WordPress Latest High & Critical Vulnerabilities
Latest High & Critical vulnerabilities published by wordpress
Vulnerability Published:
🗓️ Published
- Anytime
Sort By:
🗓️ Published Date
- Descending
SQL Injection Vulnerability in TaxoPress by Steve Burge
CVE-2026-42646WordPressTaxopress7.6HIGHCross-Site Scripting Vulnerability in User Registration Plugin by WP Everest
CVE-2026-42652WordPressUser Registration7.1HIGHMissing Authorization Vulnerability in SureForms Pro by Brainstorm Force
CVE-2026-42377WordPressSureforms Pro7.3HIGHPrivilege Escalation Vulnerability in LatePoint Calendar Booking Plugin for WordPress
CVE-2026-6741WordPressLatepoint – Calendar B...8.8HIGHPrivilege Escalation Vulnerability in Directorist Social Login from Directorist
CVE-2026-22337WordPressDirectorist Social Login9.8CRITICALSQL Injection Vulnerability in Directorist Booking from Directorist
CVE-2026-22336WordPressDirectorist Booking9.3CRITICALSensitive Information Exposure in WPDeveloper Templately Plugin
CVE-2026-42379WordPressTemplately7.7HIGHPrivilege Escalation Vulnerability in Highland Software Custom Role Manager for WordPress
CVE-2026-7106WordPressHighland Software Cust...8.8HIGHArbitrary File Upload Vulnerability in Drag and Drop File Upload Plugin for WordPress
CVE-2026-5364WordPressDrag And Drop File Upl...8.1HIGHCode Injection Vulnerability in FunnelFormsPro by Funnelforms LLC
CVE-2026-39440WordPressFunnelformspro9.9CRITICALUnauthorized Plugin Installation in Google Analytics Dashboard for WordPress
CVE-2026-5464WordPressExactmetrics – Google ...7.2HIGHArbitrary File Upload Vulnerability in Breeze Cache Plugin for WordPress
CVE-2026-3844WordPressBreeze Cache👾🟡9.8CRITICALAuthorization Bypass in Create DB Tables Plugin for WordPress
CVE-2026-4119WordPressCreate Db Tables9.1CRITICALRemote Code Execution Vulnerability in HTTP Headers Plugin for WordPress
CVE-2026-4132WordPressHttp Headers7.2HIGHAuthorization Bypass Vulnerability in Sendmachine for WordPress Plugin
CVE-2026-6235WordPressSendmachine For WordPress9.8CRITICALDeserialization of Untrusted Data Vulnerability in Responsive Slider by MetaSlider
CVE-2026-39467WordPressResponsive Slider By M...7.2HIGHArbitrary File Read and Deletion Vulnerability in Everest Forms Plugin for WordPress
CVE-2026-5478WordPressEverest Forms – Contac...8.1HIGHArbitrary File Deletion Vulnerability in wpForo Forum Plugin for WordPress
CVE-2026-6248WordPressWPforo Forum8.1HIGHArbitrary File Upload and Remote Code Execution in NiteoThemes Plugin for WordPress
CVE-2026-6518WordPressCmp – Coming Soon & Ma...8.8HIGHSensitive Information Exposure in Easy Appointments Plugin for WordPress
CVE-2026-2262WordPressEasy AppointmentsEPSS 29%7.5HIGHArbitrary File Upload Vulnerability in Drag and Drop Multiple File Upload for Contact Form 7 Plugin
CVE-2026-5718WordPressDrag And Drop Multiple...8.1HIGHPath Traversal Vulnerability in Drag and Drop Multiple File Upload for Contact Form 7 Plugin
CVE-2026-5710WordPressDrag And Drop Multiple...7.5HIGHArbitrary File Manipulation in Customer Area Plugin for WordPress
CVE-2026-3464WordPressWP Customer Area8.8HIGHArbitrary File Read Vulnerability in Unlimited Elements for Elementor Plugin by WordPress
CVE-2026-4659WordPressUnlimited Elements For...7.5HIGHBackdoor Vulnerability in Accordion and Accordion Slider Plugin for WordPress
CVE-2026-6443WordPressAccordion And Accordio...9.8CRITICAL