Filtered by vendor Wordpress Subscriptions

Search

Switch to Advanced Search (Beta)
Total 9450 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-69098 2 Wordpress, Wpwave 2 Wordpress, Hide My Wp 2026-01-23 6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpWave Hide My WP hide_my_wp allows Reflected XSS.This issue affects Hide My WP: from n/a through <= 6.2.12.
CVE-2025-32660 2 Joomsky, Wordpress 2 Js Job Manager, Wordpress 2026-01-23 10 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in JoomSky JS Job Manager allows Upload a Web Shell to a Web Server. This issue affects JS Job Manager: from n/a through 2.0.2.
CVE-2023-47762 2 Wordpress, Wpdeveloper 2 Wordpress, Betterdocs 2026-01-23 4.3 Medium
Missing Authorization vulnerability in WPDeveloper BetterDocs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BetterDocs: from n/a through 2.5.2.
CVE-2025-69039 1 Wordpress 1 Wordpress 2026-01-23 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in goalthemes Bailly bailly allows PHP Local File Inclusion.This issue affects Bailly: from n/a through <= 1.3.4.
CVE-2025-30880 2 Joomsky, Wordpress 2 Js Help Desk, Wordpress 2026-01-23 7.5 High
Missing Authorization vulnerability in JoomSky JS Help Desk allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects JS Help Desk: from n/a through 2.9.2.
CVE-2025-30882 2 Joomsky, Wordpress 2 Js Help Desk, Wordpress 2026-01-23 7.5 High
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in JoomSky JS Help Desk allows Path Traversal. This issue affects JS Help Desk: from n/a through 2.9.1.
CVE-2025-30901 2 Joomsky, Wordpress 2 Js Help Desk, Wordpress 2026-01-23 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in JoomSky JS Help Desk allows PHP Local File Inclusion. This issue affects JS Help Desk: from n/a through 2.9.2.
CVE-2025-31867 2 Joomsky, Wordpress 2 Js Job Manager, Wordpress 2026-01-23 5.4 Medium
Authorization Bypass Through User-Controlled Key vulnerability in JoomSky JS Job Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects JS Job Manager: from n/a through 2.0.2.
CVE-2025-31910 2 Reputeinfosystems, Wordpress 2 Bookingpress, Wordpress 2026-01-23 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in reputeinfosystems BookingPress allows SQL Injection. This issue affects BookingPress: from n/a through 1.1.28.
CVE-2025-32146 2 Joomsky, Wordpress 2 Js Job Manager, Wordpress 2026-01-23 8.8 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in JoomSky JS Job Manager allows PHP Local File Inclusion. This issue affects JS Job Manager: from n/a through 2.0.2.
CVE-2026-22469 1 Wordpress 1 Wordpress 2026-01-23 5.3 Medium
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in mwtemplates DeepDigital deepdigital allows Code Injection.This issue affects DeepDigital: from n/a through <= 1.0.2.
CVE-2026-22468 2 Abosoluteplugins, Wordpress 2 Absolute Addons For Elementor, Wordpress 2026-01-23 4.3 Medium
Missing Authorization vulnerability in AbsolutePlugins Absolute Addons For Elementor absolute-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Absolute Addons For Elementor: from n/a through <= 1.0.14.
CVE-2026-22349 1 Wordpress 1 Wordpress 2026-01-23 5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in linux4me2 Menu In Post menu-in-post allows DOM-Based XSS.This issue affects Menu In Post: from n/a through <= 1.4.1.
CVE-2022-46838 2 Joomsky, Wordpress 2 Js Help Desk, Wordpress 2026-01-23 9.1 Critical
Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.7.1.
CVE-2022-46840 2 Joomsky, Wordpress 2 Js Help Desk, Wordpress 2026-01-23 5.4 Medium
Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.7.1.
CVE-2023-45104 2 Wordpress, Wpdeveloper 2 Wordpress, Betterlinks 2026-01-23 7.3 High
Missing Authorization vulnerability in WPDeveloper BetterLinks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BetterLinks: from n/a through 1.6.0.
CVE-2023-47179 2 Byconsole, Wordpress 2 Wooodt Lite, Wordpress 2026-01-23 8.8 High
Missing Authorization vulnerability in ByConsole WooODT Lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooODT Lite: from n/a through 2.4.6.
CVE-2025-22315 2 Wordpress, Wpdeveloper 2 Wordpress, Typing Text 2026-01-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper Typing Text allows Stored XSS.This issue affects Typing Text: from n/a through 1.2.7.
CVE-2025-24695 2 Hasthemes, Wordpress 2 Extensions For Cf7, Wordpress 2026-01-23 4.4 Medium
Server-Side Request Forgery (SSRF) vulnerability in HasThemes Extensions For CF7 allows Server Side Request Forgery. This issue affects Extensions For CF7: from n/a through 3.2.0.
CVE-2024-43227 2 Wordpress, Wpdeveloper 2 Wordpress, Betterdocs 2026-01-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPDeveloper BetterDocs allows Stored XSS.This issue affects BetterDocs: from n/a through 3.5.8.