Vendor CVEs
WordPress
All CVEs
32,708 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-7315 | Cri | 0.67 | 9.8 | 0.03 | Feb 22, 2018 | SQL Injection exists in the Ek Rishta 2.9 component for Joomla! via the gender, age1, age2, religion, mothertounge, caste, or country parameter. | ||
| CVE-2018-7312 | Cri | 0.67 | 9.8 | 0.03 | Feb 22, 2018 | SQL Injection exists in the Alexandria Book Library 3.1.2 component for Joomla! via the letter parameter. | ||
| CVE-2018-7180 | Cri | 0.67 | 9.8 | 0.03 | Feb 17, 2018 | SQL Injection exists in the Saxum Astro 4.0.14 component for Joomla! via the publicid parameter. | ||
| CVE-2018-7177 | Cri | 0.67 | 9.8 | 0.03 | Feb 17, 2018 | SQL Injection exists in the Saxum Numerology 3.0.4 component for Joomla! via the publicid parameter. | ||
| CVE-2018-6584 | Cri | 0.67 | 9.8 | 0.04 | Feb 17, 2018 | SQL Injection exists in the DT Register 3.2.7 component for Joomla! via a task=edit&id= request. | ||
| CVE-2018-6373 | Cri | 0.67 | 9.8 | 0.02 | Feb 17, 2018 | SQL Injection exists in the Fastball 2.5 component for Joomla! via the season parameter in a view=player action. | ||
| CVE-2018-6372 | Cri | 0.67 | 9.8 | 0.03 | Feb 17, 2018 | SQL Injection exists in the JB Bus 2.3 component for Joomla! via the order_number parameter. | ||
| CVE-2018-6005 | Cri | 0.67 | 9.8 | 0.03 | Feb 17, 2018 | SQL Injection exists in the Realpin through 1.5.04 component for Joomla! via the pinboard parameter. | ||
| CVE-2018-6004 | Cri | 0.67 | 9.8 | 0.03 | Feb 17, 2018 | SQL Injection exists in the File Download Tracker 3.0 component for Joomla! via the dynfield[phone] or sess parameter. | ||
| CVE-2018-5991 | Cri | 0.67 | 9.8 | 0.03 | Feb 17, 2018 | SQL Injection exists in the Form Maker 3.6.12 component for Joomla! via the id, from, or to parameter in a view=stats request, a different vulnerability than CVE-2015-2798. | ||
| CVE-2018-5983 | Cri | 0.67 | 9.8 | 0.03 | Feb 17, 2018 | SQL Injection exists in the JquickContact 1.3.2.2.1 component for Joomla! via a task=refresh&sid= request. | ||
| CVE-2018-5982 | Cri | 0.67 | 9.8 | 0.03 | Feb 17, 2018 | SQL Injection exists in the Advertisement Board 3.1.0 component for Joomla! via a task=show_rss_categories&catname= request. | ||
| CVE-2018-5981 | Cri | 0.67 | 9.8 | 0.03 | Feb 17, 2018 | SQL Injection exists in the Gallery WD 1.3.6 component for Joomla! via the tag_id parameter or gallery_id parameter. | ||
| CVE-2018-5980 | Cri | 0.67 | 9.8 | 0.04 | Feb 17, 2018 | SQL Injection exists in the Solidres 2.5.1 component for Joomla! via the direction parameter in a hub.search action. | ||
| CVE-2018-5974 | Cri | 0.67 | 9.8 | 0.03 | Feb 17, 2018 | SQL Injection exists in the SimpleCalendar 3.1.9 component for Joomla! via the catid array parameter. | ||
| CVE-2018-5971 | Cri | 0.67 | 9.8 | 0.03 | Feb 17, 2018 | SQL Injection exists in the MediaLibrary Free 4.0.12 component for Joomla! via the id parameter or the mid array parameter. | ||
| CVE-2018-6604 | Cri | 0.67 | 9.8 | 0.03 | Feb 5, 2018 | SQL Injection exists in the Zh YandexMap 6.2.1.0 component for Joomla! via the id parameter in a task=getPlacemarkDetails request. | ||
| CVE-2018-6582 | Cri | 0.67 | 9.8 | 0.03 | Feb 5, 2018 | SQL Injection exists in the Zh GoogleMap 8.4.0.0 component for Joomla! via the id parameter in a getPlacemarkDetails, getPlacemarkHoverText, getPathHoverText, or getPathDetails request. | ||
