WordPress Exploited Vulnerabilities
Wordpress vulnerabilities known to be exploited. Over the past 365 days, sorted by exploit discovery date.
Vulnerability Published:
🗓️ Published
- Anytime
Sort By:
🗓️ Published Date
- Descending
Remote Code Execution Vulnerability in Advanced Custom Fields Extended Plugin for WordPress
CVE-2025-13486WordPressAdvanced Custom Fields...👾🟡9.8CRITICALPrivilege Escalation in King Addons for Elementor Plugin by WordPress
CVE-2025-8489WordPressKing Addons For Elemen...👾📰9.8CRITICALArbitrary Event Disclosure in MotoPress Timetable and Event Schedule Plugin
CVE-2025-12954WordPressTimetable And Event Sc...👾🟡2.7LOWArbitrary Option Disclosure in Upload.am WordPress Plugin
CVE-2025-12630WordPressUpload.am👾🟡4.9MEDIUMUnauthorized Access in db-access Plugin for WordPress
CVE-2025-13000WordPressDb-access👾🟡7.7HIGHSQL Injection Vulnerability in Donation Plugin for WordPress
CVE-2025-13001WordPressDonation👾🟡4.1MEDIUMSQL Injection Vulnerability in TAX SERVICE Electronic HDM Plugin by WordPress
CVE-2025-12061WordPressTax Service Electronic...👾🟡8.6HIGHArbitrary File Upload Vulnerability in AI Feeds Plugin for WordPress
CVE-2025-13597WordPressAi Feeds👾🟡9.8CRITICALArbitrary File Upload Vulnerability in CIBELES AI Plugin for WordPress
CVE-2025-13595WordPressCibeles Ai👾🟡9.8CRITICALRemote Code Execution Vulnerability in Sneeit Framework Plugin for WordPress
CVE-2025-6389WordPressSneeit Framework👾🟡9.8CRITICALWeak Backup Code Generation in WP 2FA Plugin by WordPress
CVE-2025-12628WordPressWP 2fa👾🟡6.3MEDIUMReflected Cross-Site Scripting Vulnerability in Broken Link Manager Plugin
CVE-2025-12629WordPressBroken Link Manager👾🟡7.1HIGHBackup Migration Plugin Vulnerability in WordPress
CVE-2025-12394WordPressBackup Migration👾🟡5.9MEDIUMOpen Redirect Vulnerability in Frontend Posting Plugin by WordPress
CVE-2025-12569WordPressGuest Posting / Fronte...👾🟡4.7MEDIUMReflected Cross-Site Scripting Vulnerability in WordPress eCommerce Plugin
CVE-2024-14015WordPressWordPress Ecommerce Pl...👾🟡7.1HIGHVulnerability in Mstoreapp Mobile App by Mstoreapp Allows Unauthenticated Access
CVE-2025-11127WordPressMstoreapp Mobile App👾🟡9.8CRITICALArbitrary File Read Vulnerability in AI Engine for WordPress by ChatGPT
CVE-2025-13380WordPressAi Engine For WordPres...👾🟡6.5MEDIUMSQL Injection Vulnerability in Attention-Bar Plugin for WordPress
CVE-2025-12502WordPressAttention-bar👾🟡6.8MEDIUMArbitrary File Upload Vulnerability in WavePlayer Plugin for WordPress
CVE-2025-12057WordPressWaveplayer👾🟡9.8CRITICALCommand Injection Vulnerability in W3 Total Cache WordPress Plugin
CVE-2025-9501WordPressW3 Total Cache📈💰👾🟡📰9CRITICALLocal File Inclusion Vulnerability in Creta Testimonial Showcase Plugin by Creta Technology
CVE-2025-10686WordPressCreta Testimonial Show...👾🟡7.2HIGHStored Cross-Site Scripting Vulnerability in WP Statistics Plugin by WordPress
CVE-2025-9816WordPressWP Statistics – Simple...👾🟡7.2HIGHReflected Cross-Site Scripting in Team Members Showcase Plugin by WordPress
CVE-2025-11560WordPressTeam Members Showcase👾🟡4.8MEDIUMAge-Restriction WordPress Plugin Vulnerability Affects Users
CVE-2025-11855WordPressAge-restriction👾🟡7.5HIGHCross-Site Scripting Vulnerabilities in WP Go Maps Plugin by WordPress
CVE-2025-11307WordPressWP Go Maps (formerly W...👾🟡EPSS 13%8.8HIGH