WordPress Exploited Vulnerabilities
Wordpress vulnerabilities known to be exploited. Over the past 365 days, sorted by exploit discovery date.
Vulnerability Published:
🗓️ Published
- Anytime
Sort By:
🗓️ Published Date
- Descending
Stored XSS Vulnerability in WordPress Plugin by Upgrade Time Out
CVE-2024-8243WordPressWordPress/plugin Upgra...👾🟡CSRF Vulnerability in WP MultiTasking Plugin by WordPress
CVE-2024-6860WordPressWP Multitasking👾🟡CSRF Vulnerability in WP MultiTasking Plugin by WordPress
CVE-2024-6857WordPressWP Multitasking👾🟡Stored Cross-Site Scripting Risk in Maps Plugin for WordPress
CVE-2025-2279WordPressMaps👾🟡5.9MEDIUMCross-Site Scripting Vulnerability in MapPress Maps for WordPress Plugin
CVE-2025-2055WordPressMappress Maps For Word...👾🟡6.8MEDIUMPath Traversal Vulnerability in Lana Downloads Manager Plugin for WordPress
CVE-2025-2048WordPressLana Downloads Manager👾🟡4.1MEDIUMSQL Injection Vulnerability in Gutentor Plugin for WordPress
CVE-2025-1986WordPressGutentor👾🟡4.1MEDIUMUnauthenticated Stored-XSS in Photo Gallery by 10Web Plugin for WordPress
CVE-2025-0613WordPressPhoto Gallery By 10web👾🟡6.1MEDIUMCSRF Vulnerability in Event Tickets with Ticket Scanner Plugin for WordPress
CVE-2025-1762WordPressEvent Tickets With Tic...👾🟡4.3MEDIUMCSRF Vulnerability in Booknetic Plugin for WordPress
CVE-2024-13146WordPressBooknetic👾🟡8.8HIGHStored Cross-Site Scripting in Smart Maintenance Mode Plugin for WordPress by Smart Maintenance
CVE-2024-12683WordPressSmart Maintenance Mode👾🟡3.5LOWStored XSS Vulnerability in wp-svg-upload WordPress Plugin
CVE-2024-11847WordPressWP-svg-upload👾🟡4.8MEDIUMCross-Site Scripting Vulnerability in WordPress eCommerce Plugin
CVE-2025-0717WordPressSocial Slider Feed👾🟡3.5LOWStored Cross-Site Scripting Vulnerability in WordPress Plugin by Vendor
CVE-2025-1798WordPressDesign-comuni-WordPres...👾🟡6.1MEDIUMStored Cross-Site Scripting Vulnerability in Favorites WordPress Plugin by WP Plugin Developer
CVE-2025-1452WordPressFavorites👾🟡3.5LOWFile Download Vulnerability in aoa-downloadable WordPress Plugin by Unknown Vendor
CVE-2024-13617WordPressAoa-downloadable👾🟡8.6HIGHUnauthorized Access Vulnerability in AOA Downloadable Plugin by WordPress
CVE-2024-13618WordPressAoa-downloadable👾🟡7.2HIGHSQL Injection Vulnerability in WP-Recall Plugin for WordPress
CVE-2024-9770WordPressWP-recall👾🟡4.7MEDIUMReflected Cross-Site Scripting in Stylish Google Sheet Reader Plugin for WordPress
CVE-2024-13863WordPressStylish Google Sheet R...👾🟡7.1HIGHStored Cross-Site Scripting Vulnerability in AFI WordPress Plugin
CVE-2024-13123WordPressAfi👾🟡3.5LOWCSRF Vulnerability in IP Based Login Plugin for WordPress
CVE-2024-13118WordPressIp Based Login👾🟡4.3MEDIUMStored Cross-Site Scripting Vulnerability in AFI WordPress Plugin
CVE-2024-13122WordPressAfi👾🟡3.5LOWStored Cross-Site Scripting in Simple Banner Plugin for WordPress
CVE-2024-12769WordPressSimple Banner👾🟡3.5LOWSQL Injection Vulnerability in Product Labels for Woocommerce by WordPress
CVE-2024-12109WordPressProduct Labels For Woo...👾🟡4.1MEDIUMStored Cross-Site Scripting Vulnerability in Smart Maintenance Mode Plugin for WordPress
CVE-2024-12682WordPressSmart Maintenance Mode👾🟡6.1MEDIUM