WordPress Latest High & Critical Vulnerabilities
Latest High & Critical vulnerabilities published by wordpress
Vulnerability Published:
๐๏ธ Published
- Anytime
Sort By:
๐๏ธ Published Date
- Descending
Arbitrary File Upload Vulnerability in Drag and Drop Multiple File Upload for Contact Form 7 by WordPress
CVE-2025-3515WordPressDrag And Drop Multiple...8.1HIGHStored Cross-Site Scripting in Wise Chat Plugin for WordPress
CVE-2025-3774WordPressWise Chat7.2HIGHLocal File Inclusion in Zagg WooCommerce WordPress Theme by Zagg
CVE-2025-4200WordPressZagg - Electronics & A...8.1HIGHArbitrary File Deletion in Image Resizer On The Fly Plugin for WordPress
CVE-2025-6065WordPressImage Resizer On The Fly9.1CRITICALSQL Injection Vulnerability in AutomatorWP Plugin for WordPress
CVE-2025-5487WordPressAutomatorWP โ Automato...7.2HIGHArbitrary File Upload Vulnerability in File Manager Pro โ Filester Plugin for WordPress
CVE-2025-3234WordPressFile Manager Pro โ Fil...7.2HIGHUnauthorized Data Deletion in WP Travel Engine by WP Travel
CVE-2025-5282WordPressWP Travel Engine โ Tou...7.5HIGHPrivilege Escalation Vulnerability in REST API Custom API Generator for WordPress
CVE-2025-5288WordPressRest Api | Custom Api ...9.8CRITICALAuthentication Bypass in Workreap Plugin for WordPress
CVE-2025-4973WordPressWorkreap9.8CRITICALArbitrary File Upload Vulnerability in Workreap - Freelance Marketplace Plugin
CVE-2025-5012WordPressWorkreap8.8HIGHStored Cross-Site Scripting Vulnerability in Xagio SEO Plugin for WordPress
CVE-2025-3302WordPressXagio Seo โ Ai Powered...7.2HIGHPrivilege Escalation Vulnerability in CubeWP - All-in-One Dynamic Content Framework Plugin for WordPress
CVE-2025-4315WordPressCubeWP โ All-in-one Dy...8.8HIGHArbitrary File Upload Vulnerability in WordPress Automatic Plugin by WordPress
CVE-2025-5395WordPressWordPress Automatic Pl...8.8HIGHArbitrary File Deletion Vulnerability in WP-DownloadManager Plugin for WordPress
CVE-2025-4799WordPressWP-downloadmanager7.2HIGHLocal File Inclusion Vulnerability in LoftOcean TinySalt
CVE-2025-49454WordPressTinysalt8.1HIGHDeserialization Vulnerability in LoftOcean TinySalt Plugin
CVE-2025-49455WordPressTinysalt9.8CRITICALObject Injection Vulnerability in LoftOcean CozyStay Plugin
CVE-2025-49507WordPressCozystay9.8CRITICALCross-Site Request Forgery Vulnerability in Civi Framework by uxper
CVE-2025-49511WordPressCivi Framework7.1HIGHFile Upload Vulnerability in Axle Demo Importer Plugin by WordPress
CVE-2025-4954WordPressAxle Demo Importer๐พ๐ก8.8HIGHSQL Injection Risk in Inprosysmedia Likes Dislikes Post Plugin for WordPress
CVE-2025-4840WordPressInprosysmedia-likes-di...๐พ๐ก7.5HIGHPrivilege Escalation in Real Estate WordPress Theme by Inspyre
CVE-2025-4601WordPressRh - Real Estate WordP...๐พ๐ก8.8HIGHLocal File Inclusion Vulnerability in BodyCenter - Gym, Fitness WooCommerce Theme from SNSTheme
CVE-2023-25999WordPressBodycenter - Gym, Fitn...8.1HIGHLocal File Inclusion Vulnerability in BZOTheme Fitrush by BZOTheme
CVE-2023-26005WordPressFitrush8.1HIGHPrivilege Escalation Vulnerability in ifkooo One-Login by ifkooo
CVE-2025-23974WordPressOne-login8.1HIGHSQL Injection Vulnerability in TicketBAI Facturas for WooCommerce by WordPress
CVE-2025-24767WordPressTicketbai Facturas Par...9.3CRITICAL