WordPress Updater Vulnerabilities
Wordpress Updater vulnerabilities.
Vulnerability Published:
๐๏ธ Published
- Anytime
Sort By:
๐๏ธ Published Date
- Descending
Unauthorized Data Modification in Email Notifications for Updates Plugin by WordPress
CVE-2025-2933WordPressEmail Notifications Fo...8.8HIGHCross-site Scripting Vulnerability in Status Updater by devu
CVE-2025-25124WordPressStatus Updater7.1HIGHCross-site Scripting Vulnerability in Woo Update Variations In Cart by NotFound
CVE-2025-23829WordPressWoo Update Variations ...6.5MEDIUMReflected XSS Vulnerability in Browser-Update-Notify Plugin by NotFound
CVE-2025-23490WordPressBrowser-update-notify7.1HIGHCross-Site Request Forgery Vulnerability in Disable Auto Updates Plugin for WordPress
CVE-2024-13336WordPressDisable Auto Updates4.3MEDIUMCross-Site Scripting Vulnerability in Irshad Services Customer Update Plugin
CVE-2024-56034WordPressServices Updates For C...7.1HIGHWordPress Comment Blacklist Updater plugin <= 1.1.0 - Broken Access Control vulnerability
CVE-2023-44147WordPressComment Blacklist Updater5.3MEDIUMLocal File Inclusion Vulnerability in WP Umbrella Plugin for WordPress
CVE-2024-12209WordpressWP Umbrella: Update Ba...๐พ๐กEPSS 85%9.8CRITICALFull Path Disclosure Vulnerability Affects No Update Nag Plugin for WordPress
CVE-2024-7412WordpressNo Update Nag5.3MEDIUMMissing Authorization Vulnerability Affects MJ Update History
CVE-2024-35671WordPressMj Update History4.3MEDIUMReflected XSS Vulnerability in MJ Update History
CVE-2024-32543WordPressMj Update History7.1HIGHStored Cross-Site Scripting Vulnerability in Live Updates from Excel Plugin for WordPress
CVE-2023-5116WordPressLive Updates From Excel6.4MEDIUMWordPress Block Plugin Update Plugin <= 3.3 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-44261WordPressBlock Plugin Update8.8HIGHWordPress Update Theme and Plugins from Zip File Plugin <= 2.0.0 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-25489WordPressUpdate Theme And Plugi...4.3MEDIUMWordPress Disable WordPress Update Notifications Plugin <= 2.3.3 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-34029WordPressDisable WordPress Upda...4.3MEDIUMWordPress Update Image Tag Alt Attribute Plugin <= 2.4.5 is vulnerable to Cross Site Scripting (XSS)
CVE-2023-27455WordPressUpdate Image Tag Alt A...6.1MEDIUMReflected Cross-Site Scripting Vulnerability in Woo Bulk Price Update Plugin by WordPress
CVE-2023-28665WordpressWoo Bulk Price Update ...EPSS 16%5.4MEDIUMEasy Username Updater < 1.0.5 - Arbitrary Username Update via CSRF
CVE-2022-2355WordpressEasy Username Updater6.5MEDIUMLinkedIn Company Updates <= 1.5.3 - Admin+ Stored Cross-Site Scripting
CVE-2022-2148WordpressLinkedin Company Updates4.8MEDIUMOne Click Plugin Updater <= 2.4.14 - Arbitrary Settings Update via CSRF
CVE-2022-1791WordpressOne Click Plugin Updater8.1HIGHInsufficient Option Restrictions in Stops Core Theme and Plugin Updates for WordPress
CVE-2019-15650WordpressEasy Updates Manager4.3MEDIUMMultiple XSS Vulnerabilities in Updater Plugin for WordPress
CVE-2017-18565WordpressUpdater6.1MEDIUMCross-Site Request Forgery in Companion Auto Update Plugin for WordPress
CVE-2018-20972WordpressCompanion Auto Update8.8HIGHLocal File Inclusion Vulnerability in Companion Auto Update Plugin by WordPress
CVE-2018-20973WordpressCompanion Auto Update9.8CRITICALCross-Site Scripting Vulnerability in Multiple WordPress Plugins by BestWebSoft
CVE-2017-2171WordPressCaptcha6.1MEDIUM