WordPress Exploited Vulnerabilities
Wordpress vulnerabilities known to be exploited. Over the past 365 days, sorted by exploit discovery date.
Vulnerability Published:
๐๏ธ Published
- Anytime
Sort By:
๐๏ธ Published Date
- Descending
User Enumeration Bypass in Stop User Enumeration Plugin for WordPress
CVE-2025-4302WordPressStop User Enumeration๐พ๐ก5.3MEDIUMStored Cross-Site Scripting Vulnerability in GeoDirectory Plugin for WordPress
CVE-2025-6200WordPressGeodirectory๐พ๐ก5.9MEDIUMArbitrary Post Title Disclosure in Order Delivery Date WordPress Plugin by WordPress
CVE-2025-2942WordPressOrder Delivery Date๐พ๐ก4.3MEDIUMStored Cross-Site Scripting Vulnerability in Hostel Plugin by WordPress
CVE-2025-6236WordPressHostel๐พ๐ก4.8MEDIUMReflected Cross-Site Scripting Vulnerability in Hostel Plugin by WordPress
CVE-2025-6234WordPressHostel๐พ๐ก6.1MEDIUMSQL Injection Vulnerability in Events Manager Plugin for WordPress
CVE-2025-6970WordPressEvents Manager โ Calen...๐พ๐ก7.5HIGHAuthentication Bypass in WordPress Pie Register Plugin
CVE-2025-34077WordPressWordPress Pie Register...๐พ๐ก10CRITICALCross-site Scripting Vulnerability in Melipayamak by Melipayamak
CVE-2025-30940WordPressMelipayamak๐พ๐ฐ5.9MEDIUMCross-Site Request Forgery Vulnerability in 07FLYCMS and Related Products
CVE-2025-7078WordPress07flycms๐พ๐ก5.3MEDIUMImproper Access Control in Sharable Password Protected Posts by WordPress
CVE-2025-5920WordPressSharable Password Prot...๐พ๐ก7.5HIGHUnrestricted File Upload Vulnerability in AiBud WP Plugin
CVE-2025-23968WordPressAibud WP๐พ๐ก9.1CRITICALPrivilege Escalation Vulnerability in Opal Estate Pro Plugin for WordPress
CVE-2025-6934WordPressOpal Estate Pro โ Prop...๐พ๐ก9.8CRITICALArbitrary File Deletion in Forminator Forms Plugin for WordPress
CVE-2025-6463WordPressForminator Forms โ Con...๐พ๐ฐ8.8HIGHXSS Vulnerability in WP Lightbox 2 Plugin by WordPress
CVE-2025-3745WordPressWP Lightbox 2๐พ๐ก6.3MEDIUMStored Cross-Site Scripting in Contact Form Plugin by WordPress
CVE-2025-5730WordPressContact Form Plugin๐พ๐ก4.3MEDIUMStored Cross-Site Scripting Vulnerability in Event RSVP and Simple Event Management Plugin for WordPress
CVE-2025-5540WordPressEvent Rsvp And Simple ...๐พ๐ฐ5.4MEDIUMAccess Control Flaw in BuddyPress Docs Plugin
CVE-2025-5526WordPressBuddypress Docs๐พ๐ก4.3MEDIUMStored Cross-Site Scripting in WP Map Block WordPress Plugin
CVE-2025-5194WordPressWP Map Block๐พ๐ก4.8MEDIUMStored Cross-Site Scripting Vulnerability in Responsive Lightbox & Gallery Plugin by WordPress
CVE-2025-5093WordPressResponsive Lightbox & ...๐พ๐ก5.4MEDIUMStored Cross-Site Scripting Vulnerability in Firelight Lightbox Plugin for WordPress
CVE-2025-5035WordPressFirelight Lightbox๐พ๐ก5.4MEDIUMPrivilege Escalation Vulnerability in Simple User Registration Plugin for WordPress
CVE-2025-4334WordPressSimple User Registration๐พ๐ก9.8CRITICALSQL Injection vulnerability in TI WooCommerce Wishlist
CVE-2024-43917WordPressTi WooCommerce Wishlist๐พ๐กEPSS 82%9.8CRITICALArbitrary File Upload Vulnerability in ZoomSounds Plugin by WordPress
CVE-2021-4457WordPressZoomsounds๐พ๐ก9.1CRITICALArbitrary File Upload Vulnerability in Download Plugin for WordPress
CVE-2025-6586WordPressDownload Plugin๐พ๐ก7.2HIGHArbitrary File Upload Vulnerability in Drag and Drop Multiple File Upload for Contact Form 7 by WordPress
CVE-2025-3515WordPressDrag And Drop Multiple...๐พ๐ก8.1HIGH