ReportizFlow
Filtered by vendor Wordpress
Subscriptions
Total
11765 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-30895 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in magepeopleteam WpEvently mage-eventpress allows PHP Local File Inclusion.This issue affects WpEvently: from n/a through <= 4.2.9. | ||||
| CVE-2025-30894 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Epsiloncool WP Fast Total Search fulltext-search allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Fast Total Search: from n/a through <= 1.79.262. | ||||
| CVE-2025-30887 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in magepeopleteam WpEvently mage-eventpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpEvently: from n/a through <= 4.2.9. | ||||
| CVE-2025-30882 | 2 Joomsky, Wordpress | 2 Js Help Desk, Wordpress | 2026-04-01 | N/A |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in JoomSky JS Help Desk js-support-ticket allows Path Traversal.This issue affects JS Help Desk: from n/a through <= 2.9.1. | ||||
| CVE-2025-30881 | 2 Themehunk, Wordpress | 2 Big Store, Wordpress | 2026-04-01 | 5.4 Medium |
| Missing Authorization vulnerability in themehunk Big Store big-store allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Big Store: from n/a through <= 2.0.8. | ||||
| CVE-2025-30880 | 2 Joomsky, Wordpress | 2 Js Help Desk, Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in JoomSky JS Help Desk js-support-ticket allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Help Desk: from n/a through <= 2.9.2. | ||||
| CVE-2025-30875 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alexandre Froger WP Weixin wp-weixin allows Stored XSS.This issue affects WP Weixin: from n/a through <= 1.3.16. | ||||
| CVE-2025-30869 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Parakoos Image Wall image-wall allows Reflected XSS.This issue affects Image Wall: from n/a through <= 3.0. | ||||
| CVE-2025-30866 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Giannis Kipouros Terms & Conditions Per Product terms-and-conditions-per-product allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Terms & Conditions Per Product: from n/a through <= 1.2.15. | ||||
| CVE-2025-30865 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in fuzzoid 3DPrint Lite 3dprint-lite allows Cross Site Request Forgery.This issue affects 3DPrint Lite: from n/a through <= 2.1.3.5. | ||||
| CVE-2025-30864 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in falselight Exchange Rates exchange-rates allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Exchange Rates: from n/a through <= 1.2.2. | ||||
| CVE-2025-30860 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jory Hogeveen Off-Canvas Sidebars & Menus (Slidebars) off-canvas-sidebars allows DOM-Based XSS.This issue affects Off-Canvas Sidebars & Menus (Slidebars): from n/a through <= 0.5.8.2. | ||||
| CVE-2025-30850 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sfaerber Dr. Flex dr-flex allows Stored XSS.This issue affects Dr. Flex: from n/a through <= 2.0.0. | ||||
| CVE-2025-30845 | 2 Webangon, Wordpress | 2 The Pack Elementor Addons, Wordpress | 2026-04-01 | N/A |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in webangon The Pack Elementor addons the-pack-addon allows PHP Local File Inclusion.This issue affects The Pack Elementor addons: from n/a through <= 2.1.1. | ||||
| CVE-2025-30843 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in setriosoft bizcalendar-web bizcalendar-web allows SQL Injection.This issue affects bizcalendar-web: from n/a through <= 1.1.0.34. | ||||
| CVE-2025-30842 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in pixolette Christmas Panda christmas-panda allows Cross Site Request Forgery.This issue affects Christmas Panda: from n/a through <= 1.0.4. | ||||
| CVE-2025-30841 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in adamskaat Countdown & Clock countdown-builder allows Remote Code Inclusion.This issue affects Countdown & Clock: from n/a through <= 2.8.8. | ||||
| CVE-2025-30838 | 2 Cozythemes, Wordpress | 2 Cozy Blocks, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CozyThemes Cozy Blocks cozy-addons allows Stored XSS.This issue affects Cozy Blocks: from n/a through <= 2.1.6. | ||||
| CVE-2025-30836 | 2 Latepoint, Wordpress | 2 Latepoint, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LatePoint LatePoint latepoint allows Stored XSS.This issue affects LatePoint: from n/a through <= 5.1.6. | ||||
| CVE-2025-30830 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Hossni Mubarak Cool Author Box hm-cool-author-box-widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cool Author Box: from n/a through <= 2.9.9. | ||||