Wordpress CVEs and Security Vulnerabilities

Export limit exceeded: 348047 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 11987 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (11987 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-51867	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in geilt Simpul Events by Esotech simpul-events-by-esotech allows Stored XSS.This issue affects Simpul Events by Esotech: from n/a through <= 1.8.5.
CVE-2024-51866	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in riponshah Social button social-button allows Stored XSS.This issue affects Social button: from n/a through <= 1.3.
CVE-2024-51865	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in leroysabrina Simple Social Share Block simple-social-share-block allows Stored XSS.This issue affects Simple Social Share Block: from n/a through <= 1.0.0.
CVE-2024-51864	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Agnel Waghela Shortcode Collection shortcode-collection allows Stored XSS.This issue affects Shortcode Collection: from n/a through <= 1.4.
CVE-2024-51862	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Baptiste Wicht Google Visualization Charts google-visualization-charts allows Stored XSS.This issue affects Google Visualization Charts: from n/a through <= 0.1.
CVE-2024-51861	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DuoGeek EventPress wp-eventpress allows Stored XSS.This issue affects EventPress: from n/a through <= 1.0.0.
CVE-2024-51860	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DuoGeek Custom Dashboard Widget create-custom-dashboard-widget allows Stored XSS.This issue affects Custom Dashboard Widget: from n/a through <= 1.0.0.
CVE-2024-51859	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bamboo Manchester Bamboo Enquiries bamboo-enquiries allows Stored XSS.This issue affects Bamboo Enquiries: from n/a through <= 1.9.3.
CVE-2024-51858	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PluginOps Social Locker social-locker-content allows Stored XSS.This issue affects Social Locker: from n/a through <= 1.1.
CVE-2024-51857	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DannyCooper Olympus Shortcodes olympus-shortcodes allows DOM-Based XSS.This issue affects Olympus Shortcodes: from n/a through <= 1.0.4.
CVE-2024-51855	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Productineer Redirecter shortcode-for-redirection allows DOM-Based XSS.This issue affects Redirecter: from n/a through <= 1.0.
CVE-2024-51854	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in holanetworks Hola Free Video Player hola-free-video-player allows DOM-Based XSS.This issue affects Hola Free Video Player: from n/a through <= 1.3.9.
CVE-2024-51853	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alberuni Azad. Faltu Testimonial Rotator faltu-testimonial-rotator allows DOM-Based XSS.This issue affects Faltu Testimonial Rotator: from n/a through <= 1.0.0.
CVE-2024-51850	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bchristopeit WoW Guild Armory Roster guild-armory-roster allows Stored XSS.This issue affects WoW Guild Armory Roster: from n/a through <= 0.5.5.
CVE-2024-51849	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Marco Piarulli My Restaurant Menu my-restaurant-menu allows Stored XSS.This issue affects My Restaurant Menu: from n/a through <= 0.2.0.
CVE-2024-51847	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in giovanebribeiro WP PagSeguro Payments wp-pagseguro-payments allows Stored XSS.This issue affects WP PagSeguro Payments: from n/a through <= 1.0.
CVE-2024-51844	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kiran Patil Location Click Map location-click-map allows Stored XSS.This issue affects Location Click Map: from n/a through <= 1.0.
CVE-2024-51840	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rezaul Wd-image-magnifier-xoss wd-image-magnifier-xoss allows DOM-Based XSS.This issue affects Wd-image-magnifier-xoss: from n/a through <= 1.0.
CVE-2024-51838	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in smajda Pull This pull-this allows DOM-Based XSS.This issue affects Pull This: from n/a through <= 1.1.
CVE-2024-51836	1 Wordpress	1 Wordpress	2026-04-23	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in teconce Wezido wezido-elementor-addon-based-on-easy-digital-downloads allows DOM-Based XSS.This issue affects Wezido: from n/a through <= 1.2.

« first previous Page 288 of 600. next last »