Wordpress CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (12935 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-32589	2 Ukrsolution, Wordpress	2 Barcode Scanner And Inventory Manager, Wordpress	2026-04-23	7.1 High
Missing Authorization vulnerability in Dmitry V. (CEO of "UKR Solution") Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders.This issue affects Barcode Scanner with Inventory & Order Manager: from n/a through <= 1.5.3.
CVE-2024-32555	1 Wordpress	1 Wordpress	2026-04-23	9.8 Critical
Incorrect Privilege Assignment vulnerability in InspiryThemes Easy Real Estate easy-real-estate allows Privilege Escalation.This issue affects Easy Real Estate: from n/a through <= 2.2.9.
CVE-2024-32444	2 Inspirythemes, Wordpress	2 Realhomes, Wordpress	2026-04-23	9.8 Critical
Incorrect Privilege Assignment vulnerability in InspiryThemes RealHomes realhomes allows Privilege Escalation.This issue affects RealHomes: from n/a through <= 4.3.6.
CVE-2024-32435	1 Wordpress	1 Wordpress	2026-04-23	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in perrinalexandre05 AffiEasy affieasy.This issue affects AffiEasy: from n/a through <= 1.1.4.
CVE-2024-32433	1 Wordpress	1 Wordpress	2026-04-23	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Themefic BEAF beaf-before-and-after-gallery.This issue affects BEAF: from n/a through <= 4.5.4.
CVE-2024-32141	1 Wordpress	1 Wordpress	2026-04-23	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in libsyn Libsyn Publisher Hub libsyn-podcasting.This issue affects Libsyn Publisher Hub: from n/a through <= 1.4.4.
CVE-2024-32126	1 Wordpress	1 Wordpress	2026-04-23	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeroen Peters Navigation menu as Dropdown Widget navigation-menu-as-dropdown-widget.This issue affects Navigation menu as Dropdown Widget: from n/a through <= 1.3.4.
CVE-2024-31929	1 Wordpress	1 Wordpress	2026-04-23	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Iain Poulson Intagrate Lite instagrate-to-wordpress.This issue affects Intagrate Lite: from n/a through <= 1.3.7.
CVE-2024-31281	2 Church Admin Project, Wordpress	2 Church Admin, Wordpress	2026-04-23	6.3 Medium
Missing Authorization vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.1.6.
CVE-2024-30505	2 Church Admin Project, Wordpress	2 Church Admin, Wordpress	2026-04-23	5.4 Medium
Missing Authorization vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.1.18.
CVE-2024-30493	2 Church Admin Project, Wordpress	2 Church Admin, Wordpress	2026-04-23	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.1.7.
CVE-2024-30435	1 Wordpress	1 Wordpress	2026-04-23	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor.This issue affects Nexter Blocks: from n/a through <= 3.2.5.
CVE-2024-30244	2 Church Admin Project, Wordpress	2 Church Admin, Wordpress	2026-04-23	8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.0.27.
CVE-2024-30229	2 Givewp, Wordpress	2 Givewp, Wordpress	2026-04-23	8 High
Deserialization of Untrusted Data vulnerability in StellarWP GiveWP give.This issue affects GiveWP: from n/a through <= 3.4.2.
CVE-2024-30199	2 Wordpress, Wp Lab	2 Wordpress, Wp Lister Lite For Amazon	2026-04-23	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Lab WP-Lister Lite for Amazon wp-lister-for-amazon.This issue affects WP-Lister Lite for Amazon: from n/a through <= 2.6.8.
CVE-2024-30197	2 Church Admin Project, Wordpress	2 Church Admin, Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.0.26.
CVE-2024-30193	2 Church Admin Project, Wordpress	2 Church Admin, Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.1.17.
CVE-2024-30178	1 Wordpress	1 Wordpress	2026-04-23	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Simply Static Simply Static simply-static.This issue affects Simply Static: from n/a through <= 3.1.3.
CVE-2024-2889	2 Wordpress, Wp Lab	2 Wordpress, Wp Lister Lite For Amazon	2026-04-23	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Lab WP-Lister Lite for Amazon wp-lister-for-amazon.This issue affects WP-Lister Lite for Amazon: from n/a through <= 2.6.11.
CVE-2024-29095	1 Wordpress	1 Wordpress	2026-04-23	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gemini Labs Site Reviews site-reviews.This issue affects Site Reviews: from n/a through <= 6.11.6.

« first previous Page 351 of 647. next last »