Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cms Clear
ID Title
CVE-2023-54352 Vulnerability in wordpress (CVE-2023-54352)
vulnerability in wordpress (CVE-2023-54352). Successful exploitation can lead to full system takeover.
CVE-2024-58348 Unrestricted File Upload in wordpress (CVE-2024-58348)
vulnerability in wordpress (CVE-2024-58348). Successful exploitation can lead to full system takeover.
CVE-2021-47983 Cross-Site Scripting (XSS) in c (CVE-2021-47983)
cross-site scripting in c (CVE-2021-47983). Risk of unauthorized operations or information disclosure.
CVE-2021-47984 Cross-Site Scripting (XSS) in wordpress (CVE-2021-47984)
cross-site scripting in wordpress (CVE-2021-47984). Risk of unauthorized operations or information disclosure.
CVE-2022-50953 Path Traversal in wordpress (CVE-2022-50953)
path traversal in wordpress (CVE-2022-50953). Confidential information can be exposed externally.
CVE-2026-8839 Vulnerability in wordpress (CVE-2026-8839)
vulnerability in wordpress (CVE-2026-8839). Risk of unauthorized operations or information disclosure. Exploitable via ``edit_posts``.
CVE-2026-8611 Vulnerability in wordpress (CVE-2026-8611)
vulnerability in wordpress (CVE-2026-8611). Risk of unauthorized operations or information disclosure.
CVE-2026-9016 Vulnerability in wordpress (CVE-2026-9016)
vulnerability in wordpress (CVE-2026-9016). Risk of unauthorized operations or information disclosure. Exploitable via ``wp_ajax_nopriv_log_js_errors``.
CVE-2026-9851 Vulnerability in wordpress (CVE-2026-9851)
vulnerability in wordpress (CVE-2026-9851). Successful exploitation can lead to full system takeover.
CVE-2026-9594 Cross-Site Scripting (XSS) in wordpress (CVE-2026-9594)
cross-site scripting in wordpress (CVE-2026-9594). Risk of unauthorized operations or information disclosure.
CVE-2026-7624 Vulnerability in wordpress (CVE-2026-7624)
vulnerability in wordpress (CVE-2026-7624). Risk of unauthorized operations or information disclosure. Exploitable via ``sq_manage_settings``.
CVE-2026-9829 SQL Injection in wordpress (CVE-2026-9829)
SQL injection in wordpress (CVE-2026-9829). Confidential information can be exposed externally.
CVE-2026-9280 Cross-Site Scripting (XSS) in wordpress (CVE-2026-9280)
cross-site scripting in wordpress (CVE-2026-9280). Risk of unauthorized operations or information disclosure.
CVE-2026-9197 Path Traversal in wordpress (CVE-2026-9197)
path traversal in wordpress (CVE-2026-9197). Confidential information can be exposed externally.
CVE-2026-8991 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8991)
cross-site scripting in wordpress (CVE-2026-8991). Risk of unauthorized operations or information disclosure.
CVE-2026-8978 SQL Injection in wordpress (CVE-2026-8978)
SQL injection in wordpress (CVE-2026-8978). Confidential information can be exposed externally.
CVE-2026-8502 Vulnerability in wordpress (CVE-2026-8502)
vulnerability in wordpress (CVE-2026-8502). Risk of unauthorized operations or information disclosure.
CVE-2026-7796 Cross-Site Scripting (XSS) in wordpress (CVE-2026-7796)
cross-site scripting in wordpress (CVE-2026-7796). Risk of unauthorized operations or information disclosure.
CVE-2026-7795 Cross-Site Scripting (XSS) in wordpress (CVE-2026-7795)
cross-site scripting in wordpress (CVE-2026-7795). Risk of unauthorized operations or information disclosure.
CVE-2026-7792 Vulnerability in wordpress (CVE-2026-7792)
vulnerability in wordpress (CVE-2026-7792). Risk of unauthorized operations or information disclosure.
CVE-2026-7665 Vulnerability in wordpress (CVE-2026-7665)
vulnerability in wordpress (CVE-2026-7665). Risk of unauthorized operations or information disclosure.
CVE-2026-7566 Unsafe Deserialization in wordpress (CVE-2026-7566)
vulnerability in wordpress (CVE-2026-7566). Successful exploitation can lead to full system takeover.
CVE-2026-7565 Path Traversal in wordpress (CVE-2026-7565)
path traversal in wordpress (CVE-2026-7565). Confidential information can be exposed externally.
CVE-2026-7537 Unrestricted File Upload in wordpress (CVE-2026-7537)
vulnerability in wordpress (CVE-2026-7537). Successful exploitation can lead to full system takeover.
