Export limit exceeded: 11922 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (11922 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-25445 | 2 Membershipsoftware, Wordpress | 2 Wishlist Member X, Wordpress | 2026-03-20 | 8.8 High |
| Deserialization of Untrusted Data vulnerability in Membership Software WishList Member X allows Object Injection.This issue affects WishList Member X: from n/a through 3.29.0. | ||||
| CVE-2026-27070 | 2 Wordpress, Wpeverest | 2 Wordpress, Everest Forms | 2026-03-20 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPEverest Everest Forms Pro allows Stored XSS.This issue affects Everest Forms Pro: from n/a through 1.9.10. | ||||
| CVE-2023-47663 | 1 Wordpress | 1 Wordpress | 2026-03-18 | N/A |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2025-8280 | 2 Iambriansreed, Wordpress | 2 Contact Form 7 Recaptcha, Wordpress | 2026-03-16 | 5.8 Medium |
| The Contact Form 7 reCAPTCHA WordPress plugin through 1.2.0 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers. | ||||
| CVE-2026-22850 | 2 Ibericode, Wordpress | 2 Koko Analytics, Wordpress | 2026-03-09 | 8.4 High |
| Koko Analytics is an open-source analytics plugin for WordPress. Versions prior to 2.1.3 are vulnerable to arbitrary SQL execution through unescaped analytics export/import and permissive admin SQL import. Unauthenticated visitors can submit arbitrary path (`pa`) and referrer (`r`) values to the public tracking endpoint in src/Resources/functions/collect.php, which stores those strings verbatim in the analytics tables. The admin export logic in src/Admin/Data_Export.php writes these stored values directly into SQL INSERT statements without escaping. A crafted path such as "),('999','x');DROP TABLE wp_users;-- breaks out of the value list. When an administrator later imports that export file, the import handler in src/Admin/Data_Import.php reads the uploaded SQL with file_get_contents, performs only a superficial header check, splits on semicolons, and executes each statement via $wpdb->query with no validation of table names or statement types. Additionally, any authenticated user with manage_koko_analytics can upload an arbitrary .sql file and have it executed in the same permissive way. Combined, attacker-controlled input flows from the tracking endpoint into exported SQL and through the import execution sink, or directly via malicious uploads, enabling arbitrary SQL execution. In a worst-case scenario, attackers can achieve arbitrary SQL execution on the WordPress database, allowing deletion of core tables (e.g., wp_users), insertion of backdoor administrator accounts, or other destructive/privilege-escalating actions. Version 2.1.3 patches the issue. | ||||
| CVE-2026-3589 | 2 Automattic, Wordpress | 2 Woocommerce, Wordpress | 2026-03-09 | 7.5 High |
| The WooCommerce WordPress plugin from versions 5.4.0 to 10.5.2 does not properly handle batch requests, which could allow unauthenticated users to make a logged in admin call non store/WC REST endpoints, and create arbitrary admin users via a CSRF attack for example. | ||||
| CVE-2026-2446 | 2 Powerpackelements, Wordpress | 2 Powerpack For Learndash, Wordpress | 2026-03-09 | 9.8 Critical |
| The PowerPack for LearnDash WordPress plugin before 1.3.0 does not have authorization and CRSF checks in an AJAX action, allowing unauthenticated users to update arbitrary WordPress options (such as default_role etc) and create arbitrary admin users | ||||
| CVE-2026-28106 | 2 Kings Plugins, Wordpress | 2 B2bking Premium, Wordpress | 2026-03-09 | 4.7 Medium |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Kings Plugins B2BKing Premium allows Phishing.This issue affects B2BKing Premium: from n/a before 5.4.20. | ||||
| CVE-2024-35644 | 2 Pascal Birchler, Wordpress | 2 Preferred Languages, Wordpress | 2026-03-09 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Pascal Birchler Preferred Languages allows DOM-Based XSS.This issue affects Preferred Languages: from n/a through 2.2.2. | ||||
| CVE-2020-36875 | 2 Accessally, Wordpress | 3 Accessally, Popupally, Wordpress | 2026-03-05 | N/A |
| AccessAlly WordPress plugin versions prior to 3.3.2 contain an unauthenticated arbitrary PHP code execution vulnerability in the Login Widget. The plugin processes the login_error parameter as PHP code, allowing an attacker to supply and execute arbitrary PHP in the context of the WordPress web server process, resulting in remote code execution. | ||||
