Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-58480 |
|
Unrestricted File Upload in wordpress (CVE-2026-58480)
vulnerability in wordpress (CVE-2026-58480). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6820 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-6820)
cross-site scripting in wordpress (CVE-2026-6820). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6740 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-6740)
cross-site scripting in wordpress (CVE-2026-6740). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6459 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-6459)
cross-site scripting in wordpress (CVE-2026-6459). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5356 |
|
Vulnerability in wordpress (CVE-2026-5356)
vulnerability in wordpress (CVE-2026-5356). Data can be tampered with by attackers.
|
| CVE-2026-5459 |
|
Vulnerability in wordpress (CVE-2026-5459)
vulnerability in wordpress (CVE-2026-5459). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12002 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-12002)
vulnerability in wordpress (CVE-2026-12002). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6854 |
|
SQL Injection in wordpress (CVE-2026-6854)
SQL injection in wordpress (CVE-2026-6854). Confidential information can be exposed externally.
|
| CVE-2026-6742 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-6742)
cross-site scripting in wordpress (CVE-2026-6742). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6818 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-6818)
cross-site scripting in wordpress (CVE-2026-6818). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6230 |
|
SQL Injection in wordpress (CVE-2026-6230)
SQL injection in wordpress (CVE-2026-6230). Confidential information can be exposed externally.
|
| CVE-2025-14785 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2025-14785)
cross-site scripting in wordpress (CVE-2025-14785). Risk of unauthorized operations or information disclosure. Exploitable via ``seedprodnestedmenuwidget``.
|
| CVE-2026-14250 |
|
Privilege Escalation in wordpress (CVE-2026-14250)
vulnerability in wordpress (CVE-2026-14250). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-3688 |
|
Vulnerability in wordpress (CVE-2026-3688)
vulnerability in wordpress (CVE-2026-3688). Data can be tampered with by attackers.
|
| CVE-2026-12936 |
|
SQL Injection in wordpress (CVE-2026-12936)
SQL injection in wordpress (CVE-2026-12936). Confidential information can be exposed externally.
|
| CVE-2026-12378 |
|
Vulnerability in wordpress (CVE-2026-12378)
vulnerability in wordpress (CVE-2026-12378). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9700 |
|
SQL Injection in wordpress (CVE-2026-9700)
SQL injection in wordpress (CVE-2026-9700). Confidential information can be exposed externally.
|
| CVE-2026-14500 |
|
Path Traversal in wordpress (CVE-2026-14500)
path traversal in wordpress (CVE-2026-14500). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9731 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-9731)
vulnerability in wordpress (CVE-2026-9731). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14495 |
|
Vulnerability in wordpress (CVE-2026-14495)
vulnerability in wordpress (CVE-2026-14495). Successful exploitation can lead to full system takeover. Exploitable via ``init``.
|
| CVE-2026-14489 |
|
Unrestricted File Upload in wordpress (CVE-2026-14489)
vulnerability in wordpress (CVE-2026-14489). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12041 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-12041)
cross-site scripting in wordpress (CVE-2026-12041). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11798 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-11798)
cross-site scripting in wordpress (CVE-2026-11798). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12097 |
|
Vulnerability in wordpress (CVE-2026-12097)
vulnerability in wordpress (CVE-2026-12097). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10570 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-10570)
cross-site scripting in wordpress (CVE-2026-10570). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12153 |
|
Vulnerability in wordpress (CVE-2026-12153)
vulnerability in wordpress (CVE-2026-12153). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9842 |
|
Privilege Escalation in wordpress (CVE-2026-9842)
vulnerability in wordpress (CVE-2026-9842). Data can be tampered with by attackers. Exploitable via ``manage_options``.
|
| CVE-2026-9701 |
|
Vulnerability in wordpress (CVE-2026-9701)
vulnerability in wordpress (CVE-2026-9701). Successful exploitation can lead to full system takeover. Exploitable via ``eventer_verification_code``.
|
| CVE-2026-14158 |
|
Unrestricted File Upload in wordpress (CVE-2026-14158)
vulnerability in wordpress (CVE-2026-14158). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14244 |
|
Path Traversal in wordpress (CVE-2026-14244)
path traversal in wordpress (CVE-2026-14244). Confidential information can be exposed externally.
|
| CVE-2026-14482 |
|
Privilege Escalation in wordpress (CVE-2026-14482)
vulnerability in wordpress (CVE-2026-14482). Successful exploitation can lead to full system takeover. Exploitable via ``update_option``.
|
| CVE-2026-14487 |
|
Path Traversal in wordpress (CVE-2026-14487)
path traversal in wordpress (CVE-2026-14487). Data can be tampered with by attackers.
|
| CVE-2026-6101 |
|
Vulnerability in wordpress (CVE-2026-6101)
vulnerability in wordpress (CVE-2026-6101). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14345 |
|
Unrestricted File Upload in wordpress (CVE-2026-14345)
vulnerability in wordpress (CVE-2026-14345). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12277 |
|
Vulnerability in wordpress (CVE-2026-12277)
vulnerability in wordpress (CVE-2026-12277). Data can be tampered with by attackers.
|
| CVE-2026-12375 |
|
Vulnerability in wordpress (CVE-2026-12375)
vulnerability in wordpress (CVE-2026-12375). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10834 |
|
Vulnerability in wordpress (CVE-2026-10834)
vulnerability in wordpress (CVE-2026-10834). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4375 |
|
Vulnerability in wordpress (CVE-2026-4375)
vulnerability in wordpress (CVE-2026-4375). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11328 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-11328)
cross-site scripting in wordpress (CVE-2026-11328). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12154 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-12154)
cross-site scripting in wordpress (CVE-2026-12154). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6382 |
|
Vulnerability in wordpress (CVE-2026-6382)
vulnerability in wordpress (CVE-2026-6382). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11855 |
|
Vulnerability in wordpress (CVE-2026-11855)
vulnerability in wordpress (CVE-2026-11855). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11766 |
|
Vulnerability in wordpress (CVE-2026-11766)
vulnerability in wordpress (CVE-2026-11766). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11962 |
|
Vulnerability in wordpress (CVE-2026-11962)
vulnerability in wordpress (CVE-2026-11962). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12083 |
|
Vulnerability in wordpress (CVE-2026-12083)
vulnerability in wordpress (CVE-2026-12083). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10830 |
|
Vulnerability in wordpress (CVE-2026-10830)
vulnerability in wordpress (CVE-2026-10830). Successful exploitation can lead to full system takeover.
|
| CVE-2024-6228 |
|
Vulnerability in wordpress (CVE-2024-6228)
vulnerability in wordpress (CVE-2024-6228). Successful exploitation can lead to full system takeover.
|
| CVE-2026-5137 |
|
Vulnerability in wordpress (CVE-2026-5137)
vulnerability in wordpress (CVE-2026-5137). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9756 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-9756)
cross-site scripting in wordpress (CVE-2026-9756). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4804 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2026-4804)
cross-site scripting in wordpress (CVE-2026-4804). Risk of unauthorized operations or information disclosure.
|