WordPress Exploited Vulnerabilities
Wordpress vulnerabilities known to be exploited. Over the past 365 days, sorted by exploit discovery date.
Vulnerability Published:
๐๏ธ Published
- Anytime
Sort By:
๐๏ธ Published Date
- Descending
Reflected Cross-Site Scripting Vulnerability in WP Talroo Plugin for WordPress
CVE-2025-8281WordPressWP Talroo๐พ๐ก7.1HIGHRemote Code Execution Vulnerability in Cloudflare Image Resizing Plugin for WordPress
CVE-2025-8723WordPressCloudflare Image Resiz...๐พ๐ก9.8CRITICALReflected Cross-Site Scripting Vulnerability in Ebook Store WordPress Plugin
CVE-2025-8113WordPressEbook Store๐พ๐ก6.1MEDIUMJavaScript Backdoor Vulnerability in Pixterme Plugins for WordPress
CVE-2025-8047WordPressDisable-right-click-po...๐พ๐ก9.8CRITICALREST API Content Exposure in PPWP โ Password Protect Pages WordPress Plugin
CVE-2025-5998WordPressPpWP โ Password Protec...๐พ๐ก6.5MEDIUMReflected Cross-Site Scripting Vulnerability in Injection Guard Plugin for WordPress
CVE-2025-8046WordPressInjection Guard๐พ๐ก6.1MEDIUMCSRF Vulnerability in Quiz and Survey Master Plugin for WordPress
CVE-2025-6790WordPressQuiz And Survey Master...๐พ๐ก4.3MEDIUMReflected Cross-Site Scripting Vulnerability in WP Shopify Plugin
CVE-2025-7808WordPressWP Shopify๐พ๐ก6.1MEDIUMStored Cross-Site Scripting in Structured Content Plugin for WordPress
CVE-2025-3414WordPressStructured Content (js...๐พ๐ก5.4MEDIUMLocal File Inclusion Vulnerability in LatePoint WordPress Plugin by LatePoint
CVE-2025-6715WordPressLatepoint๐พ๐ก9.8CRITICALCSRF Vulnerability in CBX Restaurant Booking Plugin for WordPress
CVE-2025-7965WordPressCbx Restaurant Booking๐พ๐ก4.3MEDIUMStored Cross-Site Scripting Vulnerability in OpenStreetMap for Gutenberg and WPBakery Page Builder
CVE-2025-6572WordPressOpenstreetmap For Gute...๐พ๐ก5.9MEDIUMUnauthenticated File Upload Vulnerability in WP-Property Plugin for WordPress
CVE-2012-10027WordPressWordPress Plugin๐พ๐ก9.3CRITICALArbitrary File Upload Vulnerability in Asset-Manager Plugin for WordPress
CVE-2012-10026WordPressWordPress Plugin๐พ๐ก10CRITICALRemote File Inclusion in Advanced Custom Fields Plugin Affects WordPress Vendor
CVE-2012-10025WordPressWordPress Plugin๐พ๐ก10CRITICALPrivilege Escalation in Sala - Startup & SaaS WordPress Theme by WordPress
CVE-2025-4606WordPressSala - Startup & Saas ...๐พ๐ก9.8CRITICALArbitrary File Upload Vulnerability in AI Engine Plugin for WordPress
CVE-2025-7847WordPressAi Engine๐พ๐ก8.8HIGHReflected Cross-Site Scripting Vulnerability in SureForms Plugin for WordPress
CVE-2025-5921WordPressSureforms๐พ๐ก5.8MEDIUMArbitrary File Upload Vulnerability in Alone Charity Theme for WordPress
CVE-2025-5394WordPressAlone โ Charity Multip...๐ฅ๐๐ฐ๐พ๐กEPSS 21%๐ฐ9.8CRITICALReflected Cross-Site Scripting Vulnerability in My Reservation System Plugin for WordPress
CVE-2025-7022WordPressMy Reservation System๐พ๐ก6.1MEDIUMReflected Cross-Site Scripting in Qwizcards Plugin by WordPress
CVE-2025-6174WordPressQwizcards | Online Qui...๐พ๐ก6.1MEDIUMUnauthorized File Upload and Deletion in Ajax Load More Plugin by WordPress
CVE-2015-10140WordPressAjax Load More๐พ๐ก8.8HIGHUser Enumeration Bypass in Stop User Enumeration Plugin for WordPress
CVE-2025-4302WordPressStop User Enumeration๐พ๐ก5.3MEDIUMArbitrary File Upload Vulnerability in HT Contact Form Widget for Elementor Page Builder
CVE-2025-7340WordPressHt Contact Form Widget...๐พ๐ก9.8CRITICALStored Cross-Site Scripting Vulnerability in GeoDirectory Plugin for WordPress
CVE-2025-6200WordPressGeodirectory๐พ๐ก5.9MEDIUM