ReportizFlow
Filtered by vendor Wordpress
Subscriptions
Total
11765 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-31387 | 2 Instawp, Wordpress | 2 Instawp Connect, Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in InstaWP InstaWP Connect instawp-connect allows PHP Local File Inclusion.This issue affects InstaWP Connect: from n/a through <= 0.1.0.82. | ||||
| CVE-2025-31385 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in intelcaprep Site Table of Contents site-table-of-contents allows Stored XSS.This issue affects Site Table of Contents: from n/a through <= 0.3. | ||||
| CVE-2025-31383 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in sodena FrescoChat Live Chat flexytalk-widget allows Stored XSS.This issue affects FrescoChat Live Chat: from n/a through <= 3.2.6. | ||||
| CVE-2025-31379 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in programphases Insert HTML Here insert-html-here allows Reflected XSS.This issue affects Insert HTML Here: from n/a through <= 1.0. | ||||
| CVE-2025-31378 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in danbwb Oppso Unit Converter oppso-unit-converter allows Reflected XSS.This issue affects Oppso Unit Converter: from n/a through <= 1.1.1. | ||||
| CVE-2025-31376 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Mayeenul Islam NanoSupport nanosupport allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects NanoSupport: from n/a through <= 0.6.0. | ||||
| CVE-2025-31097 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Hossein Material Dashboard material-dashboard allows PHP Local File Inclusion.This issue affects Material Dashboard: from n/a through <= 1.4.5. | ||||
| CVE-2025-31096 | 2 Wordpress, Wpxpo | 2 Wordpress, Postx | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPXPO PostX ultimate-post allows DOM-Based XSS.This issue affects PostX: from n/a through <= 4.1.25. | ||||
| CVE-2025-31095 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in Hossein Material Dashboard material-dashboard allows Authentication Bypass.This issue affects Material Dashboard: from n/a through <= 1.4.5. | ||||
| CVE-2025-31094 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in teastudio.pl WP Posts Carousel wp-posts-carousel allows Stored XSS.This issue affects WP Posts Carousel: from n/a through <= 1.3.8. | ||||
| CVE-2025-31093 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in redpixelstudios RPS Include Content rps-include-content allows DOM-Based XSS.This issue affects RPS Include Content: from n/a through <= 1.2.1. | ||||
| CVE-2025-31090 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in alordiel Dropdown Multisite selector dropdown-multisite-selector allows Stored XSS.This issue affects Dropdown Multisite selector: from n/a through < 0.9.4. | ||||
| CVE-2025-31088 | 2 Cozmoslabs, Wordpress | 2 Paid Member Subscriptions, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cozmoslabs Paid Member Subscriptions paid-member-subscriptions allows Stored XSS.This issue affects Paid Member Subscriptions: from n/a through <= 2.14.3. | ||||
| CVE-2025-31086 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WBW Plugins Product Table by WBW woo-product-tables allows Reflected XSS.This issue affects Product Table by WBW: from n/a through <= 2.1.4. | ||||
| CVE-2025-31083 | 2 Wordpress, Zeen101 | 2 Wordpress, Leaky Paywall | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ZEEN101 Leaky Paywall leaky-paywall allows Stored XSS.This issue affects Leaky Paywall: from n/a through <= 4.21.7. | ||||
| CVE-2025-31081 | 2 Shortpixel, Wordpress | 2 Enable Media Replace, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ShortPixel Enable Media Replace enable-media-replace allows Reflected XSS.This issue affects Enable Media Replace: from n/a through <= 4.1.5. | ||||
| CVE-2025-31079 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in usermaven Usermaven usermaven allows Cross Site Request Forgery.This issue affects Usermaven: from n/a through <= 1.2.1. | ||||
| CVE-2025-31075 | 2 Videowhisper, Wordpress | 2 Micropayments, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in videowhisper MicroPayments paid-membership allows Stored XSS.This issue affects MicroPayments: from n/a through <= 2.9.29. | ||||
| CVE-2025-31066 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in themeton Acerola acerola allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Acerola: from n/a through <= 1.6.5. | ||||
| CVE-2025-31064 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Vizeon - Business Consulting vizeon allows PHP Local File Inclusion.This issue affects Vizeon - Business Consulting: from n/a through < 1.2.1. | ||||