WordPress Exploited Vulnerabilities
Wordpress vulnerabilities known to be exploited. Over the past 365 days, sorted by exploit discovery date.
Vulnerability Published:
🗓️ Published
- Anytime
Sort By:
🗓️ Published Date
- Descending
Authentication Bypass Vulnerability in KiviCare Plugin for WordPress
CVE-2026-2991WordPressKivicare – Clinic & Pa...👾🟡9.8CRITICALSQL Injection Vulnerability in Relevanssi Search Plugin for WordPress
CVE-2025-4396WordPressRelevanssi – A Better ...👾🟡EPSS 25%7.5HIGHCross-Site Scripting Vulnerability in Get Use APIs WordPress Plugin
CVE-2025-15363WordPressGet Use Apis👾🟡5.9MEDIUMArbitrary File Upload Vulnerability in Pix for WooCommerce Plugin by WordPress
CVE-2026-3891WordPressPix For WooCommerce👾🟡9.8CRITICALInsufficient Authorization in Timetics Booking Plugin for WordPress
CVE-2025-15473WordPressTimetics👾🟡4.3MEDIUMStored Cross-Site Scripting Vulnerability in Reading Progressbar Plugin by WordPress
CVE-2026-2687WordPressReading Progressbar👾🟡4.3MEDIUMStored Cross-Site Scripting Vulnerability in NextScripts Social Networks Auto-Poster Plugin for WordPress
CVE-2026-3228WordPressNextscripts: Social Ne...👾🟡6.4MEDIUMUnauthenticated Modification Vulnerability in Datalogics Ecommerce Delivery WordPress Plugin
CVE-2026-2631WordPressDatalogics Ecommerce D...👾🟡9.8CRITICALReflected Cross-Site Scripting Vulnerability in DukaPress WordPress Plugin
CVE-2026-2466WordPressDukapress👾🟡7.1HIGHUnauthorized Access and PHP Object Injection in Divi-Booster Plugin
CVE-2026-2626WordPressDivi-booster👾🟡8.1HIGHData Exposure in WordPress Plugin for Guest Posting
CVE-2026-1867WordPressGuest Posting / Fronte...👾🟡5.9MEDIUMVulnerability in Gutena Forms Plugin Allows Unauthorized Changes
CVE-2026-1753WordPressGutena Forms👾🟡6.8MEDIUMCross-Site Request Forgery Flaw in Court Reservation Plugin for WordPress
CVE-2026-1508WordPressCourt Reservation👾🟡4.3MEDIUMCSRF Vulnerability in WooCommerce Plugin Affects WordPress Users
CVE-2026-3589WordPressWooCommerce👾🟡7.5HIGHCSRF Vulnerability in WP eCommerce Plugin by WordPress
CVE-2026-1128WordPressWP Ecommerce👾🟡4.3MEDIUMAuthorization Flaw in LearnDash PowerPack Plugin Allows Unauthorized User Actions
CVE-2026-2446WordPressPowerpack For Learndash👾🟡9.8CRITICALAuthentication Flaw in Login with Salesforce Plugin by WordPress
CVE-2026-2418WordPressLogin With Salesforce👾🟡9.1CRITICALUnauthorized Access Vulnerability in Mail Mint WordPress Plugin
CVE-2026-2025WordPressMail Mint👾🟡EPSS 27%7.5HIGHPrivilege Escalation in Contempo Themes Real Estate 7
CVE-2025-39459WordPressReal Estate 7👾🟡7.3HIGHPHP Object Injection Vulnerability in Super Stage WP WordPress Plugin
CVE-2026-1542WordPressSuper Stage WP👾🟡6.5MEDIUMStored Cross-Site Scripting Vulnerability in Essential Addons for Elementor Plugin by WordPress
CVE-2026-1512WordPressEssential Addons For E...👾🟡6.4MEDIUMPrivilege Escalation Vulnerability in Eventin by Themewinter
CVE-2025-47539WordPressEventin👾🟡EPSS 28%9.8CRITICALUnauthenticated Stored XSS Vulnerability in Responsive Lightbox & Gallery Plugin by WordPress
CVE-2025-15386WordPressResponsive Lightbox & ...👾🟡8.8HIGHOpen Redirect Vulnerability in Conditional CAPTCHA WordPress Plugin
CVE-2026-1369WordPressConditional Captcha👾🟡4.3MEDIUMAJAX Handler Vulnerability in Video Conferencing Plugin for WordPress by Zoom
CVE-2026-1368WordPressVideo Conferencing Wit...👾🟡7.5HIGH