VYPR

Vendor CVEs

WordPress

All CVEs

32,703 total · sorted by risk
  • CVE-2020-25213CriKEVSep 9, 2020
    risk 0.81cvss 10.0epss 0.97

    The File Manager (wp-file-manager) plugin before 6.9 for WordPress allows remote attackers to upload and execute arbitrary PHP code because it renames an unsafe example elFinder connector file to have the .php extension. This, for example, allows attackers to run the elFinder…

  • CVE-2016-10033CriKEVDec 30, 2016
    risk 0.80cvss 9.8epss 1.00

    The mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property.

  • CVE-2026-48907CriKEVJun 5, 2026
    risk 0.77cvss epss 0.80

    A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution.

  • CVE-2026-48172CriKEVMay 21, 2026
    risk 0.76cvss 9.8epss 0.19

    LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possibly to root), as exploited in the wild in May 2026. Detection is best done via a command line of grep -rE "cpanel_jsonapi_func=redisAble" /var/cpanel/logs /usr/local/cpanel/logs/ 2>/dev/null in Bash.…

  • CVE-2020-24186CriAug 24, 2020
    risk 0.76cvss 10.0epss 0.95

    A Remote Code Execution vulnerability exists in the gVectors wpDiscuz plugin 7.0 through 7.0.4 for WordPress, which allows unauthenticated users to upload any type of file, including PHP files via the wmuUploadFiles AJAX action.

  • CVE-2024-25600CriJun 4, 2024
    risk 0.75cvss 10.0epss 0.87

    Improper Control of Generation of Code ('Code Injection') vulnerability in Codeer Limited Bricks Builder allows Code Injection.This issue affects Bricks Builder: from n/a through 1.9.6.

  • CVE-2024-27956CriMar 21, 2024
    risk 0.75cvss 9.9epss 0.94

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ValvePress Automatic allows SQL Injection.This issue affects Automatic: from n/a through 3.92.0.

  • CVE-2023-6553CriDec 15, 2023
    risk 0.75cvss 9.8epss 0.98

    The Backup Migration plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.7 via the /includes/backup-heart.php file. This is due to an attacker being able to control the values passed to an include, and subsequently leverage that…

  • CVE-2024-5932CriAug 20, 2024
    risk 0.74cvss 10.0epss 0.74

    The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.14.1 via deserialization of untrusted input from the 'give_title' parameter. This makes it possible for unauthenticated…

  • CVE-2024-1071CriMar 13, 2024
    risk 0.74cvss 9.8epss 0.89

    The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to SQL Injection via the 'sorting' parameter in versions 2.1.3 to 2.8.2 due to insufficient escaping on the user supplied…

  • CVE-2023-28121CriApr 12, 2023
    risk 0.74cvss 9.8epss 0.87

    An issue in WooCommerce Payments plugin for WordPress (versions 5.6.1 and lower) allows an unauthenticated attacker to send requests on behalf of an elevated user, like administrator. This allows a remote, unauthenticated attacker to gain admin access on a site that has the…

  • CVE-2021-24762CriFeb 1, 2022
    risk 0.74cvss 9.8epss 0.87

    The Perfect Survey WordPress plugin before 1.5.2 does not validate and escape the question_id GET parameter before using it in a SQL statement in the get_question AJAX action, allowing unauthenticated users to perform SQL injection.

  • CVE-2020-11530CriMay 8, 2020
    risk 0.74cvss 9.8epss 0.96

    A blind SQL injection vulnerability is present in Chop Slider 3, a WordPress plugin. The vulnerability is introduced in the id GET parameter supplied to get_script/index.php, and allows an attacker to execute arbitrary SQL queries in the context of the WP database user.

  • CVE-2020-8772CriFeb 6, 2020
    risk 0.74cvss 9.8epss 0.88

    The InfiniteWP Client plugin before 1.9.4.5 for WordPress has a missing authorization check in iwp_mmb_set_request in init.php. Any attacker who knows the username of an administrator can log in.

  • CVE-2019-20361CriJan 8, 2020
    risk 0.74cvss 9.8epss 0.85

    There was a flaw in the WordPress plugin, Email Subscribers & Newsletters before 4.3.1, that allowed SQL statements to be passed to the database in the hash parameter (a blind SQL injection vulnerability).

  • CVE-2018-19207CriNov 12, 2018
    risk 0.74cvss 9.8epss 0.87

    The Van Ons WP GDPR Compliance (aka wp-gdpr-compliance) plugin before 1.4.3 for WordPress allows remote attackers to execute arbitrary code because $wpdb->prepare() input is mishandled, as exploited in the wild in November 2018.