CVE-2026-2500 Path Traversal in csharp (CVE-2026-2500)
path traversal in csharp (CVE-2026-2500). Confidential information can be exposed externally. Exploitable via ``filename``.
CVE-2026-9281 Cross-Site Scripting (XSS) in wordpress (CVE-2026-9281)
cross-site scripting in wordpress (CVE-2026-9281). Risk of unauthorized operations or information disclosure.
CVE-2026-9008 Vulnerability in wordpress (CVE-2026-9008)
vulnerability in wordpress (CVE-2026-9008). Risk of unauthorized operations or information disclosure.
CVE-2026-8901 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8901)
cross-site scripting in wordpress (CVE-2026-8901). Risk of unauthorized operations or information disclosure.
CVE-2026-8438 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8438)
cross-site scripting in wordpress (CVE-2026-8438). Risk of unauthorized operations or information disclosure.
CVE-2026-9719 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-9719)
vulnerability in wordpress (CVE-2026-9719). Risk of unauthorized operations or information disclosure.
CVE-2026-9290 Path Traversal in wordpress (CVE-2026-9290)
path traversal in wordpress (CVE-2026-9290). Confidential information can be exposed externally.
CVE-2026-8976 Vulnerability in wordpress (CVE-2026-8976)
vulnerability in wordpress (CVE-2026-8976). Risk of unauthorized operations or information disclosure.
CVE-2026-8900 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8900)
cross-site scripting in wordpress (CVE-2026-8900). Risk of unauthorized operations or information disclosure.
CVE-2026-7047 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-7047)
vulnerability in wordpress (CVE-2026-7047). Risk of unauthorized operations or information disclosure.
CVE-2026-6448 SQL Injection in wordpress (CVE-2026-6448)
SQL injection in wordpress (CVE-2026-6448). Confidential information can be exposed externally.
CVE-2026-8608 Vulnerability in wordpress (CVE-2026-8608)
vulnerability in wordpress (CVE-2026-8608). Risk of unauthorized operations or information disclosure.
CVE-2026-8893 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8893)
cross-site scripting in wordpress (CVE-2026-8893). Risk of unauthorized operations or information disclosure.
CVE-2026-10038 Vulnerability in wordpress (CVE-2026-10038)
vulnerability in wordpress (CVE-2026-10038). Risk of unauthorized operations or information disclosure.
CVE-2025-12656 Vulnerability in wordpress (CVE-2025-12656)
vulnerability in wordpress (CVE-2025-12656). Risk of unauthorized operations or information disclosure.
CVE-2026-7654 Unsafe Deserialization in wordpress (CVE-2026-7654)
vulnerability in wordpress (CVE-2026-7654). Successful exploitation can lead to full system takeover. Exploitable via ``allowed_classes``.
CVE-2026-7523 Vulnerability in wordpress (CVE-2026-7523)
vulnerability in wordpress (CVE-2026-7523). Risk of unauthorized operations or information disclosure.
CVE-2026-5415 The WP Captcha PRO (the premium version of the Advanced Google reCAPTCHA plugin, both have the...
The WP Captcha PRO (the premium version of the Advanced Google reCAPTCHA plugin, both have the...
CVE-2026-5411 The WP Captcha PRO (the premium version of the Advanced Google reCAPTCHA plugin, both have the...
The WP Captcha PRO (the premium version of the Advanced Google reCAPTCHA plugin, both have the...
CVE-2026-10580 Vulnerability in wordpress (CVE-2026-10580)
vulnerability in wordpress (CVE-2026-10580). Successful exploitation can lead to full system takeover.
CVE-2026-10586 SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-10586)
SSRF in wordpress (CVE-2026-10586). Risk of unauthorized operations or information disclosure.
CVE-2019-25738 Vulnerability in wordpress (CVE-2019-25738)
vulnerability in wordpress (CVE-2019-25738). Successful exploitation can lead to full system takeover.
CVE-2019-25742 Cross-Site Scripting (XSS) in wordpress (CVE-2019-25742)
cross-site scripting in wordpress (CVE-2019-25742). Risk of unauthorized operations or information disclosure.
CVE-2019-25744 Cross-Site Scripting (XSS) in wordpress (CVE-2019-25744)
cross-site scripting in wordpress (CVE-2019-25744). Risk of unauthorized operations or information disclosure.
CVE-2019-25745 SQL Injection in wordpress (CVE-2019-25745)
SQL injection in wordpress (CVE-2019-25745). Confidential information can be exposed externally.
CVE-2019-25743 Cross-Site Scripting (XSS) in wordpress (CVE-2019-25743)
cross-site scripting in wordpress (CVE-2019-25743). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →