WordPress Latest High & Critical Vulnerabilities
Latest High & Critical vulnerabilities published by wordpress
Vulnerability Published:
🗓️ Published
- Anytime
Sort By:
🗓️ Published Date
- Descending
SQL Injection Flaw in Tutor LMS eLearning Plugin for WordPress
CVE-2025-13673WordPressTutor Lms – Elearning ...7.5HIGHPHP Object Injection in WP Mail Logging Plugin for WordPress
CVE-2026-2471WordPressWP Mail Logging7.5HIGHPrivilege Escalation Vulnerability in Listee Theme for WordPress
CVE-2025-12981WordPressListee9.8CRITICALInsufficient Data Verification Vulnerability in Fluent Forms Pro Add On Pack by WordPress
CVE-2026-2428WordPressFluent Forms Pro Add O...7.5HIGHArbitrary File Upload Vulnerability in User Frontend Plugin for WordPress
CVE-2026-1565WordPressUser Frontend: Ai Powe...8.8HIGHObject Injection Vulnerability in Stylemix uListing by Stylemix
CVE-2026-28138WordPressUlisting7.2HIGHSQL Injection Vulnerability in VeronaLabs WP SMS Plugin
CVE-2026-28136WordPressWP Sms7.6HIGHPath Traversal Vulnerability in Worry Proof Backup Plugin for WordPress
CVE-2026-1311WordPressWorry Proof Backup8.8HIGHAuthentication Bypass in User Registration & Membership Plugin for WordPress
CVE-2026-1779WordPressUser Registration & Me...8.1HIGHPath Traversal Vulnerability in WP Responsive Images Plugin for WordPress
CVE-2026-1557WordPressWP Responsive Images7.5HIGHOS Command Injection Vulnerability in WPGraphQL for WordPress
CVE-2026-27938WordPressWP-graphql7.7HIGHRemote Code Execution Vulnerability in Advanced Woo Labels Plugin by WooCommerce
CVE-2026-1929WordPressAdvanced Woo Labels – ...8.8HIGHSQL Injection Vulnerability in Geo Mashup Plugin for WordPress
CVE-2026-2416WordPressGeo Mashup7.5HIGHUnauthorized Data Modification Risk in WPGSI: Spreadsheet Integration Plugin for WordPress
CVE-2026-1916WordPressWPgsi: Spreadsheet Int...7.5HIGHArbitrary File Upload Vulnerability in asbplayer Affected by Attackers
CVE-2025-69771WordPressasbplayer9.6CRITICALUnauthenticated Stored XSS Vulnerability in Responsive Lightbox & Gallery Plugin by WordPress
CVE-2025-15386WordPressResponsive Lightbox & ...👾🟡8.8HIGHUnauthenticated Access Flaw in ElementsKit Lite WordPress Plugin
CVE-2026-23693WordPressElementskit Elementor ...9.3CRITICALCross-site Scripting Vulnerability in PixelYourSite Plugin by PixelYourSite
CVE-2026-27072WordPressPixelyoursite – Your S...7.1HIGHSQL Injection Vulnerability in JoomSky JS Help Desk Plugin
CVE-2026-24959WordPressJs Help Desk8.5HIGHSQL Injection Vulnerability in Download Manager Addons for Elementor
CVE-2026-24956WordPressDownload Manager Addon...9.3CRITICALReflected XSS Vulnerability in Whizz Plugins by Fox-Themes
CVE-2026-24955WordPressWhizz Plugins7.1HIGHAuthorization Bypass Vulnerability in Authorsy by Themeplugs
CVE-2026-24950WordPressAuthorsy7.5HIGHCross-Site Scripting Vulnerability in ThemeGoods PhotoMe
CVE-2026-24949WordPressPhotome7.1HIGHReflected XSS Vulnerability in Fox-Themes Reflector Plugin
CVE-2026-24948WordPressReflector7.1HIGHCross-site Scripting Vulnerability in ThemeGoods Grand Conference Plugin
CVE-2026-24943WordPressGrand Conference7.1HIGH