WordPress Exploited Vulnerabilities
Wordpress vulnerabilities known to be exploited. Over the past 365 days, sorted by exploit discovery date.
Vulnerability Published:
🗓️ Published
- Anytime
Sort By:
🗓️ Published Date
- Descending
Weak Password Reset Mechanism in Custom Login Page Customizer for WordPress
CVE-2025-14975WordPressCustom Login Page Cust...👾🟡8.1HIGHAdministrative User Creation Vulnerability in LA-Studio Element Kit for Elementor Plugin
CVE-2026-0920WordPressLa-studio Element Kit ...👾🟡9.8CRITICALArbitrary File Deletion Vulnerability in Snow Monkey Forms Plugin by WordPress
CVE-2026-1056WordPressSnow Monkey Forms👾🟡9.8CRITICALArbitrary Options Manipulation in User Activity Log Plugin by WordPress
CVE-2025-13471WordPressUser Activity Log👾🟡5.3MEDIUMReflected Cross-Site Scripting Vulnerability in AhaChat Messenger Marketing Plugin
CVE-2025-14316WordPressAhachat Messenger Mark...👾🟡7.1HIGHSQL Injection Vulnerability in Recipe Card Blocks Lite Plugin for WordPress
CVE-2025-14973WordPressRecipe Card Blocks Lite👾🟡6.8MEDIUMArbitrary File Upload Vulnerability in Kalrav AI Agent Plugin for WordPress
CVE-2025-13374WordPressKalrav Ai Agent👾🟡9.8CRITICALCross-Site Request Forgery in Welcart Plugin for WordPress
CVE-2026-1208WordPressFriendly Functions For...👾🟡4.3MEDIUMReflected Cross-Site Scripting Vulnerability in List Site Contributors Plugin for WordPress
CVE-2026-0594WordPressList Site Contributors👾🟡6.1MEDIUMPrivilege Escalation Vulnerability in Advanced Custom Fields: Extended Plugin for WordPress
CVE-2025-14533WordPressAdvanced Custom Fields...👾📰9.8CRITICALAuthenticated AJAX Action Vulnerability in Bookingor WordPress Plugin
CVE-2025-12573WordPressBookingor👾🟡6.5MEDIUMUnauthorized Data Access Vulnerability in Everest Backup WordPress Plugin
CVE-2025-11380WordPressEverest Backup – WordP...👾🟡5.9MEDIUMStored XSS Vulnerability in Poll, Survey & Quiz Maker by Opinion Stage
CVE-2019-25297WordPressPoll, Survey & Quiz Ma...👾🟡5.1MEDIUMArbitrary File Upload Vulnerability in Uploadify Plugin for WordPress
CVE-2011-10041WordPressUploadify👾🟡9.3CRITICALLocal File Inclusion Vulnerability in News and Blog Designer Bundle Plugin for WordPress
CVE-2025-14502WordPressNews And Blog Designer...👾🟡9.8CRITICALPrivilege Escalation in Modular DS by Modular Solutions
CVE-2026-23550WordPressModular Ds🥇📈👾🟡10CRITICALSQL Injection Vulnerability in Social-Share-Buttons by WordPress
CVE-2023-54333WordPressSocial-share-buttons👾🟡8.8HIGHArbitrary File Deletion Vulnerability in E-xact Hosted Payment Plugin by WordPress
CVE-2025-14829WordPressE-xact | Hosted Payment |👾🟡9.1CRITICALVulnerability in Dreamer Blog Theme for WordPress Allows Arbitrary Installations
CVE-2025-10915WordPressDreamer Blog👾🟡9.8CRITICALStored Cross-Site Scripting Vulnerability in Quiz Maker Plugin for WordPress
CVE-2025-14579WordPressQuiz Maker👾🟡4.8MEDIUMUnauthenticated PHP Code Execution in AccessAlly WordPress Plugin
CVE-2020-36875WordPressAccessally👾🟡9.3CRITICALStored Cross-Site Scripting Vulnerability in NEX-Forms WordPress Plugin
CVE-2025-14803WordPressNex-forms👾🟡6.8MEDIUMInsecure Direct Object Reference in ACF to REST API Plugin for WordPress
CVE-2025-12030WordPressAcf To Rest Api👾🟡4.3MEDIUMSQL Injection Vulnerability in Relevanssi WordPress Plugin by Never5
CVE-2025-14719WordPressRelevanssi👾🟡4.9MEDIUMPath Traversal Vulnerability in Frontend File Manager for WordPress
CVE-2025-14804WordPressFrontend File Manager ...👾🟡7.7HIGH