WordPress Latest Vulnerabilities
Latest vulnerabilities published by wordpress
Vulnerability Published:
🗓️ Published
- Anytime
Sort By:
🗓️ Published Date
- Descending
Stored Cross-Site Scripting in WooCommerce Checkout Field Editor by WordPress
CVE-2026-3231WordPressCheckout Field Editor ...7.2HIGHUnauthorized Access in WordPress Core Due to REST API Flaw
CVE-2026-3906WordPressWordPress4.3MEDIUMStored Cross-Site Scripting in Gravity Forms Plugin for WordPress
CVE-2026-3492WordPressGravity Forms6.4MEDIUMInsecure Direct Object Reference in ExactMetrics Google Analytics Dashboard for WordPress
CVE-2026-1992WordPressExactmetrics – Google ...8.8HIGHImproper Privilege Management in ExactMetrics Google Analytics Dashboard for WordPress Plugin
CVE-2026-1993WordPressExactmetrics – Google ...8.8HIGHStored Cross-Site Scripting in Responsive Contact Form Builder & Lead Generation Plugin for WordPress
CVE-2026-1454WordPressLead Form Builder & Co...7.2HIGHInsecure Direct Object Reference in Happy Addons for Elementor Plugin by WordPress
CVE-2026-2917WordPressHappy Addons For Eleme...5.4MEDIUMCross-Site Request Forgery Vulnerability in Modular DS Plugin for WordPress
CVE-2026-3903WordPressModular Ds: Monitor, U...4.3MEDIUMBlind SQL Injection Vulnerability in Simply Schedule Appointments Booking Plugin for WordPress
CVE-2026-1708WordPressAppointment Booking Ca...7.5HIGHInsecure Direct Object Reference in Happy Addons for Elementor Plugin by WordPress
CVE-2026-2918WordPressHappy Addons For Eleme...6.4MEDIUMStored Cross-Site Scripting in Astra Theme for WordPress
CVE-2026-3534WordPressAstra6.4MEDIUMUnauthenticated Modification Vulnerability in Datalogics Ecommerce Delivery WordPress Plugin
CVE-2026-2631WordPressDatalogics Ecommerce D...👾🟡Unauthorized Access and PHP Object Injection in Divi-Booster Plugin
CVE-2026-2626WordPressDivi-booster👾🟡Reflected Cross-Site Scripting Vulnerability in DukaPress WordPress Plugin
CVE-2026-2466WordPressDukapress👾🟡Data Exposure in WordPress Plugin for Guest Posting
CVE-2026-1867WordPressGuest Posting / Fronte...👾🟡Vulnerability in Gutena Forms Plugin Allows Unauthorized Changes
CVE-2026-1753WordPressGutena Forms👾🟡Stored Cross-Site Scripting Vulnerability in weForms Plugin for WordPress
CVE-2026-2707WordPressWeforms – Easy Drag & ...6.4MEDIUMSQL Injection Vulnerability in WP Maps Plugin for WordPress
CVE-2026-3222WordPressWP Maps – Store Locato...7.5HIGHStored Cross-Site Scripting Vulnerability in WP ULike Plugin for WordPress
CVE-2026-2358WordPressWP Ulike – Like & Disl...6.4MEDIUMArbitrary File Upload Vulnerability in Royal Addons for Elementor Plugin by WordPress
CVE-2025-13067WordPressRoyal Addons For Eleme...8.8HIGHSQL Injection Vulnerability in Ally – Web Accessibility & Usability Plugin for WordPress
CVE-2026-2413WordPressAlly – Web Accessibili...7.5HIGHInsecure Direct Object Reference in ProfilePress Plugin by WordPress
CVE-2026-3453WordPressPaid Membership Plugin...8.1HIGHReflected Cross-Site Scripting Vulnerability in RTMKit Plugin for WordPress
CVE-2025-12473WordPressRtmkit6.1MEDIUMCross-Site Request Forgery Vulnerability in LatePoint Calendar Booking Plugin for WordPress
CVE-2026-2324WordPressLatepoint – Calendar B...6.1MEDIUMMissing Authorization in Mailchimp for WordPress Plugin by WordPress
CVE-2026-1781WordPressMc4WP: Mailchimp For W...6.5MEDIUM