ReportizFlow
Filtered by vendor Wordpress
Subscriptions
Filtered by product Wordpress
Subscriptions
Total
5309 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-47843 | 1 Wordpress | 1 Wordpress | 2024-11-21 | 7.6 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Zachary Segal CataBlog.This issue affects CataBlog: from n/a through 1.7.0. | ||||
| CVE-2023-47774 | 2 Automattic, Wordpress | 2 Jetpack, Wordpress | 2024-11-21 | 5.4 Medium |
| Improper Restriction of Rendered UI Layers or Frames vulnerability in Automattic Jetpack allows Clickjacking.This issue affects Jetpack: from n/a before 12.7. | ||||
| CVE-2023-47683 | 2 Miniorange, Wordpress | 2 Wordpress Social Login And Register (discord, Google, Twitter, Linkedin), Wordpress | 2024-11-21 | 8 High |
| Improper Privilege Management vulnerability in miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) allows Privilege Escalation.This issue affects WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn): from n/a through 7.6.6. | ||||
| CVE-2023-46784 | 1 Wordpress | 1 Wordpress | 2024-11-21 | 8.2 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Server-Side Request Forgery (SSRF) vulnerability in Room 34 Creative Services, LLC ICS Calendar ics-calendar allows Absolute Path Traversal, : Server Side Request Forgery.This issue affects ICS Calendar: from n/a through 10.12.0.3. | ||||
| CVE-2023-45652 | 1 Wordpress | 1 Wordpress | 2024-11-21 | 6.5 Medium |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Justin Silver Remote Content Shortcode allows PHP Local File Inclusion.This issue affects Remote Content Shortcode: from n/a through 1.5. | ||||
| CVE-2023-45000 | 2 Litespeed Technologies, Wordpress | 2 Litespeed Cache, Wordpress | 2024-11-21 | 8.2 High |
| Missing Authorization vulnerability in LiteSpeed Technologies LiteSpeed Cache.This issue affects LiteSpeed Cache: from n/a through 5.7. | ||||
| CVE-2023-41955 | 2 Wordpress, Wpdeveloper | 2 Wordpress, Essential Addons For Elementor | 2024-11-21 | 8.8 High |
| Improper Privilege Management vulnerability in WPDeveloper Essential Addons for Elementor allows Privilege Escalation.This issue affects Essential Addons for Elementor: from n/a through 5.8.8. | ||||
| CVE-2023-38000 | 1 Wordpress | 2 Gutenberg, Wordpress | 2024-11-21 | 6.5 Medium |
| Auth. Stored (contributor+) Cross-Site Scripting (XSS) vulnerability in WordPress core 6.3 through 6.3.1, from 6.2 through 6.2.2, from 6.1 through 6.1.3, from 6.0 through 6.0.5, from 5.9 through 5.9.7 and Gutenberg plugin <= 16.8.0 versions. | ||||
| CVE-2023-37886 | 1 Wordpress | 1 Wordpress | 2024-11-21 | 5.4 Medium |
| Missing Authorization vulnerability in InspiryThemes RealHomes.This issue affects RealHomes: from n/a through 4.0.2. | ||||
| CVE-2023-37885 | 1 Wordpress | 1 Wordpress | 2024-11-21 | 4.3 Medium |
| Missing Authorization vulnerability in InspiryThemes RealHomes.This issue affects RealHomes: from n/a through 4.0.2. | ||||
| CVE-2023-37866 | 2 Crocoblock, Wordpress | 2 Jetformbuilder, Wordpress | 2024-11-21 | 7.2 High |
| Improper Privilege Management vulnerability in Crocoblock JetFormBuilder allows Privilege Escalation.This issue affects JetFormBuilder: from n/a through 3.0.8. | ||||
| CVE-2023-33327 | 2 Teplitsa Of Social Technologies, Wordpress | 2 Leyka, Wordpress | 2024-11-21 | 8.8 High |
| Improper Privilege Management vulnerability in Teplitsa of social technologies Leyka allows Privilege Escalation.This issue affects Leyka: from n/a through 3.30.2. | ||||
| CVE-2023-30480 | 1 Wordpress | 1 Wordpress | 2024-11-21 | 4.3 Medium |
| Missing Authorization vulnerability in Sparkle WP Educenter.This issue affects Educenter: from n/a through 1.5.5. | ||||
| CVE-2023-26540 | 2 Favethemes, Wordpress | 2 Houzez, Wordpress | 2024-11-21 | 9.8 Critical |
| Improper Privilege Management vulnerability in Favethemes Houzez allows Privilege Escalation.This issue affects Houzez: from n/a through 2.7.1. | ||||
| CVE-2023-25790 | 2 Wordpress, Xtemos | 2 Wordpress, Woodmart | 2024-11-21 | 5.3 Medium |
| Improper Authentication, Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in xtemos WoodMart allows Cross-Site Scripting (XSS).This issue affects WoodMart: from n/a through 7.0.4. | ||||
| CVE-2023-25701 | 1 Wordpress | 1 Wordpress | 2024-11-21 | 9.8 Critical |
| Improper Privilege Management vulnerability in WhatArmy WatchTowerHQ allows Privilege Escalation.This issue affects WatchTowerHQ: from n/a through 3.6.16. | ||||
| CVE-2023-25444 | 1 Wordpress | 1 Wordpress | 2024-11-21 | 9.1 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Using Malicious Files.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.7.7. | ||||
| CVE-2023-25039 | 1 Wordpress | 1 Wordpress | 2024-11-21 | 4.3 Medium |
| Missing Authorization vulnerability in CodePeople Google Maps CP.This issue affects Google Maps CP: from n/a through 1.0.43. | ||||
| CVE-2023-23872 | 1 Wordpress | 1 Wordpress | 2024-11-21 | 4.9 Medium |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in German Mesky GMAce allows Path Traversal.This issue affects GMAce: from n/a through 1.5.2. | ||||
| CVE-2022-47151 | 1 Wordpress | 1 Wordpress | 2024-11-21 | 8.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.7.1. | ||||