WordPress Latest Vulnerabilities
Latest vulnerabilities published by wordpress
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Local File Inclusion Vulnerability in ThemeREX Melania by ThemeREX
CVE-2026-22324WordPressMelania8.1HIGHDeserialization of Untrusted Data Vulnerability in TotalSuite's TotalContest Lite Plugin
CVE-2026-0677WordPressTotalcontest Lite7.2HIGHCross-Site Request Forgery Vulnerability in Flash Video Player by joshuae1974
CVE-2024-32537WordPressFlash Video Player7.1HIGHCross-site Scripting Vulnerability in Special Box for Content by Vasilis Triantafyllou
CVE-2024-31119WordPressSpecial Box For Content5.9MEDIUMStored Cross-Site Scripting Vulnerability in CM Custom Reports Plugin for WordPress
CVE-2026-2432WordPressCm Custom Reports β Fl...4.4MEDIUMMissing Authorization Vulnerability in RockPress Plugin for WordPress
CVE-2026-3550WordPressRockpress5.3MEDIUMPath Traversal Vulnerability in ilGhera Carta Docente for WooCommerce
CVE-2026-2421WordPressIlghera Carta Docente ...6.5MEDIUMUnvalidated Redirect Vulnerability in Membership Plugin - Restrict Content for WordPress
CVE-2026-4136WordPressMembership Plugin β Re...4.3MEDIUMArbitrary Function Call Vulnerability in Aimogen Pro by WordPress
CVE-2026-4038WordPressAimogen Pro - All-in-o...9.8CRITICALUnrestricted File Upload Vulnerability in ThemeGoods Photography Plugin
CVE-2026-27043WordPressPhotography7.2HIGHSQL Injection Threat in Appointment Booking Calendar Plugin for WordPress
CVE-2026-3658WordPressAppointment Booking Ca...7.5HIGHCross-Site Scripting Vulnerability in Everest Forms Pro by WPEverest
CVE-2026-27070WordPressEverest Forms Pro7.1HIGHReflected XSS in Website LLMs.Txt by Ryan Howard
CVE-2026-27068WordPressWebsite Llms.txt7.1HIGHUnrestricted File Upload Vulnerability in Syarif Mobile App Editor
CVE-2026-27067WordPressMobile App Editor9.1CRITICALPHP Remote File Inclusion Vulnerability in ThimPress BuilderPress
CVE-2026-27065WordPressBuilderpress9.8CRITICALObject Injection Vulnerability in Membership Software by WishList
CVE-2026-25445WordPressWishlist Member X8.8HIGHMissing Authorization Vulnerability in Dotstore Fraud Prevention for WooCommerce
CVE-2026-25443WordPressFraud Prevention For W...7.5HIGHCross-Site Scripting Vulnerability in QantumThemes Kentha
CVE-2026-25442WordPressKentha7.1HIGHReflected XSS Vulnerability in ThemeHunk Gutenberg Blocks
CVE-2026-25438WordPressGutenberg Blocks7.1HIGHCross-site Scripting Vulnerability in Markbeljaars Table of Contents Creator
CVE-2025-68836WordPressTable Of Contents Creator7.1HIGHCross-Site Scripting in ArtstudioWorks Brookside Affects Multiple Versions
CVE-2025-67618WordPressBrookside7.1HIGHCross-Site Scripting Vulnerability in WPCasa Plugin by WordPress
CVE-2025-62043WordPressWPcasa6.5MEDIUMObject Injection Vulnerability in Themeton Finag Theme by WordPress
CVE-2025-60237WordPressFinag9.8CRITICALDeserialization Vulnerability in Themeton Zuut Theme by Themeton
CVE-2025-60233WordPressZuut9.8CRITICALReflected XSS in tagDiv Opt-In Builder Affects WordPress Users
CVE-2025-53222WordPressTagdiv Opt-in Builder7.1HIGH