  • CVE-2018-3810CriJan 1, 2018
    risk 0.74cvss 9.8epss 0.91

    Authentication Bypass vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to insert arbitrary JavaScript or HTML code (via the sgcgoogleanalytic parameter) that runs on all pages served by WordPress. The…

  • CVE-2025-2294CriMar 28, 2025
    risk 0.73cvss 9.8epss 0.77

    The Kubio AI Page Builder plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.5.1 via thekubio_hybrid_theme_load_template function. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the…

  • CVE-2024-44000CriOct 20, 2024
    risk 0.73cvss 9.8epss 0.83

    Insufficiently Protected Credentials vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Authentication Bypass.This issue affects LiteSpeed Cache: from n/a through < 6.5.0.1.

  • CVE-2023-5360CriOct 31, 2023
    risk 0.73cvss 9.8epss 0.82

    The Royal Elementor Addons and Templates WordPress plugin before 1.3.79 does not properly validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as PHP and achieve RCE.

  • CVE-2023-4634CriSep 6, 2023
    risk 0.73cvss 9.8epss 0.83

    The Media Library Assistant plugin for WordPress is vulnerable to Local File Inclusion and Remote Code Execution in versions up to, and including, 3.09. This is due to insufficient controls on file paths being supplied to the 'mla_stream_file' parameter from the…

  • CVE-2022-0169CriMar 14, 2022
    risk 0.73cvss 9.8epss 0.75

    The Photo Gallery by 10Web WordPress plugin before 1.6.0 does not validate and escape the bwg_tag_id_bwg_thumbnails_0 parameter before using it in a SQL statement via the bwg_frontend_data AJAX action (available to unauthenticated and authenticated users), leading to an…

  • CVE-2022-25148CriFeb 24, 2022
    risk 0.73cvss 9.8epss 0.81

    The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the current_page_id parameter found in the ~/includes/class-wp-statistics-hits.php file which allows attackers without authentication to inject arbitrary SQL…

  • CVE-2021-24946CriDec 13, 2021
    risk 0.73cvss 9.8epss 0.73

    The Modern Events Calendar Lite WordPress plugin before 6.1.5 does not sanitise and escape the time parameter before using it in a SQL statement in the mec_load_single_page AJAX action, available to unauthenticated users, leading to an unauthenticated SQL injection issue

  • CVE-2021-24931CriDec 6, 2021
    risk 0.73cvss 9.8epss 0.79

    The Secure Copy Content Protection and Content Locking WordPress plugin before 2.8.2 does not escape the sccp_id parameter of the ays_sccp_results_export_file AJAX action (available to both unauthenticated and authenticated users) before using it in a SQL statement, leading to…

  • CVE-2020-12800CriJun 8, 2020
    risk 0.73cvss 9.8epss 0.79

    The drag-and-drop-multiple-file-upload-contact-form-7 plugin before 1.3.3.3 for WordPress allows Unrestricted File Upload and remote code execution by setting supported_type to php% and uploading a .php% file.

  • CVE-2013-2010CriFeb 12, 2020
    risk 0.73cvss 9.8epss 0.74

    WordPress W3 Total Cache Plugin 0.9.2.8 has a Remote PHP Code Execution Vulnerability

  • CVE-2019-10692CriApr 2, 2019
    risk 0.73cvss 9.8epss 0.79

    In the wp-google-maps plugin before 7.11.18 for WordPress, includes/class.rest-api.php in the REST API does not sanitize field names before a SELECT statement.

  • CVE-2018-17254CriSep 20, 2018
    risk 0.73cvss 9.8epss 0.83

    The JCK Editor component 6.4.4 for Joomla! allows SQL Injection via the jtreelink/dialogs/links.php parent parameter.

  • CVE-2024-28000CriAug 21, 2024
    risk 0.72cvss 9.8epss 0.68

    Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache.This issue affects LiteSpeed Cache: from n/a through <= 6.3.0.1.

  • CVE-2021-24499CriAug 9, 2021
    risk 0.72cvss 9.8epss 0.60

    The Workreap WordPress theme before 2.2.2 AJAX actions workreap_award_temp_file_uploader and workreap_temp_file_uploader did not perform nonce checks, or validate that the request is from a valid user in any other way. The endpoints allowed for uploading arbitrary files to the…

  • CVE-2021-34621CriJul 7, 2021
    risk 0.72cvss 9.8epss 0.69

    A vulnerability in the user registration component found in the ~/src/Classes/RegistrationAuth.php file of the ProfilePress WordPress plugin made it possible for users to register on sites as an administrator. This issue affects versions 3.0.0 - 3.1.3. .

  • CVE-2020-35489CriDec 17, 2020
    risk 0.72cvss 10.0epss 0.90

    The contact-form-7 (aka Contact Form 7) plugin before 5.3.2 for WordPress allows Unrestricted File Upload and remote code execution because a filename may contain special characters.

