WordPress Exploited Vulnerabilities
WordPress vulnerabilities known to be exploited. Over the past 365 days, sorted by exploit discovery date.
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Stored Cross-Site Scripting Vulnerability in WP-SVG WordPress Plugin
CVE-2024-11644WordPressWP-svgπΎπ‘Cross-Site Scripting Vulnerability in wp-publications WordPress Plugin
CVE-2024-11605WordPressWP-publicationsπΎπ‘Security Flaw in Broken Link Checker Plugin for WordPress
CVE-2024-10903WordPressBroken Link CheckerπΎπ‘Reflected Cross-Site Scripting Vulnerability in Exhibit to WP Gallery WordPress Plugin
CVE-2024-12096WordPressExhibit To WP GalleryπΎπ‘Stored Cross-Site Scripting Vulnerability in Serious Slider Plugin for WordPress
CVE-2024-11108WordPressSerious SliderπΎπ‘Stored Cross-Site Scripting Vulnerability in MaxButtons Plugin for WordPress
CVE-2024-8968WordPressWordPress Button Plugi...πΎπ‘Stored Cross-Site Scripting Vulnerability in Download Manager Plugin for WordPress
CVE-2024-10706WordPressDownload ManagerπΎπ‘Vulnerability in MaxButtons Plugin for WordPress Exposes Sites to Stored XSS Attacks
CVE-2024-10555WordPressWordPress Button Plugi...πΎπ‘SQL Injection Vulnerability in Collapsing Categories Plugin for WordPress
CVE-2024-12025WordPressπΎπ‘7.5HIGHStored Cross-Site Scripting Vulnerability in WordPress Logo Slider Plugin
CVE-2024-10896Logo Slider WordP...Logo SliderπΎπ‘Cross-Site Scripting Vulnerability in Logo Slider WordPress Plugin
CVE-2024-10473Logo Slider WordP...Logo SliderπΎπ‘Arbitrary File Upload Vulnerability in School Management System for WordPress
CVE-2024-9659School Management...πΎπ‘9.8CRITICALCM Table Of Contents WordPress plugin vulnerability allows CSRF attacks and Stored XSS payloads
CVE-2024-5029CM Table Of Conte...Cm Table Of ContentsπΎπ‘Plugin Failure: Unsanitized SVG Uploads Can Trigger XSS Attacks
CVE-2024-10482Media File Rename...Media File Rename, Fin...πΎπ‘Arbitrary Function Execution Through Setting Import
CVE-2024-9529Secure Custom Fie...Secure Custom FieldsπΎπ‘WordPress Jobs Plugin Vulnerable to Stored Cross-Site Scripting Attacks
CVE-2024-10104WordPressJobs For WordPressπΎπ‘UnSanitized URLs Lead to Reflected Cross-Site Scripting in Simple File List WordPress Plugin
CVE-2024-10146Simple File List ...Simple File ListπΎπ‘Stored Cross-Site Scripting Vulnerability in RSS Feed Widget WordPress Plugin
CVE-2024-9836RSS Feed Widget W...Rss Feed WidgetπΎπ‘Authentication Bypass Vulnerability in User Toolkit Plugin for WordPress
CVE-2024-9890WordPressπΎπ‘8.8HIGHUnauthorized Cross-Site Scripting Attacks via Event Registrations in Events Calendar WordPress Plugin
CVE-2024-7982Events Calendar W...Registrations For The ...πΎπ‘CVSS Score: 7.5 - Unprotected Against CSRF Attacks
CVE-2024-9689Frontend WordPres...Post From FrontendπΎπ‘4.3MEDIUMTOC Plus Plugin Vulnerability Allows Cross-Site Scripting Attacks
CVE-2024-5578Table of Contents...Table Of Contents PlusπΎπ‘4.8MEDIUMStored Cross-Site Scripting vulnerability in The Logo Slider WordPress plugin
CVE-2024-5429The Logo Slider W...Logo SliderπΎπ‘Bruteforce Vulnerability in WordPress Plugin Could Leak Sensitive Backup Information
CVE-2024-7315Migration, Backup...Migration, Backup, Sta...πΎπ‘Unfiltered HTML Settings Vulnerability in The Post Grid WordPress Plugin
CVE-2024-3635The Post Grid Wor...The Post GridπΎπ‘4.8MEDIUM