Export limit exceeded: 13703 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (13703 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-69131 | 2 Extendons, Wordpress | 2 Wordpress & Woocommerce Scraper Plugin, Import Data From Any Site, Wordpress | 2026-06-23 | 7.5 High |
| Unauthenticated Arbitrary File Download in WordPress & WooCommerce Scraper Plugin, Import Data from Any Site <= 1.0.7 versions. | ||||
| CVE-2025-69136 | 2 Themelogi, Wordpress | 2 Wanium, Wordpress | 2026-06-23 | 8.1 High |
| Unauthenticated Local File Inclusion in Wanium <= 1.9.8 versions. | ||||
| CVE-2025-69137 | 2 Jthemes, Wordpress | 2 Genemy, Wordpress | 2026-06-23 | 6.5 Medium |
| Subscriber Broken Access Control in Genemy <= 1.6.6 versions. | ||||
| CVE-2025-69141 | 2 Themerex, Wordpress | 2 Kelly Young, Wordpress | 2026-06-23 | 8.1 High |
| Unauthenticated Local File Inclusion in Kelly Young <= 1.1.0 versions. | ||||
| CVE-2025-69149 | 2 Themerex, Wordpress | 2 Top Dog, Wordpress | 2026-06-23 | 8.1 High |
| Unauthenticated Local File Inclusion in Top Dog <= 1.0.5 versions. | ||||
| CVE-2025-69177 | 2 Themelogi, Wordpress | 2 Roneous, Wordpress | 2026-06-23 | 8.1 High |
| Unauthenticated Local File Inclusion in Roneous <= 2.1.5 versions. | ||||
| CVE-2025-69178 | 2 Cactusthemes, Wordpress | 2 Truemag, Wordpress | 2026-06-23 | 8.1 High |
| Unauthenticated Local File Inclusion in Truemag <= 4.3.14.2 versions. | ||||
| CVE-2026-27429 | 2 Boldthemes, Wordpress | 2 Nifty, Wordpress | 2026-06-23 | 9.8 Critical |
| Unauthenticated PHP Object Injection in Nifty <= 1.4.1 versions. | ||||
| CVE-2026-34893 | 2 Webgeniuslab, Wordpress | 2 Thegov Core, Wordpress | 2026-06-23 | 8.1 High |
| Unauthenticated Local File Inclusion in Thegov Core < 2.0.23 versions. | ||||
| CVE-2026-34894 | 2 Webgeniuslab, Wordpress | 2 Integrio Core, Wordpress | 2026-06-23 | 8.1 High |
| Unauthenticated Local File Inclusion in Integrio Core < 1.2.8 versions. | ||||
| CVE-2026-11989 | 2 Bitpressadmin, Wordpress | 2 Bit Integrations – Form Integration, Webhook, Spreadsheets, Crm, Lms & Email Automation, Wordpress | 2026-06-23 | 6.5 Medium |
| The Bit integrations – Form Integration, Webhook, Spreadsheets, CRM, LMS & Email Automation plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.8.7 via the upload_attachment. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. Exploitation requires a form integration to be configured with a field mapped to a WooCommerce product image, product gallery, downloadable files, or Google Contacts attachment field, which is a default use case for these integrations. | ||||
| CVE-2026-7547 | 2 Teamwsa, Wordpress | 2 Woosa – Marktplaats For Woocommerce, Wordpress | 2026-06-23 | 4.9 Medium |
| The Woosa – Marktplaats for WooCommerce plugin for WordPress is vulnerable to Arbitrary File Read via Path Traversal in versions up to and including 2.0.4. This is due to insufficient path sanitization in the render_logs_ui() function, which accepts a base64-encoded file name from the 'log_file' GET parameter and concatenates it directly with the plugin's log directory path without validating that the resolved path remains within the intended directory. This makes it possible for authenticated attackers, with Administrator-level access, to read the contents of arbitrary files on the server, including wp-config. | ||||
| CVE-2026-6555 | 2 Prosolution, Wordpress | 2 Prosolution Wp Client, Wordpress | 2026-06-23 | 9.8 Critical |
| The ProSolution WP Client plugin for WordPress is vulnerable to Arbitrary File Upload in versions up to, and including, 2.0.0. This is due to an array validation mismatch where only the first file in the upload array undergoes extension and MIME type validation, while all files are processed and uploaded to a web-accessible directory. This makes it possible for unauthenticated attackers to upload malicious PHP files and achieve remote code execution by sending a valid first file followed by a malicious file. | ||||
| CVE-2026-6798 | 2 2download, Wordpress | 2 2download Connector For 2dl Hosted Checkout, Wordpress | 2026-06-22 | 5.3 Medium |
| The 2Download Connector for 2DL Hosted Checkout plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 0.1.5. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to view arbitrary customers' subscription data including subscription status, product names, order IDs, purchase dates, and expiry dates. | ||||
