CVEs and Security Vulnerabilities CVEs and Security Vulnerabilities

Filtered by vendor Wordpress Subscriptions

Total 11498 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-69300	2 Leap13, Wordpress	2 Premium Addons For Elementor, Wordpress	2026-04-01	5.4 Medium
Missing Authorization vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Premium Addons for Elementor: from n/a through <= 4.11.63.
CVE-2025-69299	2 Laborator, Wordpress	2 Oxygen, Wordpress	2026-04-01	7.2 High
Server-Side Request Forgery (SSRF) vulnerability in Laborator Oxygen oxygen allows Server Side Request Forgery.This issue affects Oxygen: from n/a through <= 6.0.8.
CVE-2025-69298	2 Ghostpool, Wordpress	2 Gauge, Wordpress	2026-04-01	7.5 High
Missing Authorization vulnerability in GhostPool Gauge gauge allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gauge: from n/a through <= 6.56.4.
CVE-2025-69297	2 Ghostpool, Wordpress	2 Aardvark Plugin, Wordpress	2026-04-01	7.5 High
Missing Authorization vulnerability in GhostPool Aardvark Plugin aardvark-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Aardvark Plugin: from n/a through <= 2.19.
CVE-2025-69296	2 Ghostpool, Wordpress	2 Aardvark, Wordpress	2026-04-01	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GhostPool Aardvark aardvark allows Reflected XSS.This issue affects Aardvark: from n/a through <= 4.6.3.
CVE-2025-69295	2 Teconcetheme, Wordpress	2 Coven Core, Wordpress	2026-04-01	9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TeconceTheme Coven Core coven-core allows Blind SQL Injection.This issue affects Coven Core: from n/a through <= 1.3.
CVE-2025-69294	2 Fuelthemes, Wordpress	2 Peakshops, Wordpress	2026-04-01	8.8 High
Deserialization of Untrusted Data vulnerability in fuelthemes PeakShops peakshops allows Object Injection.This issue affects PeakShops: from n/a through <= 1.5.9.
CVE-2025-69293	2 E-plugins, Wordpress	2 Final User, Wordpress	2026-04-01	8.8 High
Incorrect Privilege Assignment vulnerability in e-plugins Final User final-user allows Privilege Escalation.This issue affects Final User: from n/a through <= 1.2.5.
CVE-2025-69292	2 E-plugins, Wordpress	2 Wp Membership, Wordpress	2026-04-01	8.8 High
Incorrect Privilege Assignment vulnerability in e-plugins WP Membership wp-membership allows Privilege Escalation.This issue affects WP Membership: from n/a through <= 1.6.4.
CVE-2025-69193	2 E-plugins, Wordpress	2 Wp Membership, Wordpress	2026-04-01	7.3 High
Missing Authorization vulnerability in e-plugins WP Membership wp-membership allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Membership: from n/a through <= 1.6.4.
CVE-2025-69192	2 E-plugins, Wordpress	2 Real Estate Pro, Wordpress	2026-04-01	7.3 High
Missing Authorization vulnerability in e-plugins Real Estate Pro real-estate-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Real Estate Pro: from n/a through <= 2.1.5.
CVE-2025-69191	1 Wordpress	1 Wordpress	2026-04-01	7.3 High
Missing Authorization vulnerability in e-plugins ListingHub listinghub allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ListingHub: from n/a through <= 1.2.7.
CVE-2025-69190	1 Wordpress	1 Wordpress	2026-04-01	7.3 High
Missing Authorization vulnerability in e-plugins Listihub listihub allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Listihub: from n/a through <= 1.0.6.
CVE-2025-69188	2 E-plugins, Wordpress	2 Fitness Trainer, Wordpress	2026-04-01	7.3 High
Missing Authorization vulnerability in e-plugins fitness-trainer fitness-trainer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects fitness-trainer: from n/a through <= 1.7.1.
CVE-2025-69187	2 E-plugins, Wordpress	2 Final User, Wordpress	2026-04-01	7.3 High
Missing Authorization vulnerability in e-plugins Final User final-user allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Final User: from n/a through <= 1.2.5.
CVE-2025-69186	2 E-plugins, Wordpress	2 Hospital & Doctor Directory, Wordpress	2026-04-01	7.3 High
Missing Authorization vulnerability in e-plugins Hospital Doctor Directory hospital-doctor-directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hospital Doctor Directory: from n/a through <= 1.3.9.
CVE-2025-69185	1 Wordpress	1 Wordpress	2026-04-01	7.3 High
Missing Authorization vulnerability in e-plugins Hotel Listing hotel-listing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hotel Listing: from n/a through <= 1.4.2.
CVE-2025-69184	2 E-plugins, Wordpress	2 Institutions Directory, Wordpress	2026-04-01	7.3 High
Missing Authorization vulnerability in e-plugins Institutions Directory institutions-directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Institutions Directory: from n/a through <= 1.3.4.
CVE-2025-69183	2 E-plugins, Wordpress	2 Hospital & Doctor Directory, Wordpress	2026-04-01	8.8 High
Incorrect Privilege Assignment vulnerability in e-plugins Hospital Doctor Directory hospital-doctor-directory allows Privilege Escalation.This issue affects Hospital Doctor Directory: from n/a through <= 1.3.9.
CVE-2025-69182	2 E-plugins, Wordpress	2 Institutions Directory, Wordpress	2026-04-01	8.8 High
Incorrect Privilege Assignment vulnerability in e-plugins Institutions Directory institutions-directory allows Privilege Escalation.This issue affects Institutions Directory: from n/a through <= 1.3.4.

« first previous Page 233 of 575. next last »