VYPR

Vendor CVEs

WordPress

All CVEs

32,708 total · sorted by risk
  • CVE-2019-9879CriJun 10, 2019
    risk 0.70cvss 9.8epss 0.47

    The WPGraphQL 0.2.3 plugin for WordPress allows remote attackers to register a new user with admin privileges, whenever new user registrations are allowed. This is related to the registerUser mutation.

  • CVE-2019-9618CriMay 13, 2019
    risk 0.70cvss 9.8epss 0.41

    The GraceMedia Media Player plugin 1.0 for WordPress allows Local File Inclusion via the "cfg" parameter.

  • CVE-2018-3811CriJan 1, 2018
    risk 0.70cvss 9.8epss 0.43

    SQL Injection vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to execute SQL queries in the context of the web server. The saveGoogleAdWords() function in smartgooglecode.php did not use prepared statements…

  • CVE-2015-4455CriMay 23, 2017
    risk 0.70cvss 9.8epss 0.41

    Unrestricted file upload vulnerability in includes/upload.php in the Aviary Image Editor Add-on For Gravity Forms plugin 3.0 beta for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct…

  • CVE-2025-34077CriJul 9, 2025
    risk 0.69cvss epss 0.10

    An authentication bypass vulnerability exists in the WordPress Pie Register plugin ≤ 3.7.1.4 that allows unauthenticated attackers to impersonate arbitrary users by submitting a crafted POST request to the login endpoint. By setting social_site=true and manipulating the…

  • CVE-2024-50498CriOct 28, 2024
    risk 0.69cvss 10.0epss 0.54

    Improper Control of Generation of Code ('Code Injection') vulnerability in Ajit Bohra WP Query Console wp-query-console allows Code Injection.This issue affects WP Query Console: from n/a through <= 1.0.

  • CVE-2024-8529CriSep 12, 2024
    risk 0.69cvss 10.0epss 0.12

    The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to SQL Injection via the 'c_fields' parameter of the /wp-json/lp/v1/courses/archive-course REST API endpoint in all versions up to, and including, 4.2.7 due to insufficient escaping on the user supplied…

  • CVE-2024-3552CriJun 13, 2024
    risk 0.69cvss 9.8epss 0.67

    The Web Directory Free WordPress plugin before 1.7.0 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection with different techniques like UNION, Time-Based and Error-Based.

  • CVE-2022-1609CriJan 16, 2024
    risk 0.69cvss 9.8epss 0.64

    The School Management WordPress plugin before 9.9.7 contains an obfuscated backdoor injected in it's license checking code that registers a REST API handler, allowing an unauthenticated attacker to execute arbitrary PHP code on the site.

  • CVE-2023-5652CriNov 20, 2023
    risk 0.69cvss 9.8epss 0.64

    The WP Hotel Booking WordPress plugin before 2.0.8 does not have authorisation and CSRF checks, as well as does not escape user input before using it in a SQL statement of a function hooked to admin_init, allowing unauthenticated users to perform SQL injections

  • CVE-2020-36708CriJun 7, 2023
    risk 0.69cvss 9.8epss 0.65

    The following themes for WordPress are vulnerable to Function Injections in versions up to and including Shapely <= 1.2.7, NewsMag <= 2.4.1, Activello <= 1.4.0, Illdy <= 2.1.4, Allegiant <= 1.2.2, Newspaper X <= 1.3.1, Pixova Lite <= 2.0.5, Brilliance <= 1.2.7, MedZone Lite <=…

  • CVE-2023-2732CriMay 25, 2023
    risk 0.69cvss 9.8epss 0.68

    The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.9.2. This is due to insufficient verification on the user being supplied during the add listing REST API request through the plugin. This makes it possible for…

  • CVE-2022-1386CriMay 16, 2022
    risk 0.69cvss 9.8epss 0.72

    The Fusion Builder WordPress plugin before 3.6.2, used in the Avada theme, does not validate a parameter in its forms which could be used to initiate arbitrary HTTP requests. The data returned is then reflected back in the application's response. This could be used to interact…

  • CVE-2021-24321CriJun 1, 2021
    risk 0.69cvss 9.8epss 0.67

    The Bello - Directory & Listing WordPress theme before 1.6.0 did not sanitise the bt_bb_listing_field_price_range_to, bt_bb_listing_field_now_open, bt_bb_listing_field_my_lng, listing_list_view and bt_bb_listing_field_my_lat parameters before using them in a SQL statement,…

  • CVE-2019-16119CriSep 8, 2019
    risk 0.69cvss 9.8epss 0.25

    SQL injection in the photo-gallery (10Web Photo Gallery) plugin before 1.5.35 for WordPress exists via the admin/controllers/Albumsgalleries.php album_id parameter.

