Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2019-25727 |
|
Path Traversal in wordpress (CVE-2019-25727)
path traversal in wordpress (CVE-2019-25727). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8653 |
|
SQL Injection in wordpress (CVE-2026-8653)
SQL injection in wordpress (CVE-2026-8653). Confidential information can be exposed externally.
|
| CVE-2026-10737 |
|
Vulnerability in wordpress (CVE-2026-10737)
vulnerability in wordpress (CVE-2026-10737). Confidential information can be exposed externally.
|
| CVE-2026-7421 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-7421)
cross-site scripting in wordpress (CVE-2026-7421). Risk of unauthorized operations or information disclosure. Exploitable via ``shop_name``.
|
| CVE-2026-9732 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-9732)
vulnerability in wordpress (CVE-2026-9732). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5076 |
|
Authentication Bypass in wordpress (CVE-2026-5076)
authentication bypass in wordpress (CVE-2026-5076). Successful exploitation can lead to full system takeover. Exploitable via ``arm_reset_password_key``.
|
| CVE-2026-5074 |
|
SQL Injection in wordpress (CVE-2026-5074)
SQL injection in wordpress (CVE-2026-5074). Confidential information can be exposed externally. Exploitable via ``get_private_content_data``.
|
| CVE-2026-5073 |
|
SQL Injection in wordpress (CVE-2026-5073)
SQL injection in wordpress (CVE-2026-5073). Confidential information can be exposed externally.
|
| CVE-2026-1829 |
|
The Content Visibility for Divi Builder plugin for WordPress is vulnerable to Remote Code...
The Content Visibility for Divi Builder plugin for WordPress is vulnerable to Remote Code...
|
| CVE-2026-39555 |
|
Deserialization of Untrusted Data vulnerability in Elated-Themes Askka allows Object Injection.
...
Deserialization of Untrusted Data vulnerability in Elated-Themes Askka allows Object Injection.
...
|
| CVE-2026-39553 |
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
|
| CVE-2026-39552 |
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
|
| CVE-2025-69369 |
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
|
| CVE-2025-68886 |
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
|
| CVE-2026-5191 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-5191)
cross-site scripting in wordpress (CVE-2026-5191). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4081 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-4081)
cross-site scripting in wordpress (CVE-2026-4081). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4080 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-4080)
cross-site scripting in wordpress (CVE-2026-4080). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-3620 |
|
Vulnerability in wordpress (CVE-2026-3620)
vulnerability in wordpress (CVE-2026-3620). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-2425 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-2425)
cross-site scripting in wordpress (CVE-2026-2425). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9723 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-9723)
vulnerability in wordpress (CVE-2026-9723). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9730 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-9730)
vulnerability in wordpress (CVE-2026-9730). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9599 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-9599)
vulnerability in wordpress (CVE-2026-9599). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8422 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-8422)
vulnerability in wordpress (CVE-2026-8422). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9234 |
|
Vulnerability in wordpress (CVE-2026-9234)
vulnerability in wordpress (CVE-2026-9234). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9722 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-9722)
vulnerability in wordpress (CVE-2026-9722). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-2382 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-2382)
cross-site scripting in wordpress (CVE-2026-2382). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4071 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-4071)
vulnerability in wordpress (CVE-2026-4071). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-1450 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-1450)
cross-site scripting in wordpress (CVE-2026-1450). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-1451 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-1451)
cross-site scripting in wordpress (CVE-2026-1451). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-5085 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2025-5085)
cross-site scripting in wordpress (CVE-2025-5085). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8885 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-8885)
cross-site scripting in wordpress (CVE-2026-8885). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8293 |
|
Authentication Bypass in wordpress (CVE-2026-8293)
authentication bypass in wordpress (CVE-2026-8293). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8206 |
|
Privilege Escalation in wordpress (CVE-2026-8206)
vulnerability in wordpress (CVE-2026-8206). Successful exploitation can lead to full system takeover.
|
| CVE-2026-3722 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-3722)
cross-site scripting in wordpress (CVE-2026-3722). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10100 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-10100)
cross-site scripting in wordpress (CVE-2026-10100). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9050 |
|
Vulnerability in wordpress (CVE-2026-9050)
vulnerability in wordpress (CVE-2026-9050). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9048 |
|
Authorization Flaw in wordpress (CVE-2026-9048)
vulnerability in wordpress (CVE-2026-9048). Risk of unauthorized operations or information disclosure.
|
| CVE-2018-25434 |
|
SQL Injection in wordpress (CVE-2018-25434)
SQL injection in wordpress (CVE-2018-25434). Confidential information can be exposed externally.
|
| CVE-2026-8382 |
|
Vulnerability in wordpress (CVE-2026-8382)
vulnerability in wordpress (CVE-2026-8382). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9757 |
|
SQL Injection in wordpress (CVE-2026-9757)
SQL injection in wordpress (CVE-2026-9757). Confidential information can be exposed externally.
|
| CVE-2026-7465 |
|
Privilege Escalation in wordpress (CVE-2026-7465)
vulnerability in wordpress (CVE-2026-7465). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7459 |
|
Vulnerability in wordpress (CVE-2026-7459)
vulnerability in wordpress (CVE-2026-7459). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4290 |
|
Vulnerability in wordpress (CVE-2026-4290)
vulnerability in wordpress (CVE-2026-4290). Data can be tampered with by attackers.
|
| CVE-2025-12714 |
|
Vulnerability in wordpress (CVE-2025-12714)
vulnerability in wordpress (CVE-2025-12714). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9189 |
|
Vulnerability in wordpress (CVE-2026-9189)
vulnerability in wordpress (CVE-2026-9189). Risk of unauthorized operations or information disclosure. Exploitable via ``mc_gross``.
|
| CVE-2026-6075 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-6075)
vulnerability in wordpress (CVE-2026-6075). Data can be tampered with by attackers.
|
| CVE-2026-10039 |
|
SQL Injection in wordpress (CVE-2026-10039)
SQL injection in wordpress (CVE-2026-10039). Confidential information can be exposed externally.
|
| CVE-2026-9243 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-9243)
cross-site scripting in wordpress (CVE-2026-9243). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-3655 |
|
Authentication Bypass in wordpress (CVE-2026-3655)
authentication bypass in wordpress (CVE-2026-3655). Successful exploitation can lead to full system takeover. Exploitable via ``lwp_ajax_register``.
|
| CVE-2025-11262 |
|
The Link Whisper Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
The Link Whisper Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
|