  • CVE-2020-11738HigKEVApr 13, 2020
    risk 0.72cvss 7.5epss 0.98

    The Snap Creek Duplicator plugin before 1.3.28 for WordPress (and Duplicator Pro before 3.8.7.1) allows Directory Traversal via ../ in the file parameter to duplicator_download or duplicator_init.

  • CVE-2018-16283CriSep 24, 2018
    risk 0.72cvss 9.8epss 0.63

    The Wechat Broadcast plugin 1.2.0 and earlier for WordPress allows Directory Traversal via the Image.php url parameter.

  • CVE-2016-1209CriMay 14, 2016
    risk 0.72cvss 9.8epss 0.62

    The Ninja Forms plugin before 2.9.42.1 for WordPress allows remote attackers to conduct PHP object injection attacks via crafted serialized values in a POST request.

  • CVE-2025-27007CriMay 1, 2025
    risk 0.71cvss 9.8epss 0.51

    Incorrect Privilege Assignment vulnerability in Brainstorm Force OttoKit suretriggers allows Privilege Escalation.This issue affects OttoKit: from n/a through <= 1.0.82.

  • CVE-2024-11972CriDec 31, 2024
    risk 0.71cvss 9.8epss 0.55

    The Hunk Companion WordPress plugin before 1.9.0 does not correctly authorize some REST API endpoints, allowing unauthenticated requests to install and activate arbitrary Hunk Companion WordPress plugin before 1.9.0 from the WordPress.org repo, including vulnerable Hunk…

  • CVE-2024-9047CriOct 12, 2024
    risk 0.71cvss 9.8epss 0.92

    The WordPress File Upload plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 4.24.11 via wfu_file_downloader.php. This makes it possible for unauthenticated attackers to read or delete files outside of the originally intended directory.…

  • CVE-2021-34646CriAug 30, 2021
    risk 0.71cvss 9.8epss 0.51

    Versions up to, and including, 5.4.3, of the Booster for WooCommerce WordPress plugin are vulnerable to authentication bypass via the process_email_verification function due to a random token generation weakness in the reset_and_mail_activation_link function found in the…

  • CVE-2020-27615CriOct 21, 2020
    risk 0.71cvss 9.8epss 0.54

    The Loginizer plugin before 1.6.4 for WordPress allows SQL injection (with resultant XSS), related to loginizer_login_failed and lz_valid_ip.

  • CVE-2020-14092CriJul 2, 2020
    risk 0.71cvss 9.8epss 0.95

    The CodePeople Payment Form for PayPal Pro plugin before 1.1.65 for WordPress allows SQL Injection.

  • CVE-2018-17207CriSep 19, 2018
    risk 0.71cvss 9.8epss 0.58

    An issue was discovered in Snap Creek Duplicator before 1.2.42. By accessing leftover installer files (installer.php and installer-backup.php), an attacker can inject PHP code into wp-config.php during the database setup step, achieving arbitrary code execution.

  • CVE-2023-51409CriApr 12, 2024
    risk 0.70cvss 10.0epss 0.65

    Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 1.9.98.

  • CVE-2023-2068CriJun 27, 2023
    risk 0.70cvss 9.8epss 0.40

    The File Manager Advanced Shortcode WordPress plugin through 2.3.2 does not adequately prevent uploading files with disallowed MIME types when using the shortcode. This leads to RCE in cases where the allowed MIME type list does not include PHP files. In the worst case, this is…

  • CVE-2023-32243CriMay 12, 2023
    risk 0.70cvss 9.8epss 0.76

    Improper Authentication vulnerability in WPDeveloper Essential Addons for Elementor allows Privilege Escalation. This issue affects Essential Addons for Elementor: from 5.4.0 through 5.7.1.

  • CVE-2022-0412CriFeb 28, 2022
    risk 0.70cvss 9.8epss 0.74

    The TI WooCommerce Wishlist WordPress plugin before 1.40.1, TI WooCommerce Wishlist Pro WordPress plugin before 1.40.1 do not sanitise and escape the item_id parameter before using it in a SQL statement via the wishlist/remove_product REST endpoint, allowing unauthenticated…

  • CVE-2022-25149CriFeb 24, 2022
    risk 0.70cvss 9.8epss 0.78

    The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the IP parameter found in the ~/includes/class-wp-statistics-hits.php file which allows attackers without authentication to inject arbitrary SQL queries to…

  • CVE-2020-35951CriJan 1, 2021
    risk 0.70cvss 9.9epss 0.76

    An issue was discovered in the Quiz and Survey Master plugin before 7.0.1 for WordPress. It allows users to delete arbitrary files such as wp-config.php file, which could effectively take a site offline and allow an attacker to reinstall with a WordPress instance under their…

  • CVE-2015-9323CriAug 16, 2019
    risk 0.70cvss 9.8epss 0.46

    The 404-to-301 plugin before 2.0.3 for WordPress has SQL injection.

Page 1 of 655