| CVE-2018-6581 | Cri | 0.67 | 9.8 | 0.03 | Feb 2, 2018 | SQL Injection exists in the JMS Music 1.1.1 component for Joomla! via a search with the keyword, artist, or username parameter. | ||
| CVE-2018-6579 | Cri | 0.67 | 9.8 | 0.04 | Feb 2, 2018 | SQL Injection exists in the JEXTN Reverse Auction 3.1.0 component for Joomla! via a view=products&uid= request. | ||
| CVE-2018-6578 | Cri | 0.67 | 9.8 | 0.04 | Feb 2, 2018 | SQL Injection exists in the JE PayperVideo 3.0.0 component for Joomla! via the usr_plan parameter in a view=myplans&task=myplans.usersubscriptions request. | ||
| CVE-2018-6577 | Cri | 0.67 | 9.8 | 0.02 | Feb 2, 2018 | SQL Injection exists in the JEXTN Membership 3.1.0 component for Joomla! via the usr_plan parameter in a view=myplans&task=myplans.usersubscriptions request. | ||
| CVE-2018-6398 | Cri | 0.67 | 9.8 | 0.03 | Jan 30, 2018 | SQL Injection exists in the CP Event Calendar 3.0.1 component for Joomla! via the id parameter in a task=load action. | ||
| CVE-2018-6395 | Cri | 0.67 | 9.8 | 0.03 | Jan 30, 2018 | SQL Injection exists in the Visual Calendar 3.1.3 component for Joomla! via the id parameter in a view=load action. | ||
| CVE-2018-5315 | Cri | 0.67 | 9.8 | 0.05 | Jan 12, 2018 | The Wachipi WP Events Calendar plugin 1.0 for WordPress has SQL Injection via the event_id parameter to event.php. | ||
| CVE-2017-15977 | Cri | 0.67 | 9.8 | 0.03 | Oct 31, 2017 | Protected Links - Expiring Download Links 1.0 allows SQL Injection via the username parameter. | ||
| CVE-2017-14507 | Cri | 0.67 | 9.8 | 0.05 | Sep 29, 2017 | Multiple SQL injection vulnerabilities in the Content Timeline plugin 4.4.2 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) timeline parameter in content_timeline_class.php; or the id parameter to (2) pages/content_timeline_edit.php or (3)… | ||
| CVE-2015-3313 | Cri | 0.67 | 9.8 | 0.08 | Sep 7, 2017 | SQL injection vulnerability in WordPress Community Events plugin before 1.4. | ||
| CVE-2017-9834 | Cri | 0.67 | 9.8 | 0.04 | Sep 7, 2017 | SQL injection vulnerability in the WatuPRO plugin before 5.5.3.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the watupro_questions parameter in a watupro_submit action to wp-admin/admin-ajax.php. | ||
| CVE-2017-6095 | Cri | 0.67 | 9.8 | 0.06 | Feb 21, 2017 | A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/lists/csvexport.php (Unauthenticated) with the GET Parameter: list_id. | ||
| CVE-2016-1000125 | Cri | 0.67 | 9.8 | 0.03 | Oct 6, 2016 | Unauthenticated SQL Injection in Huge-IT Catalog v1.0.7 for Joomla | ||
| CVE-2016-1000124 | Cri | 0.67 | 9.8 | 0.03 | Oct 6, 2016 | Unauthenticated SQL Injection in Huge-IT Portfolio Gallery Plugin v1.0.6 | ||
| CVE-2026-1306 | Cri | 0.66 | 9.8 | 0.04 | Feb 14, 2026 | The midi-Synth plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type and file extension validation in the 'export' AJAX action in all versions up to, and including, 1.1.0. This makes it possible for unauthenticated attackers to upload arbitrary… | ||
| CVE-2025-13486 | Cri | 0.66 | 9.8 | 0.74 | Dec 3, 2025 | The Advanced Custom Fields: Extended plugin for WordPress is vulnerable to Remote Code Execution in versions 0.9.0.5 through 0.9.1.1 via the prepare_form() function. This is due to the function accepting user input and then passing that through call_user_func_array(). This makes… | ||
| CVE-2025-11749 | Cri | 0.66 | 9.8 | 0.75 | Nov 5, 2025 | The AI Engine plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.1.3 via the /mcp/v1/ REST API endpoint that exposes the 'Bearer Token' value when 'No-Auth URL' is enabled. This makes it possible for unauthenticated… | ||
| CVE-2025-6440 | Cri | 0.66 | 9.8 | 0.32 | Oct 24, 2025 | The WooCommerce Designer Pro plugin for WordPress, used by the Pricom - Printing Company & Design Services WordPress theme, is vulnerable to arbitrary file uploads due to missing file type validation in the 'wcdp_save_canvas_design_ajax' function in all versions up to, and… | ||
| CVE-2025-48148 | Cri | 0.66 | 10.0 | 0.15 | Aug 20, 2025 | Unrestricted Upload of File with Dangerous Type vulnerability in StoreKeeper B.V. StoreKeeper for WooCommerce storekeeper-for-woocommerce allows Using Malicious Files.This issue affects StoreKeeper for WooCommerce: from n/a through <= 14.4.4. | ||
| CVE-2025-47539 | Cri | 0.66 | 9.8 | 0.31 | May 23, 2025 | Incorrect Privilege Assignment vulnerability in Arraytics Eventin wp-event-solution allows Privilege Escalation.This issue affects Eventin: from n/a through <= 4.0.26. | ||
| CVE-2024-56064 | Cri | 0.66 | 10.0 | 0.14 | Dec 31, 2024 | Unrestricted Upload of File with Dangerous Type vulnerability in azzaroco WP SuperBackup indeed-wp-superbackup allows Upload a Web Shell to a Web Server.This issue affects WP SuperBackup: from n/a through <= 2.3.3. | ||
| CVE-2024-10924 | Cri | 0.66 | 9.8 | 0.82 | Nov 15, 2024 | The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are vulnerable to authentication bypass in versions 9.0.0 to 9.1.1.1. This is due to improper user check error handling in the two-factor REST API actions with the 'check_login_and_get_user'… | ||
| CVE-2024-10470 | Cri | 0.66 | 9.8 | 0.34 | Nov 9, 2024 | The WPLMS Learning Management System for WordPress, WordPress LMS theme for WordPress is vulnerable to arbitrary file read and deletion due to insufficient file path validation and permissions checks in the readfile and unlink functions in all versions up to, and including,… | ||
| CVE-2024-8522 | Cri | 0.66 | 10.0 | 0.63 | Sep 12, 2024 | The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to SQL Injection via the 'c_only_fields' parameter of the /wp-json/learnpress/v1/courses REST API endpoint in all versions up to, and including, 4.2.7 due to insufficient escaping on the user supplied… | ||
| CVE-2024-6386 | Cri | 0.66 | 9.9 | 0.26 | Aug 21, 2024 | The WPML plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.6.12 via Twig Server-Side Template Injection. This is due to missing input validation and sanitization on the render function. This makes it possible for authenticated… | ||
| CVE-2024-5765 | Cri | 0.66 | 9.8 | 0.27 | Jul 30, 2024 | The WpStickyBar WordPress plugin through 2.1.0 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection | ||
| CVE-2024-27954 | Cri | 0.66 | 9.3 | 0.73 | May 17, 2024 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WP Automatic Automatic allows Path Traversal, Server Side Request Forgery.This issue affects Automatic: from n/a through 3.92.0. | ||
| CVE-2023-1650 | Cri | 0.66 | 9.8 | 0.34 | May 8, 2023 | The AI ChatBot WordPress plugin before 4.4.7 unserializes user input from cookies via an AJAX action available to unauthenticated users, which could allow them to perform PHP Object Injection when a suitable gadget is present on the blog | ||
| CVE-2022-1281 | Cri | 0.66 | 9.8 | 0.23 | May 2, 2022 | The Photo Gallery WordPress plugin through 1.6.3 does not properly escape the $_POST['filter_tag'] parameter, which is appended to an SQL query, making SQL Injection attacks possible. | ||
| CVE-2022-1020 | Cri | 0.66 | 9.8 | 0.27 | Apr 18, 2022 | The Product Table for WooCommerce (wooproducttable) WordPress plugin before 3.1.2 does not have authorisation and CSRF checks in the wpt_admin_update_notice_option AJAX action (available to both unauthenticated and authenticated users), as well as does not validate the callback… | ||
| CVE-2022-0349 | Cri | 0.66 | 9.8 | 0.34 | Mar 7, 2022 | The NotificationX WordPress plugin before 2.3.9 does not sanitise and escape the nx_id parameter before using it in a SQL statement, leading to an Unauthenticated Blind SQL Injection | ||
| CVE-2022-0651 | Cri | 0.66 | 9.8 | 0.33 | Feb 24, 2022 | The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the current_page_type parameter found in the ~/includes/class-wp-statistics-hits.php file which allows attackers without authentication to inject arbitrary SQL… |
- risk 0.67cvss 9.8epss 0.03
SQL Injection exists in the Ek Rishta 2.9 component for Joomla! via the gender, age1, age2, religion, mothertounge, caste, or country parameter.
- risk 0.67cvss 9.8epss 0.03
SQL Injection exists in the Alexandria Book Library 3.1.2 component for Joomla! via the letter parameter.
- risk 0.67cvss 9.8epss 0.03
SQL Injection exists in the Saxum Astro 4.0.14 component for Joomla! via the publicid parameter.
- risk 0.67cvss 9.8epss 0.03
SQL Injection exists in the Saxum Numerology 3.0.4 component for Joomla! via the publicid parameter.
- risk 0.67cvss 9.8epss 0.04
SQL Injection exists in the DT Register 3.2.7 component for Joomla! via a task=edit&id= request.
- risk 0.67cvss 9.8epss 0.02
SQL Injection exists in the Fastball 2.5 component for Joomla! via the season parameter in a view=player action.
- risk 0.67cvss 9.8epss 0.03
SQL Injection exists in the JB Bus 2.3 component for Joomla! via the order_number parameter.
- risk 0.67cvss 9.8epss 0.03
SQL Injection exists in the Realpin through 1.5.04 component for Joomla! via the pinboard parameter.
- risk 0.67cvss 9.8epss 0.03
SQL Injection exists in the File Download Tracker 3.0 component for Joomla! via the dynfield[phone] or sess parameter.
- risk 0.67cvss 9.8epss 0.03
SQL Injection exists in the Form Maker 3.6.12 component for Joomla! via the id, from, or to parameter in a view=stats request, a different vulnerability than CVE-2015-2798.
- risk 0.67cvss 9.8epss 0.03
SQL Injection exists in the JquickContact 1.3.2.2.1 component for Joomla! via a task=refresh&sid= request.
- risk 0.67cvss 9.8epss 0.03
SQL Injection exists in the Advertisement Board 3.1.0 component for Joomla! via a task=show_rss_categories&catname= request.
- risk 0.67cvss 9.8epss 0.03
SQL Injection exists in the Gallery WD 1.3.6 component for Joomla! via the tag_id parameter or gallery_id parameter.
- risk 0.67cvss 9.8epss 0.04
SQL Injection exists in the Solidres 2.5.1 component for Joomla! via the direction parameter in a hub.search action.
- risk 0.67cvss 9.8epss 0.03
SQL Injection exists in the SimpleCalendar 3.1.9 component for Joomla! via the catid array parameter.
- risk 0.67cvss 9.8epss 0.03
SQL Injection exists in the MediaLibrary Free 4.0.12 component for Joomla! via the id parameter or the mid array parameter.
- risk 0.67cvss 9.8epss 0.03
SQL Injection exists in the Zh YandexMap 6.2.1.0 component for Joomla! via the id parameter in a task=getPlacemarkDetails request.
- risk 0.67cvss 9.8epss 0.03
SQL Injection exists in the Zh GoogleMap 8.4.0.0 component for Joomla! via the id parameter in a getPlacemarkDetails, getPlacemarkHoverText, getPathHoverText, or getPathDetails request.
- risk 0.67cvss 9.8epss 0.03
SQL Injection exists in the JMS Music 1.1.1 component for Joomla! via a search with the keyword, artist, or username parameter.
- risk 0.67cvss 9.8epss 0.04
SQL Injection exists in the JEXTN Reverse Auction 3.1.0 component for Joomla! via a view=products&uid= request.
- risk 0.67cvss 9.8epss 0.04
SQL Injection exists in the JE PayperVideo 3.0.0 component for Joomla! via the usr_plan parameter in a view=myplans&task=myplans.usersubscriptions request.
- risk 0.67cvss 9.8epss 0.02
SQL Injection exists in the JEXTN Membership 3.1.0 component for Joomla! via the usr_plan parameter in a view=myplans&task=myplans.usersubscriptions request.
- risk 0.67cvss 9.8epss 0.03
SQL Injection exists in the CP Event Calendar 3.0.1 component for Joomla! via the id parameter in a task=load action.
- risk 0.67cvss 9.8epss 0.03
SQL Injection exists in the Visual Calendar 3.1.3 component for Joomla! via the id parameter in a view=load action.
- risk 0.67cvss 9.8epss 0.05
The Wachipi WP Events Calendar plugin 1.0 for WordPress has SQL Injection via the event_id parameter to event.php.
- risk 0.67cvss 9.8epss 0.03
Protected Links - Expiring Download Links 1.0 allows SQL Injection via the username parameter.
- risk 0.67cvss 9.8epss 0.05
Multiple SQL injection vulnerabilities in the Content Timeline plugin 4.4.2 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) timeline parameter in content_timeline_class.php; or the id parameter to (2) pages/content_timeline_edit.php or (3)…
- risk 0.67cvss 9.8epss 0.08
SQL injection vulnerability in WordPress Community Events plugin before 1.4.
- risk 0.67cvss 9.8epss 0.04
SQL injection vulnerability in the WatuPRO plugin before 5.5.3.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the watupro_questions parameter in a watupro_submit action to wp-admin/admin-ajax.php.
- risk 0.67cvss 9.8epss 0.06
A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/lists/csvexport.php (Unauthenticated) with the GET Parameter: list_id.
- risk 0.67cvss 9.8epss 0.03
Unauthenticated SQL Injection in Huge-IT Catalog v1.0.7 for Joomla
- risk 0.67cvss 9.8epss 0.03
Unauthenticated SQL Injection in Huge-IT Portfolio Gallery Plugin v1.0.6
- risk 0.66cvss 9.8epss 0.04
The midi-Synth plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type and file extension validation in the 'export' AJAX action in all versions up to, and including, 1.1.0. This makes it possible for unauthenticated attackers to upload arbitrary…
- risk 0.66cvss 9.8epss 0.74
The Advanced Custom Fields: Extended plugin for WordPress is vulnerable to Remote Code Execution in versions 0.9.0.5 through 0.9.1.1 via the prepare_form() function. This is due to the function accepting user input and then passing that through call_user_func_array(). This makes…
- risk 0.66cvss 9.8epss 0.75
The AI Engine plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.1.3 via the /mcp/v1/ REST API endpoint that exposes the 'Bearer Token' value when 'No-Auth URL' is enabled. This makes it possible for unauthenticated…
- risk 0.66cvss 9.8epss 0.32
The WooCommerce Designer Pro plugin for WordPress, used by the Pricom - Printing Company & Design Services WordPress theme, is vulnerable to arbitrary file uploads due to missing file type validation in the 'wcdp_save_canvas_design_ajax' function in all versions up to, and…
- risk 0.66cvss 10.0epss 0.15
Unrestricted Upload of File with Dangerous Type vulnerability in StoreKeeper B.V. StoreKeeper for WooCommerce storekeeper-for-woocommerce allows Using Malicious Files.This issue affects StoreKeeper for WooCommerce: from n/a through <= 14.4.4.
- risk 0.66cvss 9.8epss 0.31
Incorrect Privilege Assignment vulnerability in Arraytics Eventin wp-event-solution allows Privilege Escalation.This issue affects Eventin: from n/a through <= 4.0.26.
- risk 0.66cvss 10.0epss 0.14
Unrestricted Upload of File with Dangerous Type vulnerability in azzaroco WP SuperBackup indeed-wp-superbackup allows Upload a Web Shell to a Web Server.This issue affects WP SuperBackup: from n/a through <= 2.3.3.
- risk 0.66cvss 9.8epss 0.82
The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are vulnerable to authentication bypass in versions 9.0.0 to 9.1.1.1. This is due to improper user check error handling in the two-factor REST API actions with the 'check_login_and_get_user'…
- risk 0.66cvss 9.8epss 0.34
The WPLMS Learning Management System for WordPress, WordPress LMS theme for WordPress is vulnerable to arbitrary file read and deletion due to insufficient file path validation and permissions checks in the readfile and unlink functions in all versions up to, and including,…
- risk 0.66cvss 10.0epss 0.63
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to SQL Injection via the 'c_only_fields' parameter of the /wp-json/learnpress/v1/courses REST API endpoint in all versions up to, and including, 4.2.7 due to insufficient escaping on the user supplied…
- risk 0.66cvss 9.9epss 0.26
The WPML plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.6.12 via Twig Server-Side Template Injection. This is due to missing input validation and sanitization on the render function. This makes it possible for authenticated…
- risk 0.66cvss 9.8epss 0.27
The WpStickyBar WordPress plugin through 2.1.0 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection
- risk 0.66cvss 9.3epss 0.73
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WP Automatic Automatic allows Path Traversal, Server Side Request Forgery.This issue affects Automatic: from n/a through 3.92.0.
- risk 0.66cvss 9.8epss 0.34
The AI ChatBot WordPress plugin before 4.4.7 unserializes user input from cookies via an AJAX action available to unauthenticated users, which could allow them to perform PHP Object Injection when a suitable gadget is present on the blog
- risk 0.66cvss 9.8epss 0.23
The Photo Gallery WordPress plugin through 1.6.3 does not properly escape the $_POST['filter_tag'] parameter, which is appended to an SQL query, making SQL Injection attacks possible.
- risk 0.66cvss 9.8epss 0.27
The Product Table for WooCommerce (wooproducttable) WordPress plugin before 3.1.2 does not have authorisation and CSRF checks in the wpt_admin_update_notice_option AJAX action (available to both unauthenticated and authenticated users), as well as does not validate the callback…
- risk 0.66cvss 9.8epss 0.34
The NotificationX WordPress plugin before 2.3.9 does not sanitise and escape the nx_id parameter before using it in a SQL statement, leading to an Unauthenticated Blind SQL Injection
- risk 0.66cvss 9.8epss 0.33
The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the current_page_type parameter found in the ~/includes/class-wp-statistics-hits.php file which allows attackers without authentication to inject arbitrary SQL…
Page 4 of 655