WordPress Latest High & Critical Vulnerabilities
Latest High & Critical vulnerabilities published by wordpress
Vulnerability Published:
🗓️ Published
- Anytime
Sort By:
🗓️ Published Date
- Descending
Arbitrary File Upload Vulnerability in WP Duplicate Plugin by WordPress
CVE-2026-1499WordPressWP Duplicate – WordPre...9.8CRITICALServer-Side Request Forgery Vulnerability in All In One Image Viewer Block for WordPress
CVE-2026-1294WordPressAll In One Image Viewe...7.2HIGHSQL Injection Vulnerability in Popup Builder Plugin for WordPress
CVE-2025-13192WordPressPopup Builder With Gam...8.2HIGHLocal File Inclusion Vulnerability in SportsPress Plugin for WordPress
CVE-2025-15368WordPressSportspress – Sports C...8.8HIGHSQL Injection Vulnerability in Infility Global Plugin by WordPress
CVE-2025-15268WordPressInfility Global7.5HIGHUnauthorized Data Modification in SEO Flow Plugin for WordPress by LupsOnline
CVE-2025-15285WordPressSeo Flow By Lupsonline7.5HIGHArbitrary File Upload Vulnerability in WP FOFT Loader Plugin for WordPress
CVE-2026-1756WordPressWP Foft Loader8.8HIGHPHP Remote File Inclusion Vulnerability in ThemeMove Unicamp Theme
CVE-2026-25027WordPressUnicamp7.5HIGHSQL Injection Vulnerability in Iqonic Design KiviCare Clinic Management System
CVE-2026-25022WordPressKivicare8.5HIGHDeserialization of Untrusted Data in WpEvently by MagePeopleTeam
CVE-2026-24954WordPressWPevently8.8HIGHArbitrary File Upload Vulnerability in OS DataHub Maps Plugin for WordPress
CVE-2026-1730WordPressOs Datahub Maps8.8HIGHInsecure Direct Object References in Tutor LMS Plugin for WordPress
CVE-2026-1375WordPressTutor Lms – Elearning ...8.1HIGHStored Cross-Site Scripting in Form Maker Plugin for WordPress
CVE-2026-1058WordPressForm Maker By 10web – ...7.1HIGHStored Cross-Site Scripting Vulnerability in Form Maker Plugin for WordPress
CVE-2026-1065WordPressForm Maker By 10web – ...7.2HIGHStored Cross-Site Scripting in LatePoint Calendar Booking Plugin for WordPress
CVE-2026-0617WordPressLatepoint – Calendar B...7.2HIGHLocal File Inclusion Vulnerability in Talemy Spirit Framework
CVE-2024-54263WordPressSpirit Framework7.5HIGHReflected Cross-Site Scripting Vulnerability in Library Viewer WordPress Plugin
CVE-2025-15396WordPressLibrary Viewer👾🟡7.1HIGHUser Profile Builder Plugin Vulnerability in WordPress
CVE-2025-15030WordPressUser Profile Builder👾🟡9.8CRITICALStored Cross-Site Scripting Vulnerability in Sell BTC Plugin for WordPress
CVE-2025-14554WordPressSell Btc – Cryptocurre...7.2HIGHWeak Password Reset Mechanism in Custom Login Page Customizer for WordPress
CVE-2025-14975WordPressCustom Login Page Cust...👾🟡8.1HIGHArbitrary File Deletion Vulnerability in Snow Monkey Forms Plugin by WordPress
CVE-2026-1056WordPressSnow Monkey Forms👾🟡9.8CRITICALUnauthorized File Sharing Vulnerability in Frontend File Manager Plugin for WordPress
CVE-2026-1280WordPressFrontend File Manager ...7.5HIGHPrivilege Escalation in Simple User Registration Plugin for WordPress
CVE-2026-0844WordPressSimple User Registration8.8HIGHAuthentication Bypass Vulnerability in Search Atlas SEO Plugin from WordPress
CVE-2025-14386WordPressSearch Atlas Seo – Pre...8.8HIGHArbitrary File Upload Vulnerability in AI Engine for WordPress
CVE-2026-1400WordPressAi Engine – The Chatbo...7.2HIGH