Filtered by vendor Wordpress Subscriptions
Filtered by product Wordpress Subscriptions

Search

Switch to Advanced Search (Beta)
Total 9592 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-62050 1 Wordpress 1 Wordpress 2026-01-27 9.9 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in blazethemes Blogmatic blogmatic.This issue affects Blogmatic: from n/a through <= 1.0.3.
CVE-2025-50004 2 Artbees, Wordpress 2 Jupiter X Core, Wordpress 2026-01-27 8.5 High
Deserialization of Untrusted Data vulnerability in artbees JupiterX Core jupiterx-core allows Object Injection.This issue affects JupiterX Core: from n/a through <= 4.10.1.
CVE-2025-49050 1 Wordpress 1 Wordpress 2026-01-27 8.8 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in kamleshyadav WP Lead Capturing Pages wp-lead-capture allows Blind SQL Injection.This issue affects WP Lead Capturing Pages: from n/a through <= 2.5.
CVE-2025-49049 1 Wordpress 1 Wordpress 2026-01-27 8.8 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ZoomIt DZS Video Gallery dzs-videogallery allows SQL Injection.This issue affects DZS Video Gallery: from n/a through <= 12.37.
CVE-2025-58898 2 Ancorathemes, Wordpress 2 Healthhub, Wordpress 2026-01-27 8.2 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes HealthHub healthhub allows PHP Local File Inclusion.This issue affects HealthHub: from n/a through <= 1.3.0.
CVE-2025-58929 2 Axiomthemes, Wordpress 2 Pantry, Wordpress 2026-01-27 8.2 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Pantry pantry allows PHP Local File Inclusion.This issue affects Pantry: from n/a through <= 1.4.
CVE-2025-58930 2 Axiomthemes, Wordpress 2 Fitflex, Wordpress 2026-01-27 8.2 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes FitFlex fitflex allows PHP Local File Inclusion.This issue affects FitFlex: from n/a through <= 1.6.
CVE-2025-58931 2 Axiomthemes, Wordpress 2 Palatio, Wordpress 2026-01-27 8.2 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Palatio palatio allows PHP Local File Inclusion.This issue affects Palatio: from n/a through <= 1.6.
CVE-2025-58932 2 Axiomthemes, Wordpress 2 Prisma, Wordpress 2026-01-27 8.2 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Prisma prisma allows PHP Local File Inclusion.This issue affects Prisma: from n/a through <= 1.10.
CVE-2025-58938 2 Themeatelier, Wordpress 2 Idonate, Wordpress 2026-01-27 7.6 High
Missing Authorization vulnerability in ThemeAtelier IDonatePro idonate-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IDonatePro: from n/a through <= 2.1.9.
CVE-2025-58940 2 Axiomthemes, Wordpress 2 Basil, Wordpress 2026-01-27 8.2 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Basil basil allows PHP Local File Inclusion.This issue affects Basil: from n/a through <= 1.3.12.
CVE-2025-58941 2 Axiomthemes, Wordpress 2 Fabric, Wordpress 2026-01-27 8.2 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Fabric fabric allows PHP Local File Inclusion.This issue affects Fabric: from n/a through <= 1.5.0.
CVE-2025-58942 2 Axiomthemes, Wordpress 2 Dwell, Wordpress 2026-01-27 8.2 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Dwell dwell allows PHP Local File Inclusion.This issue affects Dwell: from n/a through <= 1.7.0.
CVE-2025-58943 2 Axiomthemes, Wordpress 2 Agricola, Wordpress 2026-01-27 8.2 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Agricola agricola allows PHP Local File Inclusion.This issue affects Agricola: from n/a through <= 1.1.0.
CVE-2025-58944 2 Axiomthemes, Wordpress 2 Manufactory, Wordpress 2026-01-27 8.2 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Manufactory manufactory allows PHP Local File Inclusion.This issue affects Manufactory: from n/a through <= 1.4.
CVE-2025-14973 1 Wordpress 1 Wordpress 2026-01-27 6.8 Medium
The Recipe Card Blocks Lite WordPress plugin before 3.4.13 does not sanitize and escape a parameter before using it in a SQL statement, allowing contributors and above to perform SQL injection attacks.
CVE-2026-24536 2 Webpushr, Wordpress 2 Web Push Notifications, Wordpress 2026-01-26 7.5 High
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in webpushr Webpushr webpushr-web-push-notifications allows Retrieve Embedded Sensitive Data.This issue affects Webpushr: from n/a through <= 4.38.0.
CVE-2026-24534 1 Wordpress 1 Wordpress 2026-01-26 8.8 High
Missing Authorization vulnerability in uPress Booter booter-bots-crawlers-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booter: from n/a through <= 1.5.7.
CVE-2026-24532 1 Wordpress 1 Wordpress 2026-01-26 8.8 High
Missing Authorization vulnerability in SiteLock SiteLock Security sitelock allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SiteLock Security: from n/a through <= 5.0.2.
CVE-2026-24531 1 Wordpress 1 Wordpress 2026-01-26 9.8 Critical
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Prowess prowess allows PHP Local File Inclusion.This issue affects Prowess: from n/a through <= 2.3.