WordPress Latest High & Critical Vulnerabilities
Latest High & Critical vulnerabilities published by wordpress
Vulnerability Published:
🗓️ Published
- Anytime
Sort By:
🗓️ Published Date
- Descending
Stored Cross-Site Scripting Vulnerability in Sell BTC Plugin for WordPress
CVE-2025-14554WordPressSell Btc – Cryptocurre...7.2HIGHWeak Password Reset Mechanism in Custom Login Page Customizer for WordPress
CVE-2025-14975WordPressCustom Login Page Cust...👾🟡8.1HIGHArbitrary File Deletion Vulnerability in Snow Monkey Forms Plugin by WordPress
CVE-2026-1056WordPressSnow Monkey Forms👾🟡9.8CRITICALUnauthorized File Sharing Vulnerability in Frontend File Manager Plugin for WordPress
CVE-2026-1280WordPressFrontend File Manager ...7.5HIGHPrivilege Escalation in Simple User Registration Plugin for WordPress
CVE-2026-0844WordPressSimple User Registration8.8HIGHAuthentication Bypass Vulnerability in Search Atlas SEO Plugin from WordPress
CVE-2025-14386WordPressSearch Atlas Seo – Pre...8.8HIGHArbitrary File Upload Vulnerability in AI Engine for WordPress
CVE-2026-1400WordPressAi Engine – The Chatbo...7.2HIGHSQL Injection Vulnerability in VidShop Plugin for WooCommerce by WordPress
CVE-2026-0702WordPressVidshop – Shoppable Vi...7.5HIGHUnauthorized Data Access in New User Approve Plugin for WordPress
CVE-2026-0832WordPressNew User Approve7.3HIGHServer-Side Request Forgery Vulnerability in TableMaster for Elementor Plugin by WordPress
CVE-2025-14610WordPressTablemaster For Elemen...7.2HIGHReflected Cross-Site Scripting Vulnerability in AhaChat Messenger Marketing Plugin
CVE-2025-14316WordPressAhachat Messenger Mark...👾🟡7.1HIGHArbitrary File Upload Vulnerability in Hustle Plugin for WordPress
CVE-2026-0911WordPressHustle – Email Marketi...7.5HIGHStored Cross-Site Scripting Vulnerability in User Submitted Posts Plugin for WordPress
CVE-2026-0800WordPressUser Submitted Posts –...7.2HIGHArbitrary File Upload Vulnerability in Kalrav AI Agent Plugin for WordPress
CVE-2025-13374WordPressKalrav Ai Agent👾🟡9.8CRITICALServer-Side Request Forgery Vulnerability in Frontis Blocks Plugin for WordPress
CVE-2026-0807WordPressFrontis Blocks — Block...7.2HIGHLocal File Inclusion in Administrative Shortcodes Plugin for WordPress
CVE-2026-1257WordPressAdministrative Shortcodes7.5HIGHFile Inclusion Vulnerability in EduBlink Core by DevsBlink
CVE-2026-24635WordPressEdublink Core7.5HIGHSQL Injection Vulnerability in Neoforum by saeros1984
CVE-2026-24624WordPressNeoforum7.2HIGHLocal File Inclusion in Elated-Themes Laurent by WordPress
CVE-2026-24609WordPressLaurent7.5HIGHPHP Remote File Inclusion Vulnerability in Elated Themes Laurent Core
CVE-2026-24608WordPressLaurent Core7.5HIGHSQL Injection Vulnerability in Nelio Content by Nelio Software
CVE-2026-24572WordPressNelio Content8.8HIGHFile Inclusion Flaw in Omnipress by Omnipressteam
CVE-2026-24538WordPressOmnipress7.6HIGHSensitive Data Exposure in Webpushr Web Push Notifications by Webpushr
CVE-2026-24536WordPressWebpushr7.5HIGHMissing Authorization Vulnerability in uPress Booter Plugin
CVE-2026-24534WordPressBooter8.8HIGHAccess Control Issues in SiteLock Security by SiteLock
CVE-2026-24532WordPressSitelock Security8.8HIGH