| CVE-2026-7515 | 2 Betterdocs, Wordpress | 2 Betterdocs Pro, Wordpress | 2026-06-22 | 9.8 Critical |
| The BetterDocs Pro plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 3.8.0 via the `doc_style` parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary .php files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where .php file types can be uploaded and included. | ||||
| CVE-2026-11911 | 2 Eemitch, Wordpress | 2 Simple File List, Wordpress | 2026-06-22 | 7.5 High |
| The Simple File List plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the eeSFL_DeleteFile function in all versions up to, and including, 6.3.7. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). The simplefilelist_edit_job AJAX action is registered via wp_ajax_nopriv_, making it accessible without authentication, and the is_admin() guard that would otherwise restrict access is bypassed because is_admin() always returns true for requests to the admin-ajax.php endpoint. | ||||
| CVE-2026-12119 | 2 Eemitch, Wordpress | 2 Simple File List, Wordpress | 2026-06-22 | 6.5 Medium |
| The Simple File List plugin for WordPress is vulnerable to unauthorized file operations due to a missing authorization check on the 'frontmanage' shortcode attribute in all versions up to, and including, 6.3.7. This makes it possible for authenticated attackers, with contributor-level access and above, to perform arbitrary file operations including deletion, move, folder creation, and download. An attacker can create a draft post containing the 'eeSFL' shortcode, render it via the post preview endpoint to harvest the nonce needed to authorize the operations, and then submit file operation requests that bypass the intended authorization checks in includes/ee-list-ops-bar-process.php. | ||||
| CVE-2026-11775 | 2 Adamsilverstein, Wordpress | 2 User Admin Simplifier, Wordpress | 2026-06-22 | 4.3 Medium |
| The User Admin Simplifier plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0.0. This is due to missing or incorrect nonce validation on the useradminsimplifier_options_page function. This makes it possible for unauthenticated attackers to reset and permanently delete any user's stored menu and admin-bar configuration via a forged request that triggers uas_save_admin_options() and overwrites the useradminsimplifier_options database entry via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||
| CVE-2026-9013 | 2 Rocklobsterinc, Wordpress | 2 Bogo, Wordpress | 2026-06-22 | 4.3 Medium |
| The Bogo plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.9.1 via the bogo_rest_create_post_translation. This makes it possible for authenticated attackers, with subscriber-level access and above, to extract the raw title, content, excerpt, and password of any private, draft, or password-protected post by triggering its duplication via the translation endpoint and reading the returned title.raw, content.raw, and excerpt.raw fields of the duplicated post. This vulnerability is exploitable against posts written in a non-default locale, as authenticated subscribers can request a translation into the site's default locale to pass the locale-only permission gate. While subscribers can trigger the endpoint, this is only impactful at the Contributor-level as they can actually read the duplicated content. | ||||
| CVE-2026-3640 | 2 Strablengineering, Wordpress | 2 Strabl – A Checkout Solution, Wordpress | 2026-06-22 | 5.3 Medium |
| The STRABL – A checkout solution plugin for WordPress is vulnerable to Missing Authentication in all versions up to and including 4.5. The plugin registers a REST API webhook endpoint at /wp-json/strabl/webhook/order with a permission_callback of __return_true, which allows all incoming requests without any authentication or authorization checks. No shared secret, signature validation, HMAC verification, or token-based authentication is implemented. This makes it possible for unauthenticated attackers to create fraudulent WooCommerce orders and mark them as completed by supplying paymentStatus=paid, manipulate existing order statuses by providing an externalOrderId, create new WordPress user accounts with the customer role, issue refunds on existing orders, cancel existing orders, and apply chargeback fees — all without making a legitimate payment or having any valid credentials. | ||||