CVEs and Security Vulnerabilities CVEs and Security Vulnerabilities

Filtered by vendor Wordpress Subscriptions

Total 11498 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-25337	2 Wordpress, Wpcoachify	2 Wordpress, Coachify	2026-04-01	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in wpcoachify Coachify coachify allows Cross Site Request Forgery.This issue affects Coachify: from n/a through <= 1.1.5.
CVE-2026-25336	2 Wordpress, Wpcoachify	2 Wordpress, Coachify	2026-04-01	5.3 Medium
Missing Authorization vulnerability in wpcoachify Coachify coachify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Coachify: from n/a through <= 1.1.5.
CVE-2026-25335	2 Ays-pro, Wordpress	2 Secure Copy Content Protection And Content Locking, Wordpress	2026-04-01	4.3 Medium
Missing Authorization vulnerability in Ays Pro Secure Copy Content Protection and Content Locking secure-copy-content-protection allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Secure Copy Content Protection and Content Locking: from n/a through <= 5.0.0.
CVE-2026-25333	2 Peregrinethemes, Wordpress	2 Shopwell, Wordpress	2026-04-01	5.3 Medium
Missing Authorization vulnerability in peregrinethemes Shopwell shopwell allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shopwell: from n/a through <= 1.0.11.
CVE-2026-25332	2 Fahad Mahmood, Wordpress	2 Endless Posts Navigation, Wordpress	2026-04-01	5.3 Medium
Missing Authorization vulnerability in Fahad Mahmood Endless Posts Navigation endless-posts-navigation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Endless Posts Navigation: from n/a through <= 2.2.9.
CVE-2026-25331	2 Melapress, Wordpress	2 Wp Activity Log, Wordpress	2026-04-01	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Melapress WP Activity Log wp-security-audit-log allows DOM-Based XSS.This issue affects WP Activity Log: from n/a through <= 5.5.4.
CVE-2026-25330	2 Publishpress, Wordpress	2 Publishpress Authors, Wordpress	2026-04-01	4.3 Medium
Missing Authorization vulnerability in PublishPress PublishPress Authors publishpress-authors allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PublishPress Authors: from n/a through <= 4.10.1.
CVE-2026-25329	2 Expresstech, Wordpress	2 Quiz And Survey Master, Wordpress	2026-04-01	4.3 Medium
Missing Authorization vulnerability in ExpressTech Systems Quiz And Survey Master quiz-master-next allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quiz And Survey Master: from n/a through <= 10.3.4.
CVE-2026-25326	2 Cmsmasters, Wordpress	2 Cmsmasters Content Composer, Wordpress	2026-04-01	7.5 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in cmsmasters CMSMasters Content Composer cmsmasters-content-composer allows PHP Local File Inclusion.This issue affects CMSMasters Content Composer: from n/a through <= 1.4.5.
CVE-2026-25325	2 Rtcamp, Wordpress	2 Rtmedia For Wordpress, Buddypress And Bbpress, Wordpress	2026-04-01	5.3 Medium
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in rtCamp rtMedia for WordPress, BuddyPress and bbPress buddypress-media allows Retrieve Embedded Sensitive Data.This issue affects rtMedia for WordPress, BuddyPress and bbPress: from n/a through <= 4.7.8.
CVE-2026-25324	2 Expresstech, Wordpress	2 Quiz And Survey Master, Wordpress	2026-04-01	5.3 Medium
Authorization Bypass Through User-Controlled Key vulnerability in ExpressTech Systems Quiz And Survey Master quiz-master-next allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quiz And Survey Master: from n/a through <= 10.3.4.
CVE-2026-25323	2 Mika, Wordpress	2 Osm, Wordpress	2026-04-01	4.3 Medium
Missing Authorization vulnerability in MiKa OSM osm allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects OSM: from n/a through <= 6.1.12.
CVE-2026-25322	2 Publishpress, Wordpress	2 Publishpress Revisions, Wordpress	2026-04-01	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in PublishPress PublishPress Revisions revisionary allows Cross Site Request Forgery.This issue affects PublishPress Revisions: from n/a through <= 3.7.22.
CVE-2026-25321	2 Psm Plugins, Wordpress	2 Supportcandy, Wordpress	2026-04-01	5.3 Medium
Missing Authorization vulnerability in PSM Plugins SupportCandy supportcandy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SupportCandy: from n/a through <= 3.4.4.
CVE-2026-25320	2 Cool Plugins, Wordpress	2 Elementor Contact Form Db, Wordpress	2026-04-01	5.3 Medium
Missing Authorization vulnerability in Cool Plugins Elementor Contact Form DB sb-elementor-contact-form-db allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elementor Contact Form DB: from n/a through <= 2.1.3.
CVE-2026-25319	2 Wordpress, Wpzita	2 Wordpress, Zita Elementor Site Library	2026-04-01	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in wpzita Zita Elementor Site Library zita-site-library allows Cross Site Request Forgery.This issue affects Zita Elementor Site Library: from n/a through <= 1.6.6.
CVE-2026-25318	2 Wisernotify Team, Wordpress	2 Wiserreview Product Reviews For Woocommerce, Wordpress	2026-04-01	4.3 Medium
Missing Authorization vulnerability in Wisernotify team WiserReview Product Reviews for WooCommerce wiser-review allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WiserReview Product Reviews for WooCommerce: from n/a through <= 2.9.
CVE-2026-25316	2 Brainstormforce, Wordpress	2 Cartflows, Wordpress	2026-04-01	7.2 High
Deserialization of Untrusted Data vulnerability in Brainstorm Force CartFlows cartflows allows Object Injection.This issue affects CartFlows: from n/a through <= 2.1.19.
CVE-2026-25314	2 Wordpress, Wp Messiah	2 Wordpress, Top Table Of Contents	2026-04-01	4.3 Medium
Missing Authorization vulnerability in WP Messiah TOP Table Of Contents top-table-of-contents allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TOP Table Of Contents: from n/a through <= 1.3.31.
CVE-2026-25313	2 Shahjahan Jewel, Wordpress	2 Fluentform, Wordpress	2026-04-01	4.3 Medium
Missing Authorization vulnerability in Shahjahan Jewel FluentForm fluentform allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FluentForm: from n/a through <= 6.1.14.

« first previous Page 211 of 575. next last »