WordPress Latest High & Critical Vulnerabilities
Latest High & Critical vulnerabilities published by wordpress
Vulnerability Published:
๐๏ธ Published
- Anytime
Sort By:
๐๏ธ Published Date
- Descending
Stored Cross-Site Scripting Vulnerability in WP Statistics Plugin by WordPress
CVE-2025-9816WordPressWP Statistics โ Simple...7.2HIGHUnrestricted File Upload Vulnerability in HaruTheme WooCommerce Designer Pro
CVE-2025-60219WordPressWooCommerce Designer Pro10CRITICALCross-Site Request Forgery Vulnerability in GST for WooCommerce by Ashwani Kumar
CVE-2025-60173WordPressGst For WooCommerce7.1HIGHCross-Site Request Forgery Vulnerability in Flytedesk Digital by Flytedesk
CVE-2025-60172WordPressFlytedesk Digital7.1HIGHCross-Site Request Forgery Vulnerability in Conditional Cart Messages for WooCommerce by YourPlugins
CVE-2025-60171WordPressConditional Cart Messa...7.1HIGHCross-Site Request Forgery Vulnerability in HTACCESS IP Blocker by Taraprasad Swain
CVE-2025-60170WordPressHtaccess Ip Blocker7.1HIGHCSRF Vulnerability in W3SCloud Contact Form 7 to Zoho CRM by W3S Cloud Technology
CVE-2025-60169WordPressW3scloud Contact Form ...7.1HIGHCross-Site Request Forgery in NewsMAN NewsmanApp by NewsMAN
CVE-2025-60164WordPressNewsmanapp7.1HIGHCSRF Vulnerability in AR For WordPress by Webandprint
CVE-2025-60156WordPressAr For WordPress9.6CRITICALPHP Remote File Inclusion Vulnerability in Subscribe To Unlock by WordPress
CVE-2025-60153WordPressSubscribe To Unlock7.5HIGHPHP Remote File Inclusion Vulnerability in Subscribe to Download Plugin by WordPress
CVE-2025-60150WordPressSubscribe To Download7.5HIGHPHP Local File Inclusion Vulnerability in PluginOps Testimonial Slider
CVE-2025-60126WordPressTestimonial Slider8.8HIGHSQL Injection Vulnerability in Potenzaglobalsolutions PGS Core
CVE-2025-60118WordPressPgs Core8.5HIGHCross-Site Request Forgery in Javo Core by javothemes
CVE-2025-60111WordPressJavo Core8.8HIGHSQL Injection Vulnerability in LambertGroup's AllInOne โ Banner Rotator
CVE-2025-60110WordPressAllinone - Banner Rotator8.5HIGHSQL Injection Vulnerability in LambertGroup AllInOne Content Slider Plugin
CVE-2025-60109WordPressLambertgroup - Allinon...8.5HIGHSQL Injection Vulnerability in LambertGroup AllInOne Banner Plugin
CVE-2025-60108WordPressLambertgroup - Allinon...8.5HIGHSQL Injection Vulnerability in LambertGroup's AllInOne - Banner with Playlist
CVE-2025-60107WordPressLambertgroup - Allinon...8.5HIGHReflected XSS Vulnerability in Metagauss ProfileGrid by WordPress
CVE-2025-4957WordPressProfilegrid7.1HIGHReflected XSS Vulnerability in Uncode by undsgn
CVE-2025-48107WordPressUncode7.1HIGHCross-Site Scripting Vulnerability in Traveler Theme by ShineTheme
CVE-2025-59012WordPressTraveler7.1HIGHPath Traversal Vulnerability in SeaTheme's BM Content Builder Plugin
CVE-2025-59002WordPressBm Content Builder7.7HIGHSensitive Information Exposure in Permalink Manager Lite by Maciej Bis
CVE-2025-59010WordPressPermalink Manager Lite7.5HIGHMissing Authorization Vulnerability in Traveler by ShineTheme
CVE-2025-59011WordPressTraveler7.5HIGHArbitrary File Upload Vulnerability in WP-DownloadManager Plugin for WordPress
CVE-2025-10747WordPressWP-downloadmanager7.2HIGH