpressHunk CompanionπΎπ‘EPSS 86%9.8CRITICALSevere SSRF Vulnerability in SoftLab Radio Player Affects Multiple Versions
CVE-2024-54385WordPressRadio PlayerπΎπ‘EPSS 86%7.2HIGHLocal File Inclusion Vulnerability in WP Umbrella Plugin for WordPress
CVE-2024-12209WordpressWP Umbrella: Update Ba...πΎπ‘EPSS 84%9.8CRITICALAuthentication Bypass Vulnerability in SureTriggers Automation Platform Plugin for WordPress
CVE-2025-3102WordPressOttokit: All-in-one Au...πΎEPSS 83%π°8.1HIGHUnauthenticated Arbitrary File Upload Vulnerability Affects Wux Blog Editor Plugin
CVE-2024-9932WordpressπΎπ‘EPSS 83%9.8CRITICALAuthorization Flaw in Hunk Companion Plugin for WordPress
CVE-2024-11972WordpressHunk CompanionπΎπ‘EPSS 83%9.8CRITICALPrivilege Escalation in User Registration & Membership Plugin by WordPress
CVE-2025-2563WordPressUser Registration & Me...ππΎπ‘EPSS 83%π°8.1HIGHUnauthenticated SQL Injection Vulnerability in LearnPress LMS Plugin
CVE-2024-8522WordpressLearnpress β WordPress...πΎπ‘EPSS 83%7.5HIGHWordPress Yet Another Related Posts Plugin (YARPP) plugin <= 5.30.10 - Broken Access Control vulnerability
CVE-2024-43919WordPressYarppπΎπ‘EPSS 82%9.8CRITICALUnvalidated Parameters Lead to Local File Inclusion Issues
CVE-2024-3673WordpressWeb Directory FreeπΎπ‘EPSS 82%SQL Injection vulnerability in TI WooCommerce Wishlist
CVE-2024-43917WordPressTi WooCommerce WishlistπΎπ‘EPSS 82%9.8CRITICALExecuting Any PHP Code on Server via Local File Inclusion Vulnerability
CVE-2024-6460WordpressGrow By TradedoublerπΎπ‘EPSS 80%