| CVE-2024-10938 | 2 Moneytigo, Wordpress | 2 Ovri Payment, Wordpress | 2026-02-27 | 6.5 Medium |
| The OVRI Payment plugin for WordPress contains malicious .htaccess files in version 1.7.0. The files contain directives to prevent the execution of certain scripts while allowing execution of known malicious PHP files. If moved outside of the plugin's directory, they may interfere with the proper function of a site. | ||||
| CVE-2026-27938 | 2 Wordpress, Wpgraphql | 2 Wordpress, Wpgraphql | 2026-02-27 | 7.7 High |
| WPGraphQL provides a GraphQL API for WordPress sites. Prior to version 2.9.1, the `wp-graphql/wp-graphql` repository contains a GitHub Actions workflow (`release.yml`) vulnerable to OS command injection through direct use of `${{ github.event.pull_request.body }}` inside a `run:` shell block. When a pull request from `develop` to `master` is merged, the PR body is injected verbatim into a shell command, allowing arbitrary command execution on the Actions runner. Version 2.9.1 contains a fix for the vulnerability. | ||||
| CVE-2025-15386 | 2 Dfactory, Wordpress | 2 Responsive Lightbox & Gallery, Wordpress | 2026-02-25 | 8.8 High |
| The Responsive Lightbox & Gallery WordPress plugin before 2.6.1 is vulnerable to an Unauthenticated Stored-XSS attack due to flawed regex replacement rules that can be abused by posting a comment with a malicious link when lightbox for comments are enabled and then approved. | ||||
| CVE-2026-25412 | 2 Mdempfle, Wordpress | 2 Advanced Iframe, Wordpress | 2026-02-24 | N/A |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2025-7808 | 2 Fahadmahmood, Wordpress | 2 External Store For Shopify, Wordpress | 2026-02-20 | 6.1 Medium |
| The WP Shopify WordPress plugin before 1.5.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin | ||||
| CVE-2025-12821 | 2 Spicethemes, Wordpress | 2 Newsblogger, Wordpress | 2026-02-19 | 8.8 High |
| The NewsBlogger theme for WordPress is vulnerable to Cross-Site Request Forgery in versions 0.2.5.6 to 0.2.6.1. This is due to missing or incorrect nonce validation on the newsblogger_install_and_activate_plugin() function. This makes it possible for unauthenticated attackers to upload arbitrary files and achieve remote code execution via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. This is due to a reverted fix of CVE-2025-1305. | ||||
| CVE-2025-12845 | 2 Essekia, Wordpress | 2 Tablesome Table – Contact Form Db – Wpforms, Cf7, Gravity, Forminator, Fluent, Wordpress | 2026-02-19 | 8.8 High |
| The Tablesome Table – Contact Form DB – WPForms, CF7, Gravity, Forminator, Fluent plugin for WordPress is vulnerable to unauthorized access of data that leads to privilege escalation due to a missing capability check on the get_table_data() function in versions 0.5.4 to 1.2.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to retrieve plugin table data that can expose email log information. Attackers can leverage this on sites where the table log is enabled in order to trigger a password reset and obtain the reset key. | ||||
| CVE-2025-15041 | 2 Wordpress, Wp Media | 2 Wordpress, Backwpup – Wordpress Backup & Restore Plugin | 2026-02-19 | 7.2 High |
| The BackWPup – WordPress Backup & Restore Plugin plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the save_site_option() function in all versions up to, and including, 5.6.2. This makes it possible for authenticated attackers, with level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site. | ||||
| CVE-2025-4521 | 2 Themeatelier, Wordpress | 2 Idonate – Blood Donation, Request And Donor Management System, Wordpress | 2026-02-19 | 8.8 High |
| The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the idonate_donor_profile() function in versions 2.1.5 to 2.1.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to hijack any account by reassigning its email address (via the donor_id they supply) and then triggering a password reset, ultimately granting themselves full administrator privileges. | ||||
| CVE-2022-41650 | 2 Paul, Wordpress | 2 Custom Content By Country (by Shield Security), Wordpress | 2026-02-18 | 6.5 Medium |
| Missing Authorization vulnerability in Paul Custom Content by Country (by Shield Security) custom-content-by-country.This issue affects Custom Content by Country (by Shield Security): from n/a through 3.1.2. | ||||