WordPress Exploited Vulnerabilities
Wordpress vulnerabilities known to be exploited. Over the past 365 days, sorted by exploit discovery date.
Vulnerability Published:
🗓️ Published
- Anytime
Sort By:
🗓️ Published Date
- Descending
Arbitrary File Upload Vulnerability in midi-Synth Plugin for WordPress
CVE-2026-1306WordPressMidi-synth👾🟡EPSS 27%9.8CRITICALStored XSS Vulnerability in Check & Log Email WordPress Plugin
CVE-2026-5306WordPressCheck & Log Email👾🟡5.4MEDIUMArbitrary File Upload Vulnerability in Hustle Plugin for WordPress
CVE-2026-0911WordPressHustle – Email Marketi...👾🟡7.5HIGHArbitrary File Upload Vulnerability in Breeze Cache Plugin for WordPress
CVE-2026-3844WordPressBreeze Cache👾🟡9.8CRITICALCross-Site Scripting in reCaptcha Plugin for WordPress by WebDesignBy
CVE-2026-4512WordPressRecaptcha By Webdesignby👾🟡3.5LOWUnauthenticated Data Exposure in HT Mega Addons for Elementor Plugin
CVE-2026-4106WordPressHt Mega Addons For Ele...👾🟡5.3MEDIUMStored Cross-Site Scripting in ElementsKit Elementor Addons for WordPress
CVE-2026-2600WordPressElementskit Elementor ...👾🟡6.4MEDIUMSQL Injection Vulnerability in Happy Addons for Elementor by HappyMonster
CVE-2025-68999WordPressHappy Addons For Eleme...👾🟡8.5HIGHStored Cross-Site Scripting Vulnerability in Email Encoder Plugin for WordPress
CVE-2024-7083WordPressEmail Encoder👾🟡3.5LOWServer-Side Template Injection in Contact Form by Supsystic for WordPress
CVE-2026-4257WordPressContact Form By Supsystic👾🟡EPSS 24%9.8CRITICALArbitrary File Upload Vulnerability in WebStack Theme for WordPress
CVE-2026-1555WordPressWebstack👾🟡9.8CRITICALAuthentication Bypass Vulnerability in WPExperts Post SMTP Plugin
CVE-2025-24000WordPressPost Smtp👾🟡8.8HIGHSQL Injection Vulnerability in Product Filter for WooCommerce by WBW
CVE-2026-3830WordPressProduct Filter For Woo...👾🟡8.6HIGHSQL Injection Vulnerability in Form Maker by 10Web WordPress Plugin
CVE-2025-15441WordPressForm Maker By 10web👾🟡6.8MEDIUMImproper Access Control in YITH WooCommerce Wishlist Plugin by YITH
CVE-2026-4432WordPressYith WooCommerce Wishlist👾🟡6.5MEDIUMRemote Code Execution Vulnerability in Yandex Market Plugin for WordPress
CVE-2025-14545WordPressYml For Yandex Market👾🟡6.5MEDIUMStored Cross-Site Scripting in IndieWeb Plugin for WordPress
CVE-2025-14893WordPressIndieweb👾🟡6.4MEDIUMStored Cross-Site Scripting in Contact List Plugin for WordPress
CVE-2026-3516WordPressContact List – Online ...👾🟡6.4MEDIUMInsecure Direct Object References in Tutor LMS Plugin for WordPress
CVE-2026-1375WordPressTutor Lms – Elearning ...👾🟡8.1HIGHAuthorization Flaw in MyRewards Loyalty Points Plugin for WooCommerce
CVE-2025-15260WordPressMyrewards👾🟡6.5MEDIUMTime-based Blind SQL Injection in Adivaha Travel Plugin for WordPress
CVE-2023-54359WordPressWordPress Adivaha Trav...👾🟡8.8HIGHReflected XSS Vulnerability in Adivaha Travel Plugin for WordPress
CVE-2023-54358WordPressWordPress Adivaha Trav...👾🟡5.1MEDIUMImproper Access Control in ActivityPub Plugin for WordPress
CVE-2026-4338WordPressActivitypub👾🟡7.5HIGHArbitrary File Upload Vulnerability in Ninja Forms File Uploads Plugin for WordPress
CVE-2026-0740WordPressNinja Forms - File Upl...👾🟡9.8CRITICALReflected Cross-Site Scripting Vulnerability in Gravity Forms Plugin for WordPress
CVE-2026-4406WordPressGravity Forms👾🟡4.7MEDIUM