Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Tag: wordpress Clear
ID Title
CVE-2026-58480 Unrestricted File Upload in wordpress (CVE-2026-58480)
vulnerability in wordpress (CVE-2026-58480). Successful exploitation can lead to full system takeover.
CVE-2026-6459 Cross-Site Scripting (XSS) in wordpress (CVE-2026-6459)
cross-site scripting in wordpress (CVE-2026-6459). Risk of unauthorized operations or information disclosure.
CVE-2026-6740 Cross-Site Scripting (XSS) in wordpress (CVE-2026-6740)
cross-site scripting in wordpress (CVE-2026-6740). Risk of unauthorized operations or information disclosure.
CVE-2026-6820 Cross-Site Scripting (XSS) in wordpress (CVE-2026-6820)
cross-site scripting in wordpress (CVE-2026-6820). Risk of unauthorized operations or information disclosure.
CVE-2026-5356 Vulnerability in wordpress (CVE-2026-5356)
vulnerability in wordpress (CVE-2026-5356). Data can be tampered with by attackers.
CVE-2026-12002 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-12002)
vulnerability in wordpress (CVE-2026-12002). Risk of unauthorized operations or information disclosure.
CVE-2026-6230 SQL Injection in wordpress (CVE-2026-6230)
SQL injection in wordpress (CVE-2026-6230). Confidential information can be exposed externally.
CVE-2026-6854 SQL Injection in wordpress (CVE-2026-6854)
SQL injection in wordpress (CVE-2026-6854). Confidential information can be exposed externally.
CVE-2026-6818 Cross-Site Scripting (XSS) in wordpress (CVE-2026-6818)
cross-site scripting in wordpress (CVE-2026-6818). Risk of unauthorized operations or information disclosure.
CVE-2026-6742 Cross-Site Scripting (XSS) in wordpress (CVE-2026-6742)
cross-site scripting in wordpress (CVE-2026-6742). Risk of unauthorized operations or information disclosure.
CVE-2026-14250 Privilege Escalation in wordpress (CVE-2026-14250)
vulnerability in wordpress (CVE-2026-14250). Risk of unauthorized operations or information disclosure.
CVE-2025-14785 Cross-Site Scripting (XSS) in wordpress (CVE-2025-14785)
cross-site scripting in wordpress (CVE-2025-14785). Risk of unauthorized operations or information disclosure. Exploitable via ``seedprodnestedmenuwidget``.
CVE-2026-12936 SQL Injection in wordpress (CVE-2026-12936)
SQL injection in wordpress (CVE-2026-12936). Confidential information can be exposed externally.
CVE-2026-9731 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-9731)
vulnerability in wordpress (CVE-2026-9731). Risk of unauthorized operations or information disclosure.
CVE-2026-14489 Unrestricted File Upload in wordpress (CVE-2026-14489)
vulnerability in wordpress (CVE-2026-14489). Successful exploitation can lead to full system takeover.
CVE-2026-9700 SQL Injection in wordpress (CVE-2026-9700)
SQL injection in wordpress (CVE-2026-9700). Confidential information can be exposed externally.
CVE-2026-14500 Path Traversal in wordpress (CVE-2026-14500)
path traversal in wordpress (CVE-2026-14500). Risk of unauthorized operations or information disclosure.
CVE-2026-12041 Cross-Site Scripting (XSS) in wordpress (CVE-2026-12041)
cross-site scripting in wordpress (CVE-2026-12041). Risk of unauthorized operations or information disclosure.
CVE-2026-12153 Vulnerability in wordpress (CVE-2026-12153)
vulnerability in wordpress (CVE-2026-12153). Successful exploitation can lead to full system takeover.
CVE-2026-10570 Cross-Site Scripting (XSS) in wordpress (CVE-2026-10570)
cross-site scripting in wordpress (CVE-2026-10570). Risk of unauthorized operations or information disclosure.
CVE-2026-11798 Cross-Site Scripting (XSS) in wordpress (CVE-2026-11798)
cross-site scripting in wordpress (CVE-2026-11798). Risk of unauthorized operations or information disclosure.
CVE-2026-12097 Vulnerability in wordpress (CVE-2026-12097)
vulnerability in wordpress (CVE-2026-12097). Risk of unauthorized operations or information disclosure.
CVE-2026-9842 Privilege Escalation in wordpress (CVE-2026-9842)
vulnerability in wordpress (CVE-2026-9842). Data can be tampered with by attackers. Exploitable via ``manage_options``.
CVE-2026-14244 Path Traversal in wordpress (CVE-2026-14244)
path traversal in wordpress (CVE-2026-14244). Confidential information can be exposed externally.
CVE-2026-14482 Privilege Escalation in wordpress (CVE-2026-14482)
vulnerability in wordpress (CVE-2026-14482). Successful exploitation can lead to full system takeover. Exploitable via ``update_option``.
CVE-2026-14158 Unrestricted File Upload in wordpress (CVE-2026-14158)
vulnerability in wordpress (CVE-2026-14158). Successful exploitation can lead to full system takeover.
CVE-2026-14487 Path Traversal in wordpress (CVE-2026-14487)
path traversal in wordpress (CVE-2026-14487). Data can be tampered with by attackers.
CVE-2026-6101 Vulnerability in wordpress (CVE-2026-6101)
vulnerability in wordpress (CVE-2026-6101). Successful exploitation can lead to full system takeover.
CVE-2026-14345 Unrestricted File Upload in wordpress (CVE-2026-14345)
vulnerability in wordpress (CVE-2026-14345). Successful exploitation can lead to full system takeover.
CVE-2026-11328 Cross-Site Scripting (XSS) in wordpress (CVE-2026-11328)
cross-site scripting in wordpress (CVE-2026-11328). Risk of unauthorized operations or information disclosure.
CVE-2026-12154 Cross-Site Scripting (XSS) in wordpress (CVE-2026-12154)
cross-site scripting in wordpress (CVE-2026-12154). Risk of unauthorized operations or information disclosure.
CVE-2026-5137 Vulnerability in wordpress (CVE-2026-5137)
vulnerability in wordpress (CVE-2026-5137). Risk of unauthorized operations or information disclosure.
CVE-2026-4804 Cross-Site Scripting (XSS) in wordpress (CVE-2026-4804)
cross-site scripting in wordpress (CVE-2026-4804). Risk of unauthorized operations or information disclosure.
CVE-2026-9756 Cross-Site Scripting (XSS) in wordpress (CVE-2026-9756)
cross-site scripting in wordpress (CVE-2026-9756). Risk of unauthorized operations or information disclosure.
CVE-2026-11778 Code Injection in wordpress (CVE-2026-11778)
code injection in wordpress (CVE-2026-11778). Risk of unauthorized operations or information disclosure.
CVE-2026-11398 Vulnerability in wordpress (CVE-2026-11398)
vulnerability in wordpress (CVE-2026-11398). Risk of unauthorized operations or information disclosure.
CVE-2026-9230 Vulnerability in wordpress (CVE-2026-9230)
vulnerability in wordpress (CVE-2026-9230). Risk of unauthorized operations or information disclosure.
CVE-2026-9148 Cross-Site Scripting (XSS) in wordpress (CVE-2026-9148)
cross-site scripting in wordpress (CVE-2026-9148). Risk of unauthorized operations or information disclosure.
CVE-2026-8351 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8351)
cross-site scripting in wordpress (CVE-2026-8351). Risk of unauthorized operations or information disclosure.
CVE-2026-9725 Path Traversal in wordpress (CVE-2026-9725)
path traversal in wordpress (CVE-2026-9725). Data can be tampered with by attackers.
CVE-2026-9626 Cross-Site Scripting (XSS) in wordpress (CVE-2026-9626)
cross-site scripting in wordpress (CVE-2026-9626). Risk of unauthorized operations or information disclosure.
CVE-2026-8892 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8892)
cross-site scripting in wordpress (CVE-2026-8892). Risk of unauthorized operations or information disclosure.
CVE-2026-8489 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8489)
cross-site scripting in wordpress (CVE-2026-8489). Risk of unauthorized operations or information disclosure.
CVE-2026-14352 Path Traversal in wordpress (CVE-2026-14352)
path traversal in wordpress (CVE-2026-14352). Confidential information can be exposed externally. Exploitable via `Referer header`.
CVE-2026-13040 Cross-Site Scripting (XSS) in wordpress (CVE-2026-13040)
cross-site scripting in wordpress (CVE-2026-13040). Risk of unauthorized operations or information disclosure.
CVE-2026-12557 Vulnerability in wordpress (CVE-2026-12557)
vulnerability in wordpress (CVE-2026-12557). Risk of unauthorized operations or information disclosure.
CVE-2026-11397 SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-11397)
SSRF in wordpress (CVE-2026-11397). Risk of unauthorized operations or information disclosure.
CVE-2026-12729 Vulnerability in wordpress (CVE-2026-12729)
vulnerability in wordpress (CVE-2026-12729). Risk of unauthorized operations or information disclosure.
CVE-2026-12731 Cross-Site Scripting (XSS) in wordpress (CVE-2026-12731)
cross-site scripting in wordpress (CVE-2026-12731). Risk of unauthorized operations or information disclosure.
CVE-2026-12734 Cross-Site Scripting (XSS) in wordpress (CVE-2026-12734)
cross-site scripting in wordpress (CVE-2026-12734). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →