Filtered by vendor Wordpress Subscriptions

Search

Switch to Advanced Search (Beta)
Total 10428 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2026-24535 2 Webdevstudios, Wordpress 2 Automatic Featured Images From Videos, Wordpress 2026-01-26 4.3 Medium
Missing Authorization vulnerability in webdevstudios Automatic Featured Images from Videos automatic-featured-images-from-videos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Automatic Featured Images from Videos: from n/a through <= 1.2.7.
CVE-2026-22466 2 Chandnipatel, Wordpress 2 Wp Mapit, Wordpress 2026-01-26 4.3 Medium
Missing Authorization vulnerability in Chandni Patel WP MapIt wp-mapit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP MapIt: from n/a through <= 3.0.3.
CVE-2026-22464 2 Wordpress, Wphocus 2 Wordpress, My Auctions Allegro 2026-01-26 7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in wphocus My auctions allegro my-auctions-allegro-free-edition allows PHP Local File Inclusion.This issue affects My auctions allegro: from n/a through <= 3.6.33.
CVE-2026-24551 1 Wordpress 1 Wordpress 2026-01-26 5.4 Medium
Missing Authorization vulnerability in monetagwp Monetag Official Plugin monetag-official allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Monetag Official Plugin: from n/a through <= 1.1.3.
CVE-2026-24548 1 Wordpress 1 Wordpress 2026-01-26 5.3 Medium
Server-Side Request Forgery (SSRF) vulnerability in Prince Radio Player radio-player allows Server Side Request Forgery.This issue affects Radio Player: from n/a through <= 2.0.91.
CVE-2026-24380 2 Metagauss, Wordpress 2 Eventprime, Wordpress 2026-01-26 8.8 High
Missing Authorization vulnerability in Metagauss EventPrime eventprime-event-calendar-management allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EventPrime: from n/a through <= 4.2.8.0.
CVE-2026-24379 2 Wordpress, Wpjobportal 2 Wordpress, Wp Job Portal 2026-01-26 9.1 Critical
Authorization Bypass Through User-Controlled Key vulnerability in wpjobportal WP Job Portal wp-job-portal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Portal: from n/a through <= 2.4.3.
CVE-2026-24377 2 Posimyth, Wordpress 2 Nexter Blocks, Wordpress 2026-01-26 7.5 High
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Retrieve Embedded Sensitive Data.This issue affects Nexter Blocks: from n/a through <= 4.6.3.
CVE-2026-24371 2 Booking Algorithms, Wordpress 2 Ba Book Everything, Wordpress 2026-01-26 9.8 Critical
Missing Authorization vulnerability in bookingalgorithms BA Book Everything ba-book-everything allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BA Book Everything: from n/a through <= 1.8.16.
CVE-2026-24368 1 Wordpress 1 Wordpress 2026-01-26 8.8 High
Missing Authorization vulnerability in Theme-one The Grid the-grid allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Grid: from n/a through < 2.8.0.
CVE-2026-24358 2 Expresstech, Wordpress 2 Quiz And Survey Master, Wordpress 2026-01-26 8.8 High
Missing Authorization vulnerability in ExpressTech Systems Quiz And Survey Master quiz-master-next allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quiz And Survey Master: from n/a through <= 10.3.3.
CVE-2026-24357 1 Wordpress 1 Wordpress 2026-01-26 8.1 High
Missing Authorization vulnerability in Brecht WP Recipe Maker wp-recipe-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Recipe Maker: from n/a through <= 10.2.4.
CVE-2026-24356 1 Wordpress 1 Wordpress 2026-01-26 8.8 High
Missing Authorization vulnerability in Roxnor GetGenie getgenie allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GetGenie: from n/a through <= 4.3.0.
CVE-2026-24353 2 Wordpress, Wpeverest 2 Wordpress, User Registration 2026-01-26 8.1 High
Missing Authorization vulnerability in wpeverest User Registration user-registration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Registration: from n/a through <= 4.4.9.
CVE-2026-23978 1 Wordpress 1 Wordpress 2026-01-26 9.8 Critical
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Softwebmedia Gyan Elements gyan-elements allows PHP Local File Inclusion.This issue affects Gyan Elements: from n/a through <= 2.2.1.
CVE-2026-23975 2 Uxper, Wordpress 2 Golo, Wordpress 2026-01-26 9.8 Critical
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in uxper Golo golo allows PHP Local File Inclusion.This issue affects Golo: from n/a through < 1.7.5.
CVE-2026-23974 2 Uxper, Wordpress 2 Golo, Wordpress 2026-01-26 8.8 High
Missing Authorization vulnerability in uxper Golo golo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Golo: from n/a through < 1.7.5.
CVE-2026-22482 2 Wbolt, Wordpress 2 Imgspider, Wordpress 2026-01-26 9.1 Critical
Server-Side Request Forgery (SSRF) vulnerability in wbolt.com IMGspider imgspider allows Server Side Request Forgery.This issue affects IMGspider: from n/a through <= 2.3.12.
CVE-2026-22472 1 Wordpress 1 Wordpress 2026-01-26 8.8 High
Missing Authorization vulnerability in hassantafreshi Easy Form Builder easy-form-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Form Builder: from n/a through <= 3.9.6.
CVE-2025-27005 1 Wordpress 1 Wordpress 2026-01-26 6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup HTML5 Video Player lbg-vp2-html5-bottom allows Reflected XSS.This issue affects HTML5 Video Player: from n/a through <= 5.3.5.