Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cms Clear
ID Title
CVE-2026-7517 Cross-Site Scripting (XSS) in wordpress (CVE-2026-7517)
cross-site scripting in wordpress (CVE-2026-7517). Risk of unauthorized operations or information disclosure.
CVE-2026-12923 Vulnerability in wordpress (CVE-2026-12923)
vulnerability in wordpress (CVE-2026-12923). Successful exploitation can lead to full system takeover.
CVE-2026-13468 Vulnerability in wordpress (CVE-2026-13468)
vulnerability in wordpress (CVE-2026-13468). Confidential information can be exposed externally.
CVE-2026-10513 Cross-Site Scripting (XSS) in wordpress (CVE-2026-10513)
cross-site scripting in wordpress (CVE-2026-10513). Risk of unauthorized operations or information disclosure.
CVE-2026-8141 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8141)
cross-site scripting in wordpress (CVE-2026-8141). Risk of unauthorized operations or information disclosure.
CVE-2026-12240 Unsafe Deserialization in wordpress (CVE-2026-12240)
vulnerability in wordpress (CVE-2026-12240). Successful exploitation can lead to full system takeover.
CVE-2026-11590 Vulnerability in wordpress (CVE-2026-11590)
vulnerability in wordpress (CVE-2026-11590). Confidential information can be exposed externally.
CVE-2026-11589 Vulnerability in wordpress (CVE-2026-11589)
vulnerability in wordpress (CVE-2026-11589). Successful exploitation can lead to full system takeover.
CVE-2026-10083 Vulnerability in wordpress (CVE-2026-10083)
vulnerability in wordpress (CVE-2026-10083). Successful exploitation can lead to full system takeover.
CVE-2026-8095 Vulnerability in wordpress (CVE-2026-8095)
vulnerability in wordpress (CVE-2026-8095). Data can be tampered with by attackers.
CVE-2026-10820 Vulnerability in wordpress (CVE-2026-10820)
vulnerability in wordpress (CVE-2026-10820). Data can be tampered with by attackers.
CVE-2026-56011 Unauthenticated Cross Site Scripting (XSS) in MapPress Maps for WordPress <= 2.97.3 versions.
Unauthenticated Cross Site Scripting (XSS) in MapPress Maps for WordPress <= 2.97.3 versions.
CVE-2025-68063 Vulnerability in wordpress (CVE-2025-68063)
vulnerability in wordpress (CVE-2025-68063). Successful exploitation can lead to full system takeover.
CVE-2026-10835 Vulnerability in wordpress (CVE-2026-10835)
vulnerability in wordpress (CVE-2026-10835). Confidential information can be exposed externally.
CVE-2026-10823 Vulnerability in wordpress (CVE-2026-10823)
vulnerability in wordpress (CVE-2026-10823). Confidential information can be exposed externally.
CVE-2026-9702 Vulnerability in wordpress (CVE-2026-9702)
vulnerability in wordpress (CVE-2026-9702). Data can be tampered with by attackers.
CVE-2026-5305 Vulnerability in wordpress (CVE-2026-5305)
vulnerability in wordpress (CVE-2026-5305). Successful exploitation can lead to full system takeover.
CVE-2026-12937 SQL Injection in wordpress (CVE-2026-12937)
SQL injection in wordpress (CVE-2026-12937). Confidential information can be exposed externally.
CVE-2026-12077 SQL Injection in wordpress (CVE-2026-12077)
SQL injection in wordpress (CVE-2026-12077). Confidential information can be exposed externally.
CVE-2026-12242 Code Injection in wordpress (CVE-2026-12242)
code injection in wordpress (CVE-2026-12242). Successful exploitation can lead to full system takeover.
CVE-2026-7761 Vulnerability in wordpress (CVE-2026-7761)
vulnerability in wordpress (CVE-2026-7761). Successful exploitation can lead to full system takeover.
CVE-2026-9710 Vulnerability in wordpress (CVE-2026-9710)
vulnerability in wordpress (CVE-2026-9710). Confidential information can be exposed externally. Exploitable via ``cornerstone``.
CVE-2026-9709 Vulnerability in wordpress (CVE-2026-9709)
vulnerability in wordpress (CVE-2026-9709). Confidential information can be exposed externally. Exploitable via ``cornerstone``.
CVE-2026-9643 Cross-Site Scripting (XSS) in wordpress (CVE-2026-9643)
cross-site scripting in wordpress (CVE-2026-9643). Risk of unauthorized operations or information disclosure. Exploitable via ``wp_wpms_links.link_url``.
