Filtered by vendor Wordpress
Subscriptions
Filtered by product Wordpress
Subscriptions
Total
9592 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-24579 | 2 Wordpress, Wpmessiah | 2 Wordpress, Ai Image Alt Text Generator For Wp | 2026-01-26 | 4.3 Medium |
| Missing Authorization vulnerability in WP Messiah Ai Image Alt Text Generator for WP ai-image-alt-text-generator-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ai Image Alt Text Generator for WP: from n/a through <= 1.1.9. | ||||
| CVE-2026-24578 | 1 Wordpress | 1 Wordpress | 2026-01-26 | 4.3 Medium |
| Missing Authorization vulnerability in Jahid Hasan Admin login URL Change admin-login-url-change allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Admin login URL Change: from n/a through <= 1.1.5. | ||||
| CVE-2026-24571 | 1 Wordpress | 1 Wordpress | 2026-01-26 | 4.3 Medium |
| Missing Authorization vulnerability in boxnow BOX NOW Delivery box-now-delivery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BOX NOW Delivery: from n/a through <= 3.0.2. | ||||
| CVE-2026-24570 | 2 Wisdmlabs, Wordpress | 2 Edwiser Bridge, Wordpress | 2026-01-26 | 5.4 Medium |
| Missing Authorization vulnerability in WisdmLabs Edwiser Bridge edwiser-bridge allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Edwiser Bridge: from n/a through <= 4.3.2. | ||||
| CVE-2026-24569 | 2 Sully, Wordpress | 2 Media Library File Size, Wordpress | 2026-01-26 | 4.3 Medium |
| Missing Authorization vulnerability in Sully Media Library File Size media-library-file-size allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Media Library File Size: from n/a through <= 1.6.7. | ||||
| CVE-2026-24568 | 2 Wordpress, Wptravelengine | 2 Wordpress, Wp Travel Engine | 2026-01-26 | 5.3 Medium |
| Missing Authorization vulnerability in WP Travel WP Travel wp-travel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Travel: from n/a through <= 11.0.0. | ||||
| CVE-2026-24564 | 2 Textmetrics, Wordpress | 2 Textmetrics, Wordpress | 2026-01-26 | 4.3 Medium |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Israpil Textmetrics webtexttool allows Code Injection.This issue affects Textmetrics: from n/a through <= 3.6.3. | ||||
| CVE-2026-24556 | 1 Wordpress | 1 Wordpress | 2026-01-26 | 5.3 Medium |
| Missing Authorization vulnerability in wpdive ElementCamp element-camp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ElementCamp: from n/a through <= 2.3.2. | ||||
| CVE-2026-24538 | 2 Omnipressteam, Wordpress | 2 Omnipress, Wordpress | 2026-01-26 | 7.6 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in omnipressteam Omnipress omnipress allows PHP Local File Inclusion.This issue affects Omnipress: from n/a through <= 1.6.6. | ||||
| CVE-2026-24535 | 2 Webdevstudios, Wordpress | 2 Automatic Featured Images From Videos, Wordpress | 2026-01-26 | 4.3 Medium |
| Missing Authorization vulnerability in webdevstudios Automatic Featured Images from Videos automatic-featured-images-from-videos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Automatic Featured Images from Videos: from n/a through <= 1.2.7. | ||||
| CVE-2026-22466 | 2 Chandnipatel, Wordpress | 2 Wp Mapit, Wordpress | 2026-01-26 | 4.3 Medium |
| Missing Authorization vulnerability in Chandni Patel WP MapIt wp-mapit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP MapIt: from n/a through <= 3.0.3. | ||||
| CVE-2026-22464 | 2 Wordpress, Wphocus | 2 Wordpress, My Auctions Allegro | 2026-01-26 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in wphocus My auctions allegro my-auctions-allegro-free-edition allows PHP Local File Inclusion.This issue affects My auctions allegro: from n/a through <= 3.6.33. | ||||
| CVE-2026-24551 | 1 Wordpress | 1 Wordpress | 2026-01-26 | 5.4 Medium |
| Missing Authorization vulnerability in monetagwp Monetag Official Plugin monetag-official allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Monetag Official Plugin: from n/a through <= 1.1.3. | ||||
| CVE-2026-24548 | 1 Wordpress | 1 Wordpress | 2026-01-26 | 5.3 Medium |
| Server-Side Request Forgery (SSRF) vulnerability in Prince Radio Player radio-player allows Server Side Request Forgery.This issue affects Radio Player: from n/a through <= 2.0.91. | ||||
| CVE-2026-24380 | 2 Metagauss, Wordpress | 2 Eventprime, Wordpress | 2026-01-26 | 8.8 High |
| Missing Authorization vulnerability in Metagauss EventPrime eventprime-event-calendar-management allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EventPrime: from n/a through <= 4.2.8.0. | ||||
| CVE-2026-24379 | 2 Wordpress, Wpjobportal | 2 Wordpress, Wp Job Portal | 2026-01-26 | 9.1 Critical |
| Authorization Bypass Through User-Controlled Key vulnerability in wpjobportal WP Job Portal wp-job-portal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Portal: from n/a through <= 2.4.3. | ||||
| CVE-2026-24377 | 2 Posimyth, Wordpress | 2 Nexter Blocks, Wordpress | 2026-01-26 | 7.5 High |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Retrieve Embedded Sensitive Data.This issue affects Nexter Blocks: from n/a through <= 4.6.3. | ||||
| CVE-2026-24371 | 2 Booking Algorithms, Wordpress | 2 Ba Book Everything, Wordpress | 2026-01-26 | 9.8 Critical |
| Missing Authorization vulnerability in bookingalgorithms BA Book Everything ba-book-everything allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BA Book Everything: from n/a through <= 1.8.16. | ||||
| CVE-2026-24368 | 1 Wordpress | 1 Wordpress | 2026-01-26 | 8.8 High |
| Missing Authorization vulnerability in Theme-one The Grid the-grid allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Grid: from n/a through < 2.8.0. | ||||
| CVE-2026-24358 | 2 Expresstech, Wordpress | 2 Quiz And Survey Master, Wordpress | 2026-01-26 | 8.8 High |
| Missing Authorization vulnerability in ExpressTech Systems Quiz And Survey Master quiz-master-next allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quiz And Survey Master: from n/a through <= 10.3.3. | ||||