  • CVE-2017-16562CriNov 10, 2017
    risk 0.69cvss 9.8epss 0.27

    The UserPro plugin before 4.9.17.1 for WordPress, when used on a site with the "admin" username, allows remote attackers to bypass authentication and obtain administrative access via a "true" value for the up_auto_log parameter in the QUERY_STRING to the default URI.

  • CVE-2017-1002000CriSep 14, 2017
    risk 0.69cvss 9.8epss 0.27

    Vulnerability in wordpress plugin mobile-friendly-app-builder-by-easytouch v3.0, The code in file ./mobile-friendly-app-builder-by-easytouch/server/images.php doesn't require authentication or check that the user is allowed to upload content.

  • CVE-2026-0740CriApr 7, 2026
    risk 0.68cvss 9.8epss 0.54

    The Ninja Forms - File Uploads plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'NF_FU_AJAX_Controllers_Uploads::handle_upload' function in all versions up to, and including, 3.3.26. This makes it possible for…

  • CVE-2012-10026CriAug 5, 2025
    risk 0.68cvss epss 0.01

    The WordPress plugin Asset-Manager version 2.0 and below contains an unauthenticated arbitrary file upload vulnerability in upload.php. The endpoint fails to properly validate and restrict uploaded file types, allowing remote attackers to upload malicious PHP scripts to a…

  • CVE-2012-10025CriAug 5, 2025
    risk 0.68cvss epss 0.01

    The WordPress plugin Advanced Custom Fields (ACF) version 3.5.1 and below contains a remote file inclusion (RFI) vulnerability in core/actions/export.php. When the PHP configuration directive allow_url_include is enabled (default: Off), an unauthenticated attacker can exploit…

  • CVE-2019-25224CriJul 25, 2025
    risk 0.68cvss 9.8epss 0.17

    The WP Database Backup plugin for WordPress is vulnerable to OS Command Injection in versions before 5.2 via the mysqldump function. This vulnerability allows unauthenticated attackers to execute arbitrary commands on the host operating system.

  • CVE-2016-15043CriJul 19, 2025
    risk 0.68cvss 9.8epss 0.10

    The WP Mobile Detector plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in resize.php file in versions up to, and including, 3.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites…

  • CVE-2025-5394CriJul 15, 2025
    risk 0.68cvss 9.8epss 0.48

    The Alone – Charity Multipurpose Non-profit WordPress Theme theme for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on the alone_import_pack_install_plugin() function in all versions up to, and including, 7.8.3. This makes it possible for…

  • CVE-2025-4094CriMay 21, 2025
    risk 0.68cvss 9.8epss 0.16

    The DIGITS: WordPress Mobile Number Signup and Login WordPress plugin before 8.4.6.1 does not rate limit OTP validation attempts, making it straightforward for attackers to bruteforce them.

  • CVE-2025-1661CriMar 11, 2025
    risk 0.68cvss 9.8epss 0.55

    The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.6.5 via the 'template' parameter of the woof_text_search AJAX action. This makes it possible for unauthenticated…

  • CVE-2024-8672CriNov 28, 2024
    risk 0.68cvss 9.9epss 0.44

    The Widget Options – The #1 WordPress Widget & Block Control Plugin plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.0.7 via the display logic functionality that extends several page builders. This is due to the plugin…

  • CVE-2024-8275CriSep 25, 2024
    risk 0.68cvss 9.8epss 0.49

    The The Events Calendar plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter of the 'tribe_has_next_event' function in all versions up to, and including, 6.6.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation…

  • CVE-2023-6989CriFeb 5, 2024
    risk 0.68cvss 9.8epss 0.57

    The Shield Security – Smart Bot Blocking & Intrusion Prevention Security plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 18.5.9 via the render_action_template parameter. This makes it possible for unauthenticated attacker to…

  • CVE-2023-6623CriJan 15, 2024
    risk 0.68cvss 9.8epss 0.51

    The Essential Blocks WordPress plugin before 4.4.3 does not prevent unauthenticated attackers from overwriting local variables when rendering templates over the REST API, which may lead to Local File Inclusion attacks.

  • CVE-2022-4395CriJan 30, 2023
    risk 0.68cvss 9.8epss 0.18

    The Membership For WooCommerce WordPress plugin before 2.1.7 does not validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as malicious PHP code, and achieve RCE.

  • CVE-2022-1329HigApr 19, 2022
    risk 0.68cvss 8.8epss 0.93

    The Elementor Website Builder plugin for WordPress is vulnerable to unauthorized execution of several AJAX actions due to a missing capability check in the ~/core/app/modules/onboarding/module.php file that make it possible for attackers to modify site data in addition to…

  • CVE-2022-0679CriMar 28, 2022
    risk 0.68cvss 9.8epss 0.48

    The Narnoo Distributor WordPress plugin through 2.5.1 fails to validate and sanitize the lib_path parameter before it is passed into a call to require() via the narnoo_distributor_lib_request AJAX action (available to both unauthenticated and authenticated users) which results…

  • CVE-2021-25003CriMar 14, 2022
    risk 0.68cvss 9.8epss 0.56

    The WPCargo Track & Trace WordPress plugin before 6.9.0 contains a file which could allow unauthenticated attackers to write a PHP file anywhere on the web server, leading to RCE

  • CVE-2022-0513CriFeb 16, 2022
    risk 0.68cvss 9.8epss 0.53

    The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the exclusion_reason parameter found in the ~/includes/class-wp-statistics-exclusion.php file which allows attackers without authentication to inject arbitrary…

  • CVE-2021-24472CriAug 2, 2021
    risk 0.68cvss 9.8epss 0.57

    The OnAir2 WordPress theme before 3.9.9.2 and QT KenthaRadio WordPress plugin before 2.0.2 have exposed proxy functionality to unauthenticated users, sending requests to this proxy functionality will have the web server fetch and display the content from any URI, this would…

  • CVE-2013-3684CriFeb 11, 2020
    risk 0.68cvss 9.8epss 0.19

    NextGEN Gallery plugin before 1.9.13 for WordPress: ngggallery.php file upload

  • CVE-2019-16932CriSep 30, 2019
    risk 0.68cvss 10.0epss 0.39

    A blind SSRF vulnerability exists in the Visualizer plugin before 3.3.1 for WordPress via wp-json/visualizer/v1/upload-data.

  • CVE-2019-14348CriAug 5, 2019
    risk 0.68cvss 9.8epss 0.21

    The BearDev JoomSport plugin 3.3 for WordPress allows SQL injection to steal, modify, or delete database information via the joomsport_season/new-yorkers/?action=playerlist sid parameter.

  • CVE-2018-16159CriAug 30, 2018
    risk 0.68cvss 9.8epss 0.50

    The Gift Vouchers plugin through 2.0.1 for WordPress allows SQL Injection via the template_id parameter in a wp-admin/admin-ajax.php wpgv_doajax_front_template request.

  • CVE-2018-7313CriFeb 22, 2018
    risk 0.68cvss 9.8epss 0.19

    SQL Injection exists in the CW Tags 2.0.6 component for Joomla! via the searchtext array parameter.

  • CVE-2018-6583CriFeb 17, 2018
    risk 0.68cvss 9.8epss 0.19

    SQL Injection exists in the Timetable Responsive Schedule 1.5 component for Joomla! via a view=event&alias= request.

  • CVE-2018-6006CriFeb 17, 2018
    risk 0.68cvss 9.8epss 0.19

    SQL Injection exists in the JS Autoz 1.0.9 component for Joomla! via the vtype, pre, or prs parameter.

  • CVE-2018-5988CriJan 24, 2018
    risk 0.68cvss 9.8epss 0.19

    SQL Injection exists in Flexible Poll 1.2 via the id parameter to mobile_preview.php or index.php.

  • CVE-2017-16949CriDec 19, 2017
    risk 0.68cvss 9.8epss 0.19

    An issue was discovered in the AccessKeys AccessPress Anonymous Post Pro plugin through 3.1.9 for WordPress. Improper input sanitization allows the attacker to override the settings for allowed file extensions and upload file size, related to inc/cores/file-uploader.php and…

  • CVE-2017-1002008CriSep 14, 2017
    risk 0.68cvss 9.8epss 0.17

    Vulnerability in wordpress plugin membership-simplified-for-oap-members-only v1.58, The file download code located membership-simplified-for-oap-members-only/download.php does not check whether a user is logged in and has download privileges.

  • CVE-2017-1002003CriSep 14, 2017
    risk 0.68cvss 9.8epss 0.12

    Vulnerability in wordpress plugin wp2android-turn-wp-site-into-android-app v1.1.4, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com.

  • CVE-2017-1002002CriSep 14, 2017
    risk 0.68cvss 9.8epss 0.13

    Vulnerability in wordpress plugin webapp-builder v2.0, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com/

  • CVE-2017-1002001CriSep 14, 2017
    risk 0.68cvss 9.8epss 0.11

    Vulnerability in wordpress plugin mobile-app-builder-by-wappress v1.05, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com.

  • CVE-2016-10045CriDec 30, 2016
    risk 0.68cvss 9.8epss 0.98

    The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal escaping performed in the mail…

  • CVE-2006-6863CriDec 31, 2006
    risk 0.68cvss 9.8epss 0.13

    PHP remote file inclusion vulnerability in the Enigma2 plugin (Enigma2.php) in Enigma WordPress Bridge allows remote attackers to execute arbitrary PHP code via a URL in the boarddir parameter. NOTE: CVE disputes this issue, since $boarddir is set to a fixed value

Page 2 of 655