CVE-2026-9179 SQL Injection in wordpress (CVE-2026-9179)
SQL injection in wordpress (CVE-2026-9179). Confidential information can be exposed externally.
CVE-2026-9178 Vulnerability in wordpress (CVE-2026-9178)
vulnerability in wordpress (CVE-2026-9178). Confidential information can be exposed externally.
CVE-2026-8705 SQL Injection in wordpress (CVE-2026-8705)
SQL injection in wordpress (CVE-2026-8705). Confidential information can be exposed externally. Exploitable via ``clearsale_total_push``.
CVE-2026-4297 Vulnerability in wordpress (CVE-2026-4297)
vulnerability in wordpress (CVE-2026-4297). Successful exploitation can lead to full system takeover.
CVE-2026-12100 SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-12100)
SSRF in wordpress (CVE-2026-12100). Risk of unauthorized operations or information disclosure.
CVE-2026-12095 SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-12095)
SSRF in wordpress (CVE-2026-12095). Risk of unauthorized operations or information disclosure.
CVE-2026-10749 Vulnerability in wordpress (CVE-2026-10749)
vulnerability in wordpress (CVE-2026-10749). Successful exploitation can lead to full system takeover.
CVE-2026-10735 Vulnerability in wordpress (CVE-2026-10735)
vulnerability in wordpress (CVE-2026-10735). Confidential information can be exposed externally.
CVE-2026-10092 Cross-Site Scripting (XSS) in wordpress (CVE-2026-10092)
cross-site scripting in wordpress (CVE-2026-10092). Risk of unauthorized operations or information disclosure.
CVE-2026-10091 Cross-Site Scripting (XSS) in wordpress (CVE-2026-10091)
cross-site scripting in wordpress (CVE-2026-10091). Risk of unauthorized operations or information disclosure.
CVE-2026-3652 The ARForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `value`...
The ARForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `value`...
CVE-2026-8379 Vulnerability in wordpress (CVE-2026-8379)
vulnerability in wordpress (CVE-2026-8379). Confidential information can be exposed externally.
CVE-2026-8172 Vulnerability in wordpress (CVE-2026-8172)
vulnerability in wordpress (CVE-2026-8172). Risk of unauthorized operations or information disclosure.
CVE-2026-8163 Vulnerability in wordpress (CVE-2026-8163)
vulnerability in wordpress (CVE-2026-8163). Successful exploitation can lead to full system takeover.
CVE-2026-8157 Privilege Escalation in wordpress (CVE-2026-8157)
vulnerability in wordpress (CVE-2026-8157). Successful exploitation can lead to full system takeover.
CVE-2026-4259 Cross-Site Scripting (XSS) in wordpress (CVE-2026-4259)
cross-site scripting in wordpress (CVE-2026-4259). Risk of unauthorized operations or information disclosure.
CVE-2026-6858 Cross-Site Scripting (XSS) in wordpress (CVE-2026-6858)
cross-site scripting in wordpress (CVE-2026-6858). Risk of unauthorized operations or information disclosure.
CVE-2020-37255 Vulnerability in wordpress (CVE-2020-37255)
vulnerability in wordpress (CVE-2020-37255). Confidential information can be exposed externally.
CVE-2026-11911 Path Traversal in wordpress (CVE-2026-11911)
path traversal in wordpress (CVE-2026-11911). Confidential information can be exposed externally.
CVE-2026-11912 Vulnerability in wordpress (CVE-2026-11912)
vulnerability in wordpress (CVE-2026-11912). Data can be tampered with by attackers.
CVE-2026-9843 Path Traversal in wordpress (CVE-2026-9843)
path traversal in wordpress (CVE-2026-9843). Data can be tampered with by attackers.
CVE-2026-11395 SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-11395)
SSRF in wordpress (CVE-2026-11395). Risk of unauthorized operations or information disclosure.
CVE-2026-9860 Unrestricted File Upload in wordpress (CVE-2026-9860)
vulnerability in wordpress (CVE-2026-9860). Successful exploitation can lead to full system takeover.
CVE-2026-12407 Vulnerability in wordpress (CVE-2026-12407)
vulnerability in wordpress (CVE-2026-12407). Successful exploitation can lead to full system takeover.
CVE-2025-69130 Unsafe Deserialization in wordpress (CVE-2025-69130)
vulnerability in wordpress (CVE-2025-69130). Successful exploitation can lead to full system takeover.
CVE-2025-69115 Vulnerability in wordpress (CVE-2025-69115)
vulnerability in wordpress (CVE-2025-69115). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →