Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: languages Tag: wordpress Clear
ID Title
CVE-2026-58480 Unrestricted File Upload in wordpress (CVE-2026-58480)
vulnerability in wordpress (CVE-2026-58480). Successful exploitation can lead to full system takeover.
CVE-2026-12378 Vulnerability in wordpress (CVE-2026-12378)
vulnerability in wordpress (CVE-2026-12378). Successful exploitation can lead to full system takeover.
CVE-2026-9731 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-9731)
vulnerability in wordpress (CVE-2026-9731). Risk of unauthorized operations or information disclosure.
CVE-2026-9701 Vulnerability in wordpress (CVE-2026-9701)
vulnerability in wordpress (CVE-2026-9701). Successful exploitation can lead to full system takeover. Exploitable via ``eventer_verification_code``.
CVE-2026-14487 Path Traversal in wordpress (CVE-2026-14487)
path traversal in wordpress (CVE-2026-14487). Data can be tampered with by attackers.
CVE-2026-6101 Vulnerability in wordpress (CVE-2026-6101)
vulnerability in wordpress (CVE-2026-6101). Successful exploitation can lead to full system takeover.
CVE-2026-12277 Vulnerability in wordpress (CVE-2026-12277)
vulnerability in wordpress (CVE-2026-12277). Data can be tampered with by attackers.
CVE-2026-14345 Unrestricted File Upload in wordpress (CVE-2026-14345)
vulnerability in wordpress (CVE-2026-14345). Successful exploitation can lead to full system takeover.
CVE-2026-6382 Vulnerability in wordpress (CVE-2026-6382)
vulnerability in wordpress (CVE-2026-6382). Successful exploitation can lead to full system takeover.
CVE-2026-11766 Vulnerability in wordpress (CVE-2026-11766)
vulnerability in wordpress (CVE-2026-11766). Successful exploitation can lead to full system takeover.
CVE-2026-11962 Vulnerability in wordpress (CVE-2026-11962)
vulnerability in wordpress (CVE-2026-11962). Successful exploitation can lead to full system takeover.
CVE-2024-6228 Vulnerability in wordpress (CVE-2024-6228)
vulnerability in wordpress (CVE-2024-6228). Successful exploitation can lead to full system takeover.
CVE-2026-5137 Vulnerability in wordpress (CVE-2026-5137)
vulnerability in wordpress (CVE-2026-5137). Risk of unauthorized operations or information disclosure.
CVE-2026-9756 Cross-Site Scripting (XSS) in wordpress (CVE-2026-9756)
cross-site scripting in wordpress (CVE-2026-9756). Risk of unauthorized operations or information disclosure.
CVE-2026-9725 Path Traversal in wordpress (CVE-2026-9725)
path traversal in wordpress (CVE-2026-9725). Data can be tampered with by attackers.
CVE-2026-9180 Vulnerability in wordpress (CVE-2026-9180)
vulnerability in wordpress (CVE-2026-9180). Risk of unauthorized operations or information disclosure. Exploitable via `POST /motopress/appointment/v1/bookings`.
CVE-2026-7311 Path Traversal in wordpress (CVE-2026-7311)
path traversal in wordpress (CVE-2026-7311). Data can be tampered with by attackers.
CVE-2026-5524 Unrestricted File Upload in wordpress (CVE-2026-5524)
vulnerability in wordpress (CVE-2026-5524). Successful exploitation can lead to full system takeover.
CVE-2026-9834 Command Injection in wordpress (CVE-2026-9834)
command injection in wordpress (CVE-2026-9834). Successful exploitation can lead to full system takeover. Exploitable via ``wp_db_exclude_table``.
CVE-2026-9145 Path Traversal in wordpress (CVE-2026-9145)
path traversal in wordpress (CVE-2026-9145). Confidential information can be exposed externally.
CVE-2026-14249 Vulnerability in wordpress (CVE-2026-14249)
vulnerability in wordpress (CVE-2026-14249). Data can be tampered with by attackers.
CVE-2026-12142 Cross-Site Scripting (XSS) in wordpress (CVE-2026-12142)
cross-site scripting in wordpress (CVE-2026-12142). Risk of unauthorized operations or information disclosure.
CVE-2026-13733 Cross-Site Scripting (XSS) in c (CVE-2026-13733)
cross-site scripting in c (CVE-2026-13733). Risk of unauthorized operations or information disclosure.
CVE-2026-11880 Vulnerability in c (CVE-2026-11880)
vulnerability in c (CVE-2026-11880). Risk of unauthorized operations or information disclosure.
CVE-2026-6070 Vulnerability in wordpress (CVE-2026-6070)
vulnerability in wordpress (CVE-2026-6070). Data can be tampered with by attackers.
CVE-2026-13015 Cross-Site Scripting (XSS) in wordpress (CVE-2026-13015)
cross-site scripting in wordpress (CVE-2026-13015). Risk of unauthorized operations or information disclosure.
CVE-2026-12923 Vulnerability in wordpress (CVE-2026-12923)
vulnerability in wordpress (CVE-2026-12923). Successful exploitation can lead to full system takeover.
CVE-2026-11581 Vulnerability in wordpress (CVE-2026-11581)
vulnerability in wordpress (CVE-2026-11581). Risk of unauthorized operations or information disclosure.
CVE-2026-11589 Vulnerability in wordpress (CVE-2026-11589)
vulnerability in wordpress (CVE-2026-11589). Successful exploitation can lead to full system takeover.
CVE-2026-12240 Unsafe Deserialization in wordpress (CVE-2026-12240)
vulnerability in wordpress (CVE-2026-12240). Successful exploitation can lead to full system takeover.
CVE-2026-12349 Vulnerability in c (CVE-2026-12349)
vulnerability in c (CVE-2026-12349). Risk of unauthorized operations or information disclosure.
CVE-2026-8944 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-8944)
vulnerability in wordpress (CVE-2026-8944). Risk of unauthorized operations or information disclosure.
CVE-2026-11367 Path Traversal in wordpress (CVE-2026-11367)
path traversal in wordpress (CVE-2026-11367). Confidential information can be exposed externally.
CVE-2026-10083 Vulnerability in wordpress (CVE-2026-10083)
vulnerability in wordpress (CVE-2026-10083). Successful exploitation can lead to full system takeover.
CVE-2026-8095 Vulnerability in wordpress (CVE-2026-8095)
vulnerability in wordpress (CVE-2026-8095). Data can be tampered with by attackers.
CVE-2026-12432 Vulnerability in wordpress (CVE-2026-12432)
vulnerability in wordpress (CVE-2026-12432). Risk of unauthorized operations or information disclosure.
CVE-2026-12242 Code Injection in wordpress (CVE-2026-12242)
code injection in wordpress (CVE-2026-12242). Successful exploitation can lead to full system takeover.
CVE-2026-9643 Cross-Site Scripting (XSS) in wordpress (CVE-2026-9643)
cross-site scripting in wordpress (CVE-2026-9643). Risk of unauthorized operations or information disclosure. Exploitable via ``wp_wpms_links.link_url``.
CVE-2026-9183 Information Disclosure in wordpress (CVE-2026-9183)
vulnerability in wordpress (CVE-2026-9183). Risk of unauthorized operations or information disclosure.
CVE-2026-9612 Information Disclosure in wordpress (CVE-2026-9612)
vulnerability in wordpress (CVE-2026-9612). Risk of unauthorized operations or information disclosure.
CVE-2026-8628 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8628)
cross-site scripting in wordpress (CVE-2026-8628). Risk of unauthorized operations or information disclosure.
CVE-2026-8705 SQL Injection in wordpress (CVE-2026-8705)
SQL injection in wordpress (CVE-2026-8705). Confidential information can be exposed externally. Exploitable via ``clearsale_total_push``.
CVE-2026-12417 Vulnerability in wordpress (CVE-2026-12417)
vulnerability in wordpress (CVE-2026-12417). Successful exploitation can lead to full system takeover. Exploitable via ``wp_ajax_nopriv_pravel_change_password``.
CVE-2026-10749 Vulnerability in wordpress (CVE-2026-10749)
vulnerability in wordpress (CVE-2026-10749). Successful exploitation can lead to full system takeover.
CVE-2026-10091 Cross-Site Scripting (XSS) in wordpress (CVE-2026-10091)
cross-site scripting in wordpress (CVE-2026-10091). Risk of unauthorized operations or information disclosure.
CVE-2026-3652 The ARForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `value`...
The ARForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `value`...
CVE-2019-25763 Vulnerability in wordpress (CVE-2019-25763)
vulnerability in wordpress (CVE-2019-25763). Successful exploitation can lead to full system takeover.
CVE-2026-12119 Vulnerability in wordpress (CVE-2026-12119)
vulnerability in wordpress (CVE-2026-12119). Data can be tampered with by attackers.
CVE-2026-11911 Path Traversal in wordpress (CVE-2026-11911)
path traversal in wordpress (CVE-2026-11911). Confidential information can be exposed externally.
CVE-2026-9843 Path Traversal in wordpress (CVE-2026-9843)
path traversal in wordpress (CVE-2026-9843). Data can be tampered with by attackers.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →