WordPress Exploited Vulnerabilities
Wordpress vulnerabilities known to be exploited. Over the past 365 days, sorted by exploit discovery date.
Vulnerability Published:
🗓️ Published
- Anytime
Sort By:
🗓️ Published Date
- Descending
Stored Cross-Site Scripting Vulnerability in APCu Manager Plugin for WordPress
CVE-2026-10083WordPressApcu Manager👾🟡7.5HIGHUnauthorized Modification Vulnerability in F4 Post Tree WordPress Plugin
CVE-2026-9676WordPressF4 Post Tree👾🟡4.3MEDIUMInsecure Direct Object Reference in Paid Membership Plugin for WordPress
CVE-2026-10820WordPressPaid Membership Plugin...👾🟡8.1HIGHStored Cross-Site Scripting in WordPress Plugin by Shariff
CVE-2026-9677WordPressShariff For WordPress👾🟡4.8MEDIUMUnauthenticated Privilege Escalation in Registration Form for WooCommerce by WordPress
CVE-2026-54807WordPressRegistration Form For ...👾🟡9.8CRITICALPath Traversal Vulnerability in Printcart Web to Print Product Designer for WooCommerce
CVE-2025-10268WordPressPrintcart Web To Print...👾🟡5.3MEDIUMAccess Control Flaw in YMC Filter WordPress Plugin by YMC
CVE-2026-10823WordPressYmc Filter👾🟡7.5HIGHSQL Injection Vulnerability in SALESmanago & Leadoo WordPress Plugin
CVE-2026-10835WordPressSalesmanago & Leadoo👾🟡7.7HIGHUnauthorized Deletion Vulnerability in Frontend File Manager Plugin for WordPress
CVE-2026-8380WordPressFrontend File Manager ...👾🟡6.5MEDIUMStored XSS Vulnerability in Email Address Encoder Plugin by WordPress
CVE-2026-5305WordPressEmail Address Encoder👾🟡8.8HIGHUnauthorized Request Handling in InPost PL WooCommerce Plugin by InPost
CVE-2026-9702WordPressInpost Pl👾🟡7.5HIGHAuthorization Bypass in Masteriyo LMS Plugin for WordPress
CVE-2026-10824WordPressMasteriyo Lms👾🟡6.5MEDIUMInput Validation Flaw in Slider Pro for WooCommerce by ShapedPlugin, LLC
CVE-2026-49777WordPressProduct Slider Pro For...👾🟡10CRITICALMalicious Code Distribution in Shapedsmart-post-show-pro, Real Testimonials Pro, and Product Slider for WooCommerce Plugins
CVE-2026-10735WordPressSmart-post-show-pro👾🟡Security Flaw in Post Duplicator Plugin for WordPress
CVE-2026-10749WordPressPost Duplicator👾🟡Improper Access Control in Site Kit by Google WordPress Plugin
CVE-2026-10753WordPressSite Kit By Google👾🟡Authentication Bypass in Cornerstone WordPress Page Builder Plugin by Cornerstone
CVE-2026-9709WordPressCornerstone👾🟡Exposure of Sensitive Metadata in Cornerstone Page Builder by X Company
CVE-2026-9710WordPressCornerstone👾🟡Stored Cross-Site Scripting Vulnerability in AI Share & Summarize Plugin for WordPress
CVE-2026-10531WordPressAi Share & Summarize👾🟡SQL Injection Vulnerability in The Events Calendar by Liquid Web / StellarWP
CVE-2026-49772WordPressThe Events Calendar👾🟡9.3CRITICALSQL Injection Vulnerability in Infility Global WordPress Plugin
CVE-2026-7842WordPressInfility Global👾🟡6.8MEDIUMSQL Injection Vulnerability in Infility Global WordPress Plugin
CVE-2026-8163WordPressInfility Global👾🟡8.8HIGHReflected Cross-Site Scripting in Simple Basic Contact Form Plugin for WordPress
CVE-2026-8172WordPressSimple Basic Contact Form👾🟡7.1HIGHStored Cross-Site Scripting in Frontend File Manager Plugin for WordPress
CVE-2026-8378WordPressFrontend File Manager ...👾🟡5.4MEDIUMFile Download Vulnerability in Frontend File Manager Plugin by WordPress
CVE-2026-8379WordPressFrontend File Manager ...👾🟡7.5HIGH