Filtered by vendor Wordpress
Subscriptions
Filtered by product Wordpress
Subscriptions
Total
6635 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-62957 | 3 Nikanwp, Woocommerce, Wordpress | 3 Woocommerce Reporting, Woocommerce, Wordpress | 2025-10-28 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in NikanWP NikanWP WooCommerce Reporting wc-reports-lite allows Stored XSS.This issue affects NikanWP WooCommerce Reporting: from n/a through <= 1.0.0. | ||||
| CVE-2025-62956 | 1 Wordpress | 1 Wordpress | 2025-10-28 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in iseremet Reloadly reloadly-topup-widget allows Stored XSS.This issue affects Reloadly: from n/a through <= 2.0.1. | ||||
| CVE-2025-62954 | 2 Revive, Wordpress | 2 Revive Old Posts, Wordpress | 2025-10-28 | 8.8 High |
| Missing Authorization vulnerability in Codeinwp Revive Old Posts tweet-old-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Revive Old Posts: from n/a through <= 9.3.3. | ||||
| CVE-2025-62953 | 2 Welcart, Wordpress | 2 E-commerce, Wordpress | 2025-10-28 | 8.8 High |
| Missing Authorization vulnerability in nanbu Welcart e-Commerce usc-e-shop allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Welcart e-Commerce: from n/a through <= 2.11.24. | ||||
| CVE-2025-62952 | 2 Quantumcloud, Wordpress | 2 Chatbot, Wordpress | 2025-10-28 | 8.8 High |
| Missing Authorization vulnerability in QuantumCloud ChatBot chatbot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ChatBot: from n/a through <= 7.3.0. | ||||
| CVE-2025-62947 | 1 Wordpress | 1 Wordpress | 2025-10-28 | 7.5 High |
| Insertion of Sensitive Information Into Sent Data vulnerability in publitio Publitio publitio allows Retrieve Embedded Sensitive Data.This issue affects Publitio: from n/a through <= 2.2.3. | ||||
| CVE-2025-62946 | 2 Everestthemes, Wordpress | 2 Everest Backup, Wordpress | 2025-10-28 | 8.8 High |
| Missing Authorization vulnerability in everestthemes Everest Backup everest-backup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Everest Backup: from n/a through <= 2.3.8. | ||||
| CVE-2025-62945 | 2 Eduard Pinuaga Linares, Wordpress | 2 Did Prestashop Display, Wordpress | 2025-10-28 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Eduard Pinuaga Linares Did Prestashop Display did-prestashop-display allows Stored XSS.This issue affects Did Prestashop Display: from n/a through <= 1.0.30. | ||||
| CVE-2025-62944 | 1 Wordpress | 1 Wordpress | 2025-10-28 | 9.8 Critical |
| Missing Authorization vulnerability in Mark O'Donnell MSTW CSV EXPORTER mstw-csv-exporter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MSTW CSV EXPORTER: from n/a through <= 1.4. | ||||
| CVE-2025-62943 | 2 Matt Mcinvale, Wordpress | 2 Next Page, Wordpress | 2025-10-28 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matt McInvale Next Page, Not Next Post next-page-not-next-post allows Stored XSS.This issue affects Next Page, Not Next Post: from n/a through <= 0.3.0. | ||||
| CVE-2025-62942 | 2 Tempranova, Wordpress | 2 Wp Mapbox Gl Js Maps, Wordpress | 2025-10-28 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tempranova WP Mapbox GL JS Maps wp-mapbox-gl-js allows Stored XSS.This issue affects WP Mapbox GL JS Maps: from n/a through <= 3.0.1. | ||||
| CVE-2025-62941 | 1 Wordpress | 1 Wordpress | 2025-10-28 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dFactory Events Maker by dFactory events-maker allows Stored XSS.This issue affects Events Maker by dFactory: from n/a through <= 1.6.14. | ||||
| CVE-2025-62940 | 1 Wordpress | 1 Wordpress | 2025-10-28 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nick Diego Blox Lite blox-lite allows Stored XSS.This issue affects Blox Lite: from n/a through <= 1.2.8. | ||||
| CVE-2025-62939 | 1 Wordpress | 1 Wordpress | 2025-10-28 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Joe Open Currency Converter artiss-currency-converter allows Stored XSS.This issue affects Open Currency Converter: from n/a through <= 1.5.0. | ||||
| CVE-2025-62938 | 2 Reoon Technology, Wordpress | 2 Reoon Email Verifier, Wordpress | 2025-10-28 | 8.1 High |
| Missing Authorization vulnerability in Reoon Technology Reoon Email Verifier reoon-email-verifier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Reoon Email Verifier: from n/a through <= 2.0.1. | ||||
| CVE-2025-62937 | 2 Johnny, Wordpress | 2 Post List Featured Image, Wordpress | 2025-10-28 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Johnny Post List Featured Image post-list-featured-image allows Stored XSS.This issue affects Post List Featured Image: from n/a through <= 0.5.9. | ||||
| CVE-2025-62936 | 1 Wordpress | 1 Wordpress | 2025-10-28 | 6.1 Medium |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Jthemes xSmart xsmart allows Code Injection.This issue affects xSmart: from n/a through <= 1.2.9.4. | ||||
| CVE-2025-62935 | 3 Ilmosys, Woocommerce, Wordpress | 3 Open Close Woocommerce Store, Woocommerce, Wordpress | 2025-10-28 | 8.1 High |
| Missing Authorization vulnerability in ilmosys Open Close WooCommerce Store woc-open-close allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Open Close WooCommerce Store: from n/a through <= 4.9.8. | ||||
| CVE-2025-62934 | 1 Wordpress | 1 Wordpress | 2025-10-28 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Mejar WP Business Hours wp-business-hours allows Stored XSS.This issue affects WP Business Hours: from n/a through <= 1.4. | ||||
| CVE-2025-62933 | 1 Wordpress | 1 Wordpress | 2025-10-28 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Prakash Awesome Testimonials awesome-testimonials allows Stored XSS.This issue affects Awesome Testimonials: from n/a through <= 2.2.1. | ||||