VYPR

Vendor CVEs

WordPress

All CVEs

32,708 total · sorted by risk
  • CVE-2026-7567CriMay 1, 2026
    risk 0.67cvss 9.8epss 0.09

    The Temporary Login plugin for WordPress is vulnerable to Authentication Bypass in versions up to and including 1.0.0. This is due to improper input validation in the maybe_login_temporary_user() function, which fails to verify that the 'temp-login-token' GET parameter is a…

  • CVE-2026-1830CriApr 9, 2026
    risk 0.67cvss 9.8epss 0.03

    The Quick Playground plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.1. This is due to insufficient authorization checks on REST API endpoints that expose a sync code and allow arbitrary file uploads. This makes it possible…

  • CVE-2026-4257CriMar 30, 2026
    risk 0.67cvss 9.8epss 0.41

    The Contact Form by Supsystic plugin for WordPress is vulnerable to Server-Side Template Injection (SSTI) leading to Remote Code Execution (RCE) in all versions up to, and including, 1.7.36. This is due to the plugin using the Twig `Twig_Loader_String` template engine without…

  • CVE-2025-6389CriNov 25, 2025
    risk 0.67cvss 9.8epss 0.43

    The Sneeit Framework plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 8.3 via the sneeit_articles_pagination_callback() function. This is due to the function accepting user input and then passing that through call_user_func().…

  • CVE-2025-8489CriOct 31, 2025
    risk 0.67cvss 9.8epss 0.09

    The King Addons for Elementor – Free Elements, Widgets, Templates, and Features for Elementor plugin for WordPress is vulnerable to privilege escalation in versions 24.12.92 to 51.1.14 . This is due to the plugin not properly restricting the roles that users can register with.…

  • CVE-2015-10143CriJul 25, 2025
    risk 0.67cvss 9.8epss 0.02

    The Platform theme for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the *_ajax_save_options() function in all versions up to 1.4.4 (exclusive). This makes it possible for unauthenticated…

  • CVE-2015-10137CriJul 22, 2025
    risk 0.67cvss 9.8epss 0.03

    The Website Contact Form With File Upload plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'upload_file()' function in versions up to, and including, 1.3.4. This makes it possible for unauthenticated attackers to upload…

  • CVE-2015-10138CriJul 19, 2025
    risk 0.67cvss 9.8epss 0.02

    The Work The Flow File Upload plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the jQuery-File-Upload-9.5.0 server and test files in versions up to, and including, 2.5.2. This makes it possible for unauthenticated attackers to…

  • CVE-2012-10019CriJul 19, 2025
    risk 0.67cvss 9.8epss 0.02

    The Front End Editor plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation via the upload.php file in versions before 2.3. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which…

  • CVE-2020-36849CriJul 12, 2025
    risk 0.67cvss 9.8epss 0.05

    The AIT CSV import/export plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the /wp-content/plugins/ait-csv-import-export/admin/upload-handler.php file in versions up to, and including, 3.0.3. This makes it possible for…

  • CVE-2025-4524CriMay 21, 2025
    risk 0.67cvss 9.8epss 0.09

    The Madara – Responsive and modern WordPress theme for manga sites theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.2.2 via the 'template' parameter. This makes it possible for unauthenticated attackers to include and execute…

  • CVE-2025-3605CriMay 9, 2025
    risk 0.67cvss 9.8epss 0.06

    The Frontend Login and Registration Blocks plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.1.1. This is due to the plugin not properly validating a user's identity prior to updating their details like email…

  • CVE-2024-8856CriNov 16, 2024
    risk 0.67cvss 9.8epss 0.94

    The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the the UploadHandler.php file and no direct file access prevention in all versions up to, and including, 1.22.21. This makes it possible…

  • CVE-2024-9932CriOct 26, 2024
    risk 0.67cvss 9.8epss 0.36

    The Wux Blog Editor plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'wuxbt_insertImageNew' function in versions up to, and including, 3.0.0. This makes it possible for unauthenticated attackers to upload arbitrary…

  • CVE-2024-7094CriAug 13, 2024
    risk 0.67cvss 9.8epss 0.38

    The JS Help Desk – The Ultimate Help Desk & Support Plugin plugin for WordPress is vulnerable to PHP Code Injection leading to Remote Code Execution in all versions up to, and including, 2.8.6 via the 'storeTheme' function. This is due to a lack of sanitization on…

  • CVE-2023-6875CriJan 11, 2024
    risk 0.67cvss 9.8epss 0.90

    The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a type juggling issue on the connect-app REST endpoint in all versions up to, and…

  • CVE-2023-4521CriSep 25, 2023
    risk 0.67cvss 9.8epss 0.39

    The Import XML and RSS Feeds WordPress plugin before 2.1.5 contains a web shell, allowing unauthenticated attackers to perform RCE. The plugin/vendor was not compromised and the files are the result of running a PoC for a previously reported issue…

  • CVE-2023-2986CriJun 8, 2023
    risk 0.67cvss 9.8epss 0.41

    The Abandoned Cart Lite for WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.14.2. This is due to insufficient encryption on the user being supplied during the abandoned cart link decode through the plugin. This allows…

  • CVE-2023-1730CriMay 2, 2023
    risk 0.67cvss 9.8epss 0.41

    The SupportCandy WordPress plugin before 3.1.5 does not validate and escape user input before using it in an SQL statement, which could allow unauthenticated attackers to perform SQL injection attacks

  • CVE-2023-28662CriMar 22, 2023
    risk 0.67cvss 9.8epss 0.42

    The Gift Cards (Gift Vouchers and Packages) WordPress Plugin, version <= 4.3.1, is affected by an unauthenticated SQL injection vulnerability in the template parameter in the wpgv_doajax_voucher_pdf_save_func action.

  • CVE-2022-4681CriFeb 6, 2023
    risk 0.67cvss 9.8epss 0.04

    The Hide My WP WordPress plugin before 6.2.9 does not properly sanitize and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection.

  • CVE-2022-4305CriJan 23, 2023
    risk 0.67cvss 9.8epss 0.39

    The Login as User or Customer WordPress plugin before 3.3 lacks authorization checks to ensure that users are allowed to log in as another one, which could allow unauthenticated attackers to obtain a valid admin session.

  • CVE-2023-23488CriJan 20, 2023
    risk 0.67cvss 9.8epss 0.92

    The Paid Memberships Pro WordPress Plugin, version < 2.9.8, is affected by an unauthenticated SQL injection vulnerability in the 'code' parameter of the '/pmpro/v1/order' REST route.

  • CVE-2022-4060CriJan 16, 2023
    risk 0.67cvss 9.8epss 0.43

    The User Post Gallery WordPress plugin through 2.19 does not limit what callback functions can be called by users, making it possible to any visitors to run code on sites running it.

  • CVE-2022-4297CriJan 2, 2023
    risk 0.67cvss 9.8epss 0.04

    The WP AutoComplete Search WordPress plugin through 1.0.4 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX available to unauthenticated users, leading to an unauthenticated SQL injection

  • CVE-2022-2840CriSep 19, 2022
    risk 0.67cvss 9.8epss 0.10

    The Zephyr Project Manager WordPress plugin before 3.2.5 does not sanitise and escape various parameters before using them in SQL statements via various AJAX actions available to both unauthenticated and authenticated users, leading to SQL injections

  • CVE-2022-2754CriSep 19, 2022
    risk 0.67cvss 9.8epss 0.38

    The Ketchup Restaurant Reservations WordPress plugin through 1.0.0 does not validate and escape some reservation parameters before using them in SQL statements, which could allow unauthenticated attackers to perform SQL Injection attacks

  • CVE-2022-1905CriJun 20, 2022
    risk 0.67cvss 9.8epss 0.37

    The Events Made Easy WordPress plugin before 2.2.81 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection

  • CVE-2022-0773CriMay 2, 2022
    risk 0.67cvss 9.8epss 0.43

    The Documentor WordPress plugin through 1.5.3 fails to sanitize and escape user input before it is being interpolated in an SQL statement and then executed, leading to an SQL Injection exploitable by unauthenticated users.

  • CVE-2022-0888CriMar 23, 2022
    risk 0.67cvss 9.8epss 0.39

    The Ninja Forms - File Uploads Extension WordPress plugin is vulnerable to arbitrary file uploads due to insufficient input file type validation found in the ~/includes/ajax/controllers/uploads.php file which can be bypassed making it possible for unauthenticated attackers to…

  • CVE-2022-0441CriMar 7, 2022
    risk 0.67cvss 9.8epss 0.85

    The MasterStudy LMS WordPress plugin before 2.7.6 does to validate some parameters given when registering a new account, allowing unauthenticated users to register as an admin

  • CVE-2021-24442CriJul 12, 2021
    risk 0.67cvss 9.8epss 0.47

    The Poll, Survey, Questionnaire and Voting system WordPress plugin before 1.5.3 did not sanitise, escape or validate the date_answers[] POST parameter before using it in a SQL statement when sending a Poll result, allowing unauthenticated users to perform SQL Injection attacks

  • CVE-2021-24370CriJun 21, 2021
    risk 0.67cvss 9.8epss 0.47

    The Fancy Product Designer WordPress plugin before 4.6.9 allows unauthenticated attackers to upload arbitrary files, resulting in remote code execution.

  • CVE-2021-24284CriMay 14, 2021
    risk 0.67cvss 9.8epss 0.42

    The Kaswara Modern VC Addons WordPress plugin through 3.0.1 allows unauthenticated arbitrary file upload via the 'uploadFontIcon' AJAX action. The supplied zipfile being unzipped in the wp-content/uploads/kaswara/fonts_icon directory with no checks for malicious files such as…

  • CVE-2021-3120CriFeb 22, 2021
    risk 0.67cvss 9.8epss 0.37

    An arbitrary file upload vulnerability in the YITH WooCommerce Gift Cards Premium plugin before 3.3.1 for WordPress allows remote attackers to achieve remote code execution on the operating system in the security context of the web server. In order to exploit this vulnerability,…

  • CVE-2020-15363CriJun 28, 2020
    risk 0.67cvss 9.8epss 0.06

    The Nexos theme through 1.7 for WordPress allows side-map/?search_order= SQL Injection.

  • CVE-2020-8771CriFeb 6, 2020
    risk 0.67cvss 9.8epss 0.46

    The Time Capsule plugin before 1.21.16 for WordPress has an authentication bypass. Any request containing IWP_JSON_PREFIX causes the client to be logged in as the first account on the list of administrator accounts.

  • CVE-2019-14314CriAug 27, 2019
    risk 0.67cvss 9.8epss 0.43

    A SQL injection vulnerability exists in the Imagely NextGEN Gallery plugin before 3.2.11 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via modules/nextgen_gallery_display/package…

  • CVE-2019-10866CriMay 23, 2019
    risk 0.67cvss 9.8epss 0.06

    In the Form Maker plugin before 1.13.3 for WordPress, it's possible to achieve SQL injection in the function get_labels_parameters in the file form-maker/admin/models/Submissions_fm.php with a crafted value of the /models/Submissioc parameter.

  • CVE-2019-9184CriFeb 26, 2019
    risk 0.67cvss 9.8epss 0.09

    SQL injection vulnerability in the J2Store plugin 3.x before 3.3.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the product_option[] parameter.

  • CVE-2018-17397CriSep 28, 2018
    risk 0.67cvss 9.8epss 0.03

    SQL Injection exists in the AlphaIndex Dictionaries 1.0 component for Joomla! via the letter parameter.

  • CVE-2018-17394CriSep 28, 2018
    risk 0.67cvss 9.8epss 0.03

    SQL Injection exists in the Timetable Schedule 3.6.8 component for Joomla! via the eid parameter.

  • CVE-2018-17382CriSep 28, 2018
    risk 0.67cvss 9.8epss 0.03

    SQL Injection exists in the Jobs Factory 2.0.4 component for Joomla! via the filter_letter parameter.

  • CVE-2018-17380CriSep 28, 2018
    risk 0.67cvss 9.8epss 0.03

    SQL Injection exists in the Article Factory Manager 4.3.9 component for Joomla! via the start_date, m_start_date, or m_end_date parameter.

  • CVE-2018-17379CriSep 28, 2018
    risk 0.67cvss 9.8epss 0.03

    SQL Injection exists in the Raffle Factory 3.5.2 component for Joomla! via the filter_order_Dir or filter_order parameter.

  • CVE-2018-17378CriSep 28, 2018
    risk 0.67cvss 9.8epss 0.03

    SQL Injection exists in the Penny Auction Factory 2.0.4 component for Joomla! via the filter_order_Dir or filter_order parameter.

  • CVE-2018-17376CriSep 28, 2018
    risk 0.67cvss 9.8epss 0.03

    SQL Injection exists in the Reverse Auction Factory 4.3.8 component for Joomla! via the filter_order_Dir, cat, or filter_letter parameter.

  • CVE-2018-17375CriSep 28, 2018
    risk 0.67cvss 9.8epss 0.03

    SQL Injection exists in the Music Collection 3.0.3 component for Joomla! via the id parameter.

  • CVE-2018-10969CriJun 17, 2018
    risk 0.67cvss 9.8epss 0.05

    SQL injection vulnerability in the Pie Register plugin before 3.0.10 for WordPress allows remote attackers to execute arbitrary SQL commands via the invitation codes grid.

  • CVE-2018-7318CriFeb 22, 2018
    risk 0.67cvss 9.8epss 0.09

    SQL Injection exists in the CheckList 1.1.1 component for Joomla! via the title_search, tag_search, name_search, description_search, or filter_order parameter.

Page 3 of 655