ReportizFlow
Filtered by vendor Wordpress
Subscriptions
Filtered by product Wordpress
Subscriptions
Total
13506 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-4766 | 2 Devrix, Wordpress | 2 Easy Image Gallery, Wordpress | 2026-04-24 | 6.4 Medium |
| The Easy Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Gallery shortcode post meta field in all versions up to, and including, 1.5.3. This is due to insufficient input sanitization and output escaping on user-supplied gallery shortcode values. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2026-4056 | 2 Wordpress, Wpeverest | 2 Wordpress, User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder | 2026-04-24 | 5.4 Medium |
| The User Registration & Membership plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the Content Access Rules REST API endpoints in versions 5.0.1 through 5.1.4. This is due to the `check_permissions()` method only checking for `edit_posts` capability instead of an administrator-level capability. This makes it possible for authenticated attackers, with Contributor-level access and above, to list, create, modify, toggle, duplicate, and delete site-wide content restriction rules, potentially exposing restricted content or denying legitimate user access. | ||||
| CVE-2026-4314 | 2 Wordpress, Wpextended | 2 Wordpress, Ultimate Wordpress Toolkit | 2026-04-24 | 8.8 High |
| The 'The Ultimate WordPress Toolkit – WP Extended' plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.2.4. This is due to the `isDashboardOrProfileRequest()` method in the Menu Editor module using an insecure `strpos()` check against `$_SERVER['REQUEST_URI']` to determine if a request targets the dashboard or profile page. The `grantVirtualCaps()` method, which is hooked into the `user_has_cap` filter, grants elevated capabilities including `manage_options` when this check returns true. This makes it possible for authenticated attackers, with Subscriber-level access and above, to gain administrative capabilities by appending a crafted query parameter to any admin URL, allowing them to update arbitrary WordPress options and ultimately create new Administrator accounts. | ||||
| CVE-2026-25018 | 2 Stmcan, Wordpress | 2 Naturalife Extensions, Wordpress | 2026-04-24 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in stmcan NaturaLife Extensions naturalife-extensions allows Reflected XSS.This issue affects NaturaLife Extensions: from n/a through <= 2.1. | ||||
| CVE-2026-3225 | 2 Thimpress, Wordpress | 2 Learnpress – Wordpress Lms Plugin For Create And Sell Online Courses, Wordpress | 2026-04-24 | 4.3 Medium |
| The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized deletion of quiz question answers due to a missing capability check in the delete_question_answer() function of the EditQuestionAjax class in all versions up to, and including, 4.3.2.8. The AbstractAjax::catch_lp_ajax() dispatcher verifies a wp_rest nonce but performs no current_user_can() check, and the QuestionAnswerModel::delete() method only validates minimum answer counts without checking user capabilities. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete answer options from any quiz question on the site. | ||||
| CVE-2026-22448 | 2 Flexcubed, Wordpress | 2 Pitchprint, Wordpress | 2026-04-24 | 7.5 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in flexcubed PitchPrint pitchprint allows Path Traversal.This issue affects PitchPrint: from n/a through <= 11.1.2. | ||||
| CVE-2026-22480 | 2 Webtoffee, Wordpress | 2 Product Feed For Woocommerce, Wordpress | 2026-04-24 | 7.2 High |
| Deserialization of Untrusted Data vulnerability in WebToffee Product Feed for WooCommerce webtoffee-product-feed allows Object Injection.This issue affects Product Feed for WooCommerce: from n/a through <= 2.3.3. | ||||
| CVE-2026-22484 | 2 Pebas, Wordpress | 2 Lisfinity Core, Wordpress | 2026-04-24 | 9.3 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in pebas Lisfinity Core lisfinity-core allows SQL Injection.This issue affects Lisfinity Core: from n/a through <= 1.5.0. | ||||
| CVE-2026-22491 | 2 Wordpress, Wphocus | 2 Wordpress, My Auctions Allegro | 2026-04-24 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wphocus My auctions allegro my-auctions-allegro-free-edition allows Reflected XSS.This issue affects My auctions allegro: from n/a through <= 3.6.35. | ||||
| CVE-2026-22496 | 2 Ancorathemes, Wordpress | 2 Hypnotherapy, Wordpress | 2026-04-24 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Hypnotherapy hypnotherapy allows PHP Local File Inclusion.This issue affects Hypnotherapy: from n/a through <= 1.2.10. | ||||
| CVE-2026-22506 | 2 Elated-themes, Wordpress | 2 Amoli, Wordpress | 2026-04-24 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Amoli amoli allows PHP Local File Inclusion.This issue affects Amoli: from n/a through <= 1.0. | ||||
| CVE-2026-23807 | 2 Wordpress, Wpsocio | 2 Wordpress, Wp Telegram Widget And Join Link | 2026-04-24 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Socio WP Telegram Widget and Join Link wptelegram-widget allows Reflected XSS.This issue affects WP Telegram Widget and Join Link: from n/a through <= 2.2.13. | ||||
| CVE-2026-3138 | 2 Woobewoo, Wordpress | 2 Product Filter For Woocommerce By Wbw, Wordpress | 2026-04-24 | 6.5 Medium |
| The Product Filter for WooCommerce by WBW plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check in all versions up to, and including, 3.1.2. This is due to the plugin's MVC framework dynamically registering unauthenticated AJAX handlers via `wp_ajax_nopriv_` hooks without verifying user capabilities, combined with the base controller's `__call()` magic method forwarding undefined method calls to the model layer, and the `havePermissions()` method defaulting to `true` when no permissions are explicitly defined. This makes it possible for unauthenticated attackers to truncate the plugin's `wp_wpf_filters` database table via a crafted AJAX request with `action=delete`, permanently destroying all filter configurations. | ||||
| CVE-2026-3079 | 2 Stellarwp, Wordpress | 2 Learndash Lms, Wordpress | 2026-04-24 | 6.5 Medium |
| The LearnDash LMS plugin for WordPress is vulnerable to blind time-based SQL Injection via the 'filters[orderby_order]' parameter in the 'learndash_propanel_template' AJAX action in all versions up to, and including, 5.0.3. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. | ||||
| CVE-2025-69358 | 2 Metagauss, Wordpress | 2 Eventprime, Wordpress | 2026-04-24 | 7.5 High |
| Missing Authorization vulnerability in Metagauss EventPrime eventprime-event-calendar-management allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EventPrime: from n/a through <= 4.2.6.0. | ||||
| CVE-2026-22520 | 2 G5theme, Wordpress | 2 Handmade Framework, Wordpress | 2026-04-24 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in G5Theme Handmade Framework handmade-framework allows Reflected XSS.This issue affects Handmade Framework: from n/a through <= 3.9. | ||||
| CVE-2026-22516 | 2 Ancorathemes, Wordpress | 2 Wizor's, Wordpress | 2026-04-24 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Wizor's wizors-investments allows PHP Local File Inclusion.This issue affects Wizor's: from n/a through <= 2.12. | ||||
| CVE-2026-22512 | 2 Elated-themes, Wordpress | 2 Roisin, Wordpress | 2026-04-24 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Roisin roisin allows PHP Local File Inclusion.This issue affects Roisin: from n/a through <= 1.2.1. | ||||
| CVE-2026-22507 | 2 Ancorathemes, Wordpress | 2 Beelove, Wordpress | 2026-04-24 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in AncoraThemes Beelove beelove allows Object Injection.This issue affects Beelove: from n/a through <= 1.2.6. | ||||
| CVE-2026-22502 | 2 Ancorathemes, Wordpress | 2 Mr. Cobbler, Wordpress | 2026-04-24 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Mr. Cobbler mr-cobbler allows PHP Local File Inclusion.This issue affects Mr. Cobbler: from n/a through <= 1.1